Add ability to approve an IP address

2025-08-08 04:48:44 +00:00 · 2021-12-13 15:59:33 -05:00 · 2021-12-13 15:59:33 -05:00 · 6cc8061775
commit 6cc8061775
parent 436ef8b17e
3 changed files with 19 additions and 34 deletions
--- a/ProjectLighthouse/Controllers/LoginController.cs
+++ b/ProjectLighthouse/Controllers/LoginController.cs
@ -1,4 +1,5 @@
 #nullable enable
+using System.Collections.Generic;
 using System.IO;
 using System.Linq;
 using System.Net;
@ -48,16 +49,8 @@ namespace LBPUnion.ProjectLighthouse.Controllers

            string ipAddress = remoteIpAddress.ToString();

-            // Get an existing token from the IP & username
-            GameToken? token = await this.database.GameTokens.Include
-                    (t => t.User)
-                .FirstOrDefaultAsync(t => t.UserLocation == ipAddress && t.User.Username == loginData.Username && !t.Used);
-
-            if (token == null) // If we cant find an existing token, try to generate a new one
-            {
-                token = await this.database.AuthenticateUser(loginData, ipAddress, titleId);
-                if (token == null) return this.StatusCode(403, ""); // If not, then 403.
-            }
+            GameToken? token = await this.database.AuthenticateUser(loginData, ipAddress, titleId);
+            if (token == null) return this.StatusCode(403, "");

            User? user = await this.database.UserFromGameToken(token, true);
            if (user == null) return this.StatusCode(403, "");
@ -79,10 +72,10 @@ namespace LBPUnion.ProjectLighthouse.Controllers
                    }
                }

-                if (this.database.UserApprovedIpAddresses.Where(a => a.UserId == user.UserId).Select(a => a.IpAddress).Contains(ipAddress))
-                {
-                    token.Approved = true;
-                }
+                List<UserApprovedIpAddress> approvedIpAddresses = await this.database.UserApprovedIpAddresses.Where(a => a.UserId == user.UserId).ToListAsync();
+                bool ipAddressApproved = approvedIpAddresses.Select(a => a.IpAddress).Contains(ipAddress);
+
+                if (ipAddressApproved) token.Approved = true;
                else
                {
                    AuthenticationAttempt authAttempt = new()
--- a/ProjectLighthouse/Controllers/MessageController.cs
+++ b/ProjectLighthouse/Controllers/MessageController.cs
@ -34,10 +34,6 @@ namespace LBPUnion.ProjectLighthouse.Controllers
        [HttpGet("announce")]
        public async Task<IActionResult> Announce()
        {
-            #if !DEBUG
-            User? user = await this.database.UserFromGameRequest(this.Request);
-            if (user == null) return this.StatusCode(403, "");
-            #else
            (User, GameToken)? userAndToken = await this.database.UserAndGameTokenFromRequest(this.Request);

            if (userAndToken == null) return this.StatusCode(403, "");
@ -45,12 +41,21 @@ namespace LBPUnion.ProjectLighthouse.Controllers
            // ReSharper disable once PossibleInvalidOperationException
            User user = userAndToken.Value.Item1;
            GameToken gameToken = userAndToken.Value.Item2;
-            #endif
+
+            if (ServerSettings.Instance.UseExternalAuth && !gameToken.Approved)
+                return this.Ok
+                (
+                    "Please stay on this screen.\n" +
+                    $"Before continuing, you must approve this session at {ServerSettings.Instance.ExternalUrl}.\n" +
+                    "Please keep in mind that if the session is denied you may have to wait up to 5-10 minutes to try logging in again.\n" +
+                    "Once approved, you may press X and continue.\n\n" +
+                    ServerSettings.Instance.EulaText
+                );

            return this.Ok
            (
                $"You are now logged in as {user.Username}.\n\n" +
-                #if DEBUG
+#if DEBUG
                "---DEBUG INFO---\n" +
                $"user.UserId: {user.UserId}\n" +
                $"token.Approved: {gameToken.Approved}\n" +
@ -58,7 +63,7 @@ namespace LBPUnion.ProjectLighthouse.Controllers
                $"token.UserLocation: {gameToken.UserLocation}\n" +
                $"token.GameVersion: {gameToken.GameVersion}\n" +
                "---DEBUG INFO---\n\n" +
-                #endif
+#endif
                ServerSettings.Instance.EulaText
            );
        }
--- a/ProjectLighthouse/Pages/ExternalAuth/AuthenticationPage.cshtml
+++ b/ProjectLighthouse/Pages/ExternalAuth/AuthenticationPage.cshtml
@ -18,19 +18,6 @@ else
    {
        <p>This device's IP address is <b>@(Model.IpAddress.ToString())</b>. If this matches with an authentication attempt below, then it's safe to assume the authentication attempt came from the same network as this device.</p>
    }
-
-    <a href="/authentication/autoApprovals">
-        <button class="ui small blue button">
-            <i class="cog icon"></i>
-            <span>Manage automatically approved IP addresses</span>
-        </button>
-    </a>
-    <a href="/authentication/denyAll">
-        <button class="ui small red button">
-            <i class="x icon"></i>
-            <span>Deny all</span>
-        </button>
-    </a>
 }

 <a href="/authentication/autoApprovals">