From ea6af58aa0ddc2c4f75fffa8ee869fcf2b7e1744 Mon Sep 17 00:00:00 2001 From: jvyden Date: Mon, 13 Dec 2021 20:10:17 -0500 Subject: [PATCH] Redo login process --- .../Controllers/LoginController.cs | 23 +++++++++++-------- .../Controllers/MessageController.cs | 19 ++------------- 2 files changed, 16 insertions(+), 26 deletions(-) diff --git a/ProjectLighthouse/Controllers/LoginController.cs b/ProjectLighthouse/Controllers/LoginController.cs index af659692..85c04ef5 100644 --- a/ProjectLighthouse/Controllers/LoginController.cs +++ b/ProjectLighthouse/Controllers/LoginController.cs @@ -1,5 +1,4 @@ #nullable enable -using System.Collections.Generic; using System.IO; using System.Linq; using System.Net; @@ -49,8 +48,16 @@ namespace LBPUnion.ProjectLighthouse.Controllers string ipAddress = remoteIpAddress.ToString(); - GameToken? token = await this.database.AuthenticateUser(loginData, ipAddress, titleId); - if (token == null) return this.StatusCode(403, ""); + // Get an existing token from the IP & username + GameToken? token = await this.database.GameTokens.Include + (t => t.User) + .FirstOrDefaultAsync(t => t.UserLocation == ipAddress && t.User.Username == loginData.Username && t.Approved && !t.Used); + + if (token == null) // If we cant find an existing token, try to generate a new one + { + token = await this.database.AuthenticateUser(loginData, ipAddress, titleId); + if (token == null) return this.StatusCode(403, ""); // If not, then 403. + } User? user = await this.database.UserFromGameToken(token, true); if (user == null) return this.StatusCode(403, ""); @@ -72,10 +79,10 @@ namespace LBPUnion.ProjectLighthouse.Controllers } } - List approvedIpAddresses = await this.database.UserApprovedIpAddresses.Where(a => a.UserId == user.UserId).ToListAsync(); - bool ipAddressApproved = approvedIpAddresses.Select(a => a.IpAddress).Contains(ipAddress); - - if (ipAddressApproved) token.Approved = true; + if (this.database.UserApprovedIpAddresses.Where + (a => a.UserId == user.UserId) + .Select(a => a.IpAddress) + .Contains(ipAddress)) token.Approved = true; else { AuthenticationAttempt authAttempt = new() @@ -99,8 +106,6 @@ namespace LBPUnion.ProjectLighthouse.Controllers if (!token.Approved) return this.StatusCode(403, ""); - Logger.Log($"Successfully logged in user {user.Username} as {token.GameVersion} client ({titleId})", LoggerLevelLogin.Instance); - Logger.Log($"Successfully logged in user {user.Username} as {token.GameVersion} client ({titleId})", LoggerLevelLogin.Instance); // After this point we are now considering this session as logged in. diff --git a/ProjectLighthouse/Controllers/MessageController.cs b/ProjectLighthouse/Controllers/MessageController.cs index 77507dc2..c6c55721 100644 --- a/ProjectLighthouse/Controllers/MessageController.cs +++ b/ProjectLighthouse/Controllers/MessageController.cs @@ -34,23 +34,8 @@ namespace LBPUnion.ProjectLighthouse.Controllers [HttpGet("announce")] public async Task Announce() { - (User, GameToken)? userAndToken = await this.database.UserAndGameTokenFromRequest(this.Request); - - if (userAndToken == null) return this.StatusCode(403, ""); - - // ReSharper disable once PossibleInvalidOperationException - User user = userAndToken.Value.Item1; - GameToken gameToken = userAndToken.Value.Item2; - - if (ServerSettings.Instance.UseExternalAuth && !gameToken.Approved) - return this.Ok - ( - "Please stay on this screen.\n" + - $"Before continuing, you must approve this session at {ServerSettings.Instance.ExternalUrl}.\n" + - "Please keep in mind that if the session is denied you may have to wait up to 5-10 minutes to try logging in again.\n" + - "Once approved, you may press X and continue.\n\n" + - ServerSettings.Instance.EulaText - ); + User? user = await this.database.UserFromGameRequest(this.Request); + if (user == null) return this.StatusCode(403, ""); return this.Ok (