Union/ProjectLighthouse
1
0
Fork 0
mirror of https://github.com/LBPUnion/ProjectLighthouse.git synced 2025-08-04 10:58:38 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Reject web logins when banned

Browse source
This commit is contained in:
jvyden 2021-12-19 22:35:29 -05:00
commit 2ca80bf8fd
No known key found for this signature in database
GPG key ID: 18BCF2BE0262B278
2 changed files with 12 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
ProjectLighthouse/Pages/LoginForm.cshtml
View file

@ -24,7 +24,7 @@
<div class="header">
Uh oh!
</div>
<p>@Model.Error</p>
<p style="white-space: pre-line">@Model.Error</p>
</div>
}

11
ProjectLighthouse/Pages/LoginForm.cshtml.cs
View file

@ -1,7 +1,9 @@
#nullable enable
using System.Threading.Tasks;
using JetBrains.Annotations;
using Kettu;
using LBPUnion.ProjectLighthouse.Helpers;
using LBPUnion.ProjectLighthouse.Logging;
using LBPUnion.ProjectLighthouse.Pages.Layouts;
using LBPUnion.ProjectLighthouse.Types;
using Microsoft.AspNetCore.Mvc;
@ -36,16 +38,25 @@ namespace LBPUnion.ProjectLighthouse.Pages
User? user = await this.Database.Users.FirstOrDefaultAsync(u => u.Username == username);
if (user == null)
{
Logger.Log($"User {username} failed to login on web due to invalid username", LoggerLevelLogin.Instance);
this.Error = "The username or password you entered is invalid.";
return this.Page();
}
if (!BCrypt.Net.BCrypt.Verify(password, user.Password))
{
Logger.Log($"User {user.Username} (id: {user.UserId}) failed to login on web due to invalid password", LoggerLevelLogin.Instance);
this.Error = "The username or password you entered is invalid.";
return this.Page();
}
if (user.Banned)
{
Logger.Log($"User {user.Username} (id: {user.UserId}) failed to login on web due to being banned", LoggerLevelLogin.Instance);
this.Error = "You have been banned. Please contact an administrator for more information.\nReason: " + user.BannedReason;
return this.Page();
}
WebToken webToken = new()
{
UserId = user.UserId,