Redo login process

This commit is contained in:
jvyden 2021-12-13 20:10:17 -05:00 committed by LumaLivy
commit ea6af58aa0
2 changed files with 16 additions and 26 deletions

View file

@ -1,5 +1,4 @@
#nullable enable
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
@ -49,8 +48,16 @@ namespace LBPUnion.ProjectLighthouse.Controllers
string ipAddress = remoteIpAddress.ToString();
GameToken? token = await this.database.AuthenticateUser(loginData, ipAddress, titleId);
if (token == null) return this.StatusCode(403, "");
// Get an existing token from the IP & username
GameToken? token = await this.database.GameTokens.Include
(t => t.User)
.FirstOrDefaultAsync(t => t.UserLocation == ipAddress && t.User.Username == loginData.Username && t.Approved && !t.Used);
if (token == null) // If we cant find an existing token, try to generate a new one
{
token = await this.database.AuthenticateUser(loginData, ipAddress, titleId);
if (token == null) return this.StatusCode(403, ""); // If not, then 403.
}
User? user = await this.database.UserFromGameToken(token, true);
if (user == null) return this.StatusCode(403, "");
@ -72,10 +79,10 @@ namespace LBPUnion.ProjectLighthouse.Controllers
}
}
List<UserApprovedIpAddress> approvedIpAddresses = await this.database.UserApprovedIpAddresses.Where(a => a.UserId == user.UserId).ToListAsync();
bool ipAddressApproved = approvedIpAddresses.Select(a => a.IpAddress).Contains(ipAddress);
if (ipAddressApproved) token.Approved = true;
if (this.database.UserApprovedIpAddresses.Where
(a => a.UserId == user.UserId)
.Select(a => a.IpAddress)
.Contains(ipAddress)) token.Approved = true;
else
{
AuthenticationAttempt authAttempt = new()
@ -99,8 +106,6 @@ namespace LBPUnion.ProjectLighthouse.Controllers
if (!token.Approved) return this.StatusCode(403, "");
Logger.Log($"Successfully logged in user {user.Username} as {token.GameVersion} client ({titleId})", LoggerLevelLogin.Instance);
Logger.Log($"Successfully logged in user {user.Username} as {token.GameVersion} client ({titleId})", LoggerLevelLogin.Instance);
// After this point we are now considering this session as logged in.

View file

@ -34,23 +34,8 @@ namespace LBPUnion.ProjectLighthouse.Controllers
[HttpGet("announce")]
public async Task<IActionResult> Announce()
{
(User, GameToken)? userAndToken = await this.database.UserAndGameTokenFromRequest(this.Request);
if (userAndToken == null) return this.StatusCode(403, "");
// ReSharper disable once PossibleInvalidOperationException
User user = userAndToken.Value.Item1;
GameToken gameToken = userAndToken.Value.Item2;
if (ServerSettings.Instance.UseExternalAuth && !gameToken.Approved)
return this.Ok
(
"Please stay on this screen.\n" +
$"Before continuing, you must approve this session at {ServerSettings.Instance.ExternalUrl}.\n" +
"Please keep in mind that if the session is denied you may have to wait up to 5-10 minutes to try logging in again.\n" +
"Once approved, you may press X and continue.\n\n" +
ServerSettings.Instance.EulaText
);
User? user = await this.database.UserFromGameRequest(this.Request);
if (user == null) return this.StatusCode(403, "");
return this.Ok
(