Rework login and registration systems (#600)

* Initial work for verifying login ticket signatures * Add candidate psn public key * Add candidate psn public key and fix nuget packages * Finalize npticket changes * Add support for ticket version 3.0 * Rework login system to link platform accounts instead of using ip addresses * Make linked accounts green instead of blue * Fix api building * Fix unit tests * Actually fix unit tests * Set unit test user's linked platform * Why was this the wrong default value? * Fix username change code * Make TicketHash hash the entire ticket instead of just the serial * Send password setup email when user sets their email for the first time * Changes from self review
2025-05-28 19:52:27 +00:00 · 2022-12-26 03:03:14 -06:00 · 2022-12-26 03:03:14 -06:00 · 19ea44e0e2
commit 19ea44e0e2
parent ff7969a147
37 changed files with 836 additions and 449 deletions
--- a/ProjectLighthouse.Servers.Website/Controllers/ExternalAuth/AuthenticationController.cs
+++ b/ProjectLighthouse.Servers.Website/Controllers/ExternalAuth/AuthenticationController.cs
@ -1,7 +1,7 @@
 #nullable enable
+using LBPUnion.ProjectLighthouse.Extensions;
 using LBPUnion.ProjectLighthouse.PlayerData;
 using LBPUnion.ProjectLighthouse.PlayerData.Profiles;
-using LBPUnion.ProjectLighthouse.Types;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;

@ -18,21 +18,54 @@ public class AuthenticationController : ControllerBase
        this.database = database;
    }

+    [HttpGet("unlink/{platform}")]
+    public async Task<IActionResult> UnlinkPlatform(string platform)
+    {
+        User? user = this.database.UserFromWebRequest(this.Request);
+        if (user == null) return this.Redirect("~/login");
+
+        Platform[] invalidTokens;
+
+        if (platform == "psn")
+        {
+            user.LinkedPsnId = 0;
+            invalidTokens = new[] { Platform.PS3, Platform.Vita, };
+        }
+        else
+        {
+            user.LinkedRpcnId = 0;
+            invalidTokens = new[] { Platform.RPCS3, };
+        }
+
+        this.database.GameTokens.RemoveWhere(t => t.UserId == user.UserId && invalidTokens.Contains(t.Platform));
+
+        await this.database.SaveChangesAsync();
+
+        return this.Redirect("~/authentication");
+    }
+
    [HttpGet("approve/{id:int}")]
    public async Task<IActionResult> Approve(int id)
    {
        User? user = this.database.UserFromWebRequest(this.Request);
        if (user == null) return this.Redirect("/login");

-        AuthenticationAttempt? authAttempt = await this.database.AuthenticationAttempts.Include
-                (a => a.GameToken)
-            .FirstOrDefaultAsync(a => a.AuthenticationAttemptId == id);
-        if (authAttempt == null) return this.NotFound();
+        PlatformLinkAttempt? linkAttempt = await this.database.PlatformLinkAttempts
+            .FirstOrDefaultAsync(l => l.PlatformLinkAttemptId == id);
+        if (linkAttempt == null) return this.NotFound();

-        if (authAttempt.GameToken.UserId != user.UserId) return this.StatusCode(403, "");
+        if (linkAttempt.UserId != user.UserId) return this.NotFound();

-        authAttempt.GameToken.Approved = true;
-        this.database.AuthenticationAttempts.Remove(authAttempt);
+        if (linkAttempt.Platform == Platform.RPCS3)
+        {
+            user.LinkedRpcnId = linkAttempt.PlatformId;
+        }
+        else
+        {
+            user.LinkedPsnId = linkAttempt.PlatformId;
+        }
+
+        this.database.PlatformLinkAttempts.Remove(linkAttempt);

        await this.database.SaveChangesAsync();

@ -45,37 +78,13 @@ public class AuthenticationController : ControllerBase
        User? user = this.database.UserFromWebRequest(this.Request);
        if (user == null) return this.Redirect("/login");

-        AuthenticationAttempt? authAttempt = await this.database.AuthenticationAttempts.Include
-                (a => a.GameToken)
-            .FirstOrDefaultAsync(a => a.AuthenticationAttemptId == id);
-        if (authAttempt == null) return this.NotFound();
+        PlatformLinkAttempt? linkAttempt = await this.database.PlatformLinkAttempts
+            .FirstOrDefaultAsync(l => l.PlatformLinkAttemptId == id);
+        if (linkAttempt == null) return this.NotFound();

-        if (authAttempt.GameToken.UserId != user.UserId) return this.StatusCode(403, "");
+        if (linkAttempt.UserId != user.UserId) return this.NotFound();

-        this.database.GameTokens.Remove(authAttempt.GameToken);
-        this.database.AuthenticationAttempts.Remove(authAttempt);
-
-        await this.database.SaveChangesAsync();
-
-        return this.Redirect("~/authentication");
-    }
-
-    [HttpGet("denyAll")]
-    public async Task<IActionResult> DenyAll()
-    {
-        User? user = this.database.UserFromWebRequest(this.Request);
-        if (user == null) return this.Redirect("/login");
-
-        List<AuthenticationAttempt> authAttempts = await this.database.AuthenticationAttempts.Include
-                (a => a.GameToken)
-            .Where(a => a.GameToken.UserId == user.UserId)
-            .ToListAsync();
-
-        foreach (AuthenticationAttempt authAttempt in authAttempts)
-        {
-            this.database.GameTokens.Remove(authAttempt.GameToken);
-            this.database.AuthenticationAttempts.Remove(authAttempt);
-        }
+        this.database.PlatformLinkAttempts.Remove(linkAttempt);

        await this.database.SaveChangesAsync();