|
|
@ -1,5 +1,6 @@ |
|
|
|
using System; |
|
|
|
using System; |
|
|
|
using System.IO; |
|
|
|
using System.Net; |
|
|
|
|
|
|
|
using System.Net.Mail; |
|
|
|
using System.Collections.Generic; |
|
|
|
using System.Collections.Generic; |
|
|
|
using MySql.Data.MySqlClient; |
|
|
|
using MySql.Data.MySqlClient; |
|
|
|
using Microsoft.AspNetCore.Mvc.RazorPages; |
|
|
|
using Microsoft.AspNetCore.Mvc.RazorPages; |
|
|
@ -91,38 +92,136 @@ namespace NightmareCoreWeb2.Pages |
|
|
|
|
|
|
|
|
|
|
|
public void OnPostActivateAccount() |
|
|
|
public void OnPostActivateAccount() |
|
|
|
{ |
|
|
|
{ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
conn.Open(); |
|
|
|
|
|
|
|
bool valid = false; |
|
|
|
ActivateEmail = Request.Form["ActivateEmail"]; |
|
|
|
ActivateEmail = Request.Form["ActivateEmail"]; |
|
|
|
|
|
|
|
string Username = ActivateEmail.Substring(0, ActivateEmail.IndexOf("@")); |
|
|
|
ActivatePassword = Request.Form["ActivatePassword"]; |
|
|
|
ActivatePassword = Request.Form["ActivatePassword"]; |
|
|
|
ActivateToken = Request.Form["ActivateToken"]; |
|
|
|
ActivateToken = Request.Form["ActivateToken"]; |
|
|
|
|
|
|
|
string sql = "SELECT token from tokens.active_tokens where email=@email"; |
|
|
|
|
|
|
|
MySqlCommand cmd = new MySqlCommand(sql, conn); |
|
|
|
|
|
|
|
cmd.Parameters.AddWithValue("email", ActivateEmail); |
|
|
|
|
|
|
|
MySqlDataReader rdr = cmd.ExecuteReader(); |
|
|
|
|
|
|
|
while (rdr.Read()) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
if (ActivateToken.Equals(rdr.GetString(0))) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
valid = true; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
conn.Close(); |
|
|
|
|
|
|
|
if (valid) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
conn.Open(); |
|
|
|
|
|
|
|
byte[] salt = new byte[32]; |
|
|
|
|
|
|
|
byte[] verifier = new byte[32]; |
|
|
|
|
|
|
|
(salt, verifier) = Framework.Cryptography.SRP6.MakeRegistrationData(Username, ActivatePassword); |
|
|
|
|
|
|
|
sql = "INSERT INTO auth.account (username,salt,verifier,email) VALUES (@username,@salt,@verifier,@email)"; |
|
|
|
|
|
|
|
cmd = new MySqlCommand(sql, conn); |
|
|
|
|
|
|
|
cmd.Parameters.AddWithValue("email", ActivateEmail); |
|
|
|
|
|
|
|
cmd.Parameters.AddWithValue("username", Username); |
|
|
|
|
|
|
|
cmd.Parameters.AddWithValue("salt", salt); |
|
|
|
|
|
|
|
cmd.Parameters.AddWithValue("verifier", verifier); |
|
|
|
|
|
|
|
cmd.ExecuteNonQuery(); |
|
|
|
|
|
|
|
conn.Close(); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
public void OnPostRequestToken() |
|
|
|
public void OnPostRequestToken() |
|
|
|
{ |
|
|
|
{ |
|
|
|
RequestTokenEmail = Request.Form["RequestTokenEmail"]; |
|
|
|
RequestTokenEmail = Request.Form["RequestTokenEmail"]; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
string Username = RequestTokenEmail.Substring(0, RequestTokenEmail.IndexOf("@")); |
|
|
|
|
|
|
|
string UserDomain = RequestTokenEmail.Substring(RequestTokenEmail.IndexOf("@")); |
|
|
|
|
|
|
|
bool valid = false; |
|
|
|
|
|
|
|
foreach (string s in Program.AllowedDomains) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
if (UserDomain.Contains(s)) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
valid = true; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
if (!valid) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
Console.WriteLine($"Invalid Email {RequestTokenEmail}"); |
|
|
|
|
|
|
|
return; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
try |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
Account a = new Account(Username); |
|
|
|
|
|
|
|
AccountAccess access = a.Access[0]; |
|
|
|
|
|
|
|
Console.WriteLine($"Account already exists {Username}"); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
catch (Exception) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
conn.Open(); |
|
|
|
|
|
|
|
string sql = "INSERT INTO tokens.active_tokens (email,token) VALUES (@email,@token)"; |
|
|
|
|
|
|
|
MySqlCommand cmd = new MySqlCommand(sql, conn); |
|
|
|
|
|
|
|
cmd.Parameters.AddWithValue("email", RequestTokenEmail); |
|
|
|
|
|
|
|
var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; |
|
|
|
|
|
|
|
var stringChars = new char[13]; |
|
|
|
|
|
|
|
var random = new Random(); |
|
|
|
|
|
|
|
|
|
|
|
public bool RequestToken() |
|
|
|
for (int i = 0; i < stringChars.Length; i++) |
|
|
|
{ |
|
|
|
{ |
|
|
|
return false; |
|
|
|
stringChars[i] = chars[random.Next(chars.Length)]; |
|
|
|
} |
|
|
|
} |
|
|
|
public bool CreateAccount() |
|
|
|
|
|
|
|
|
|
|
|
var finalString = new String(stringChars); |
|
|
|
|
|
|
|
cmd.Parameters.AddWithValue("token", $"token_{finalString}"); |
|
|
|
|
|
|
|
cmd.ExecuteNonQuery(); |
|
|
|
|
|
|
|
using (SmtpClient smtpClient = new SmtpClient()) |
|
|
|
{ |
|
|
|
{ |
|
|
|
return false; |
|
|
|
var basicCredential = new NetworkCredential($"{Program.EmailAddress}{Program.EmailDomain}", Program.EmailPass); |
|
|
|
|
|
|
|
using (MailMessage message = new MailMessage()) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
MailAddress fromAddress = new MailAddress($"{Program.EmailAddress}{Program.EmailDomain}"); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
smtpClient.Host = Program.EmailHost; |
|
|
|
|
|
|
|
smtpClient.UseDefaultCredentials = false; |
|
|
|
|
|
|
|
smtpClient.Credentials = basicCredential; |
|
|
|
|
|
|
|
smtpClient.Port = 587; |
|
|
|
|
|
|
|
smtpClient.EnableSsl = true; |
|
|
|
|
|
|
|
message.From = fromAddress; |
|
|
|
|
|
|
|
message.Subject = "WoTDN Auth Token"; |
|
|
|
|
|
|
|
message.IsBodyHtml = false; |
|
|
|
|
|
|
|
message.Body = $"WoTDN Auth Token for Account {Username}: token_{finalString}"; |
|
|
|
|
|
|
|
message.To.Add(RequestTokenEmail); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
try |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
smtpClient.Send(message); |
|
|
|
} |
|
|
|
} |
|
|
|
public bool IsTokenValid(string username, string token) |
|
|
|
catch (Exception ex) |
|
|
|
{ |
|
|
|
{ |
|
|
|
return false; |
|
|
|
Console.WriteLine("Unable to send message."); |
|
|
|
|
|
|
|
//Error, could not send the message
|
|
|
|
|
|
|
|
Console.WriteLine(ex.Message); |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
conn.Close(); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public ActionResult OnGetAlert() { |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public ActionResult OnGetAlert() |
|
|
|
|
|
|
|
{ |
|
|
|
string ret = "SERVERALERT:\n\n<html><body>\n"; |
|
|
|
string ret = "SERVERALERT:\n\n<html><body>\n"; |
|
|
|
if (this.OnlineCharacters.Count > 0) { |
|
|
|
if (this.OnlineCharacters.Count > 0) |
|
|
|
|
|
|
|
{ |
|
|
|
ret += "<br/><h1 align=\"center\">Online Players</h1>\n"; |
|
|
|
ret += "<br/><h1 align=\"center\">Online Players</h1>\n"; |
|
|
|
foreach (Character c in OnlineCharacters) { |
|
|
|
foreach (Character c in OnlineCharacters) |
|
|
|
|
|
|
|
{ |
|
|
|
ret += $"<p> <a href=\"https://wotdn.nightmare.haus/?handler=Account&name={c.Username}\">{c.Username}</a>: Level {c.Level} {c.GetRace()} {c.GetClass()}, {c.Name}</p>";
|
|
|
|
ret += $"<p> <a href=\"https://wotdn.nightmare.haus/?handler=Account&name={c.Username}\">{c.Username}</a>: Level {c.Level} {c.GetRace()} {c.GetClass()}, {c.Name}</p>";
|
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if (System.IO.File.Exists("announce.html")) { |
|
|
|
if (System.IO.File.Exists("announce.html")) |
|
|
|
|
|
|
|
{ |
|
|
|
ret += "<br/>"; |
|
|
|
ret += "<br/>"; |
|
|
|
ret += System.IO.File.ReadAllText("announce.html"); |
|
|
|
ret += System.IO.File.ReadAllText("announce.html"); |
|
|
|
} |
|
|
|
} |
|
|
|