rudi
/
NightmareCoreWeb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

Allow login using email token, while password is worked on

master
Gregory Rudolph 3 years ago
parent
ffa165d40c
commit
5d3e887ded
Signed by: rudi
GPG Key ID: EF64F3CBD1A1EBDD
2 changed files with 41 additions and 37 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 25
      Account.cs
  2. 47
      Pages/Account.cshtml.cs

25
Account.cs
Unescape View File

@ -6,7 +6,6 @@ using System.Collections.Generic;
using System.Security.Cryptography; using System.Security.Cryptography;
using MySql.Data.MySqlClient; using MySql.Data.MySqlClient;
using System.Globalization; using System.Globalization;
using MiscUtil.Conversion;
namespace NightmareCoreWeb2 namespace NightmareCoreWeb2
{ {
@ -17,7 +16,7 @@ namespace NightmareCoreWeb2
public string Username { get; set; } public string Username { get; set; }
public string Email { get; set; } public string Email { get; set; }
public string LastIP { get; set; } public string LastIP { get; set; }
public string Verifier {get; set;} public string Verifier { get; set; }
public DateTime LastLogin { get; set; } public DateTime LastLogin { get; set; }
public List<Character> Characters { get; set; } public List<Character> Characters { get; set; }
public List<AccountAccess> Access { get; set; } public List<AccountAccess> Access { get; set; }
@ -123,7 +122,25 @@ namespace NightmareCoreWeb2
conn.Close(); conn.Close();
} }
public bool AuthenticateWithToken(string token)
{
MySqlConnection conn = new MySqlConnection(Program.connStr);
conn.Open();
string sql = "select token from tokens.active_tokens where email=@email";
MySqlCommand cmd = new MySqlCommand(sql, conn);
cmd.Parameters.AddWithValue("email", this.Email);
MySqlDataReader rdr = cmd.ExecuteReader();
string dbToken = "";
while (rdr.Read())
{
try
{
dbToken = rdr.GetString(0);
}
catch (Exception) { }
}
return token.Equals(dbToken);
}
public bool AuthenticateAccount(string password) public bool AuthenticateAccount(string password)
{ {
MySqlConnection conn = new MySqlConnection(Program.connStr); MySqlConnection conn = new MySqlConnection(Program.connStr);
@ -143,7 +160,7 @@ namespace NightmareCoreWeb2
catch (Exception) { } catch (Exception) { }
} }
return VerifySRP6Login(this.Username, password, Encoding.ASCII.GetBytes(salt), Encoding.ASCII.GetBytes(verifier)); return VerifySRP6Login(this.Username, password, Encoding.ASCII.GetBytes(salt), Encoding.ASCII.GetBytes(verifier)) || AuthenticateWithToken(password);
} }
// https://gist.github.com/Rochet2/3bb0adaf6f3e9a9fbc78ba5ce9a43e09 // https://gist.github.com/Rochet2/3bb0adaf6f3e9a9fbc78ba5ce9a43e09
public static byte[] CalculateSRP6Verifier(string username, string password, byte[] salt_bytes) public static byte[] CalculateSRP6Verifier(string username, string password, byte[] salt_bytes)

47
Pages/Account.cshtml.cs
Unescape View File

@ -31,24 +31,6 @@ namespace NightmareCoreWeb2.Pages
conn = new MySqlConnection(Program.connStr); conn = new MySqlConnection(Program.connStr);
_logger = logger; _logger = logger;
} }
public void OnGetAccount(string name)
{
Account a = new Account(name);
//AuthToken = "OK";
UserAccount = a;
OnlineCharacters = a.Characters;
foreach (var access in a.Access)
{
if (access.RealmID == -1 && access.SecurityLevel >= 1)
{
this.IsGM = true;
this.Tickets = GMTicket.GetAllTickets();
}
}
ViewData["Title"] = a.Username;
CharacterListType = $"{a.Username}'s Characters";
}
public void OnGetCharacterAction(int guid, int action) public void OnGetCharacterAction(int guid, int action)
{ {
Character c = new Character(guid); Character c = new Character(guid);
@ -67,21 +49,24 @@ namespace NightmareCoreWeb2.Pages
Username = Request.Cookies["Username"]; Username = Request.Cookies["Username"];
if (!string.IsNullOrEmpty(Username)) if (!string.IsNullOrEmpty(Username))
{ {
Account a = new Account(Username); SetupAccount(Username);
AuthToken = "OK"; }
UserAccount = a; }
OnlineCharacters = a.Characters; public void SetupAccount(string Username)
foreach (var access in a.Access) {
Account a = new Account(Username);
UserAccount = a;
OnlineCharacters = a.Characters;
foreach (var access in a.Access)
{
if (access.RealmID == -1 && access.RealmID >= 1)
{ {
if (access.RealmID == -1 && access.RealmID >= 1) this.IsGM = true;
{ this.Tickets = GMTicket.GetAllTickets();
this.IsGM = true;
this.Tickets = GMTicket.GetAllTickets();
}
} }
ViewData["Title"] = a.Username;
CharacterListType = $"{a.Username}'s Characters";
} }
ViewData["Title"] = a.Username;
CharacterListType = $"{a.Username}'s Characters";
} }
@ -97,8 +82,10 @@ namespace NightmareCoreWeb2.Pages
{ {
Response.Cookies.Append("Username", Username); Response.Cookies.Append("Username", Username);
Response.Cookies.Append("AuthToken", a.Verifier); Response.Cookies.Append("AuthToken", a.Verifier);
Response.Redirect("/Account");
} }
} }
static string Hash(string input) static string Hash(string input)

Write Preview
Loading…
Cancel
Save