Union/ProjectLighthouse
1
0
Fork 0
mirror of https://github.com/LBPUnion/ProjectLighthouse.git synced 2025-08-01 09:48:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Track denied attempts, add deny all button

Browse source
This commit is contained in:
jvyden 2021-11-21 21:53:39 -05:00
commit 4017afe8c8
No known key found for this signature in database
GPG key ID: 18BCF2BE0262B278
4 changed files with 58 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

28
ProjectLighthouse/Controllers/ExternalAuth/AuthenticationController.cs
View file

@ -1,4 +1,6 @@
#nullable enable #nullable enable
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks; using System.Threading.Tasks;
using LBPUnion.ProjectLighthouse.Helpers; using LBPUnion.ProjectLighthouse.Helpers;
using LBPUnion.ProjectLighthouse.Types; using LBPUnion.ProjectLighthouse.Types;
@ -55,7 +57,31 @@ namespace LBPUnion.ProjectLighthouse.Controllers.ExternalAuth
this.database.GameTokens.Remove(authAttempt.GameToken); this.database.GameTokens.Remove(authAttempt.GameToken);
this.database.AuthenticationAttempts.Remove(authAttempt); this.database.AuthenticationAttempts.Remove(authAttempt);
DeniedAuthenticationHelper.Set($"{authAttempt.IPAddress}|{user.Username}"); DeniedAuthenticationHelper.SetDeniedAt($"{authAttempt.IPAddress}|{user.Username}");
await this.database.SaveChangesAsync();
return this.Redirect("~/authentication");
}
[HttpGet("denyAll")]
public async Task<IActionResult> DenyAll()
{
User? user = this.database.UserFromWebRequest(this.Request);
if (user == null) return this.Redirect("/login");
List<AuthenticationAttempt> authAttempts = await this.database.AuthenticationAttempts.Include
(a => a.GameToken)
.Where(a => a.GameToken.UserId == user.UserId)
.ToListAsync();
foreach (AuthenticationAttempt authAttempt in authAttempts)
{
this.database.GameTokens.Remove(authAttempt.GameToken);
this.database.AuthenticationAttempts.Remove(authAttempt);
DeniedAuthenticationHelper.SetDeniedAt($"{authAttempt.IPAddress}|{user.Username}");
}
await this.database.SaveChangesAsync(); await this.database.SaveChangesAsync();

14
ProjectLighthouse/Controllers/LoginController.cs
View file

@ -1,5 +1,6 @@
#nullable enable #nullable enable
using System.IO; using System.IO;
using System.Linq;
using System.Net; using System.Net;
using System.Threading.Tasks; using System.Threading.Tasks;
using Kettu; using Kettu;
@ -8,6 +9,7 @@ using LBPUnion.ProjectLighthouse.Logging;
using LBPUnion.ProjectLighthouse.Types; using LBPUnion.ProjectLighthouse.Types;
using LBPUnion.ProjectLighthouse.Types.Settings; using LBPUnion.ProjectLighthouse.Types.Settings;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
namespace LBPUnion.ProjectLighthouse.Controllers namespace LBPUnion.ProjectLighthouse.Controllers
{ {
@ -52,7 +54,17 @@ namespace LBPUnion.ProjectLighthouse.Controllers
User? user = await this.database.UserFromGameToken(token, true); User? user = await this.database.UserFromGameToken(token, true);
if (user == null) return this.StatusCode(403, ""); if (user == null) return this.StatusCode(403, "");
if (DeniedAuthenticationHelper.RecentlyDenied($"{token.UserLocation}|{user.Username}")) return this.StatusCode(403, ""); string ipAddressAndName = $"{token.UserLocation}|{user.Username}";
if (DeniedAuthenticationHelper.RecentlyDenied(ipAddressAndName) || DeniedAuthenticationHelper.GetAttempts(ipAddressAndName) > 5)
{
this.database.AuthenticationAttempts.RemoveRange
(this.database.AuthenticationAttempts.Include(a => a.GameToken).Where(a => a.GameToken.UserId == user.UserId));
DeniedAuthenticationHelper.AddAttempt(ipAddressAndName);
await this.database.SaveChangesAsync();
return this.StatusCode(403, "");
}
AuthenticationAttempt authAttempt = new() AuthenticationAttempt authAttempt = new()
{ {

16
ProjectLighthouse/Helpers/DeniedAuthenticationHelper.cs
View file

@ -5,8 +5,9 @@ namespace LBPUnion.ProjectLighthouse.Helpers
public static class DeniedAuthenticationHelper public static class DeniedAuthenticationHelper
{ {
public static readonly Dictionary<string, long> IPAddressAndNameDeniedAt = new(); public static readonly Dictionary<string, long> IPAddressAndNameDeniedAt = new();
public static readonly Dictionary<string, int> AttemptsByIPAddressAndName = new();
public static void Set(string ipAddressAndName, long timestamp = 0) public static void SetDeniedAt(string ipAddressAndName, long timestamp = 0)
{ {
if (timestamp == 0) timestamp = TimestampHelper.Timestamp; if (timestamp == 0) timestamp = TimestampHelper.Timestamp;
@ -20,5 +21,18 @@ namespace LBPUnion.ProjectLighthouse.Helpers
return TimestampHelper.Timestamp < timestamp + 60; return TimestampHelper.Timestamp < timestamp + 60;
} }
public static void AddAttempt(string ipAddressAndName)
{
if (AttemptsByIPAddressAndName.TryGetValue(ipAddressAndName, out int attempts)) AttemptsByIPAddressAndName.Remove(ipAddressAndName);
AttemptsByIPAddressAndName.Add(ipAddressAndName, attempts + 1);
}
public static int GetAttempts(string ipAddressAndName)
{
if (!AttemptsByIPAddressAndName.TryGetValue(ipAddressAndName, out int attempts)) return 0;
return attempts;
}
} }
} }

3
ProjectLighthouse/Pages/ExternalAuth/AuthenticationPage.cshtml
View file

@ -14,6 +14,9 @@
else else
{ {
<p>You have @Model.AuthenticationAttempts.Count authentication attempts pending.</p> <p>You have @Model.AuthenticationAttempts.Count authentication attempts pending.</p>
<a href="/authentication/denyAll">
<button class="ui small red button">Deny all</button>
</a>
} }
@foreach (AuthenticationAttempt authAttempt in Model.AuthenticationAttempts) @foreach (AuthenticationAttempt authAttempt in Model.AuthenticationAttempts)