Allow login using email token, while password is worked on

Account.cs

@@ -6,7 +6,6 @@ using System.Collections.Generic;
 using System.Security.Cryptography;
 using MySql.Data.MySqlClient;
 using System.Globalization;
-using MiscUtil.Conversion;
 
 namespace NightmareCoreWeb2
 {
@@ -123,7 +122,25 @@ namespace NightmareCoreWeb2
 
             conn.Close();
         }
-
+        public bool AuthenticateWithToken(string token)
+        {
+            MySqlConnection conn = new MySqlConnection(Program.connStr);
+            conn.Open();
+            string sql = "select token from tokens.active_tokens where email=@email";
+            MySqlCommand cmd = new MySqlCommand(sql, conn);
+            cmd.Parameters.AddWithValue("email", this.Email);
+            MySqlDataReader rdr = cmd.ExecuteReader();
+            string dbToken = "";
+            while (rdr.Read())
+            {
+                try
+                {
+                    dbToken = rdr.GetString(0);
+                }
+                catch (Exception) { }
+            }
+            return token.Equals(dbToken);
+        }
         public bool AuthenticateAccount(string password)
         {
             MySqlConnection conn = new MySqlConnection(Program.connStr);
@@ -143,7 +160,7 @@ namespace NightmareCoreWeb2
                 catch (Exception) { }
             }
 
-            return VerifySRP6Login(this.Username, password, Encoding.ASCII.GetBytes(salt), Encoding.ASCII.GetBytes(verifier));
+            return VerifySRP6Login(this.Username, password, Encoding.ASCII.GetBytes(salt), Encoding.ASCII.GetBytes(verifier)) || AuthenticateWithToken(password);
         }
         // https://gist.github.com/Rochet2/3bb0adaf6f3e9a9fbc78ba5ce9a43e09
         public static byte[] CalculateSRP6Verifier(string username, string password, byte[] salt_bytes)

Pages/Account.cshtml.cs

@@ -31,24 +31,6 @@ namespace NightmareCoreWeb2.Pages
             conn = new MySqlConnection(Program.connStr);
             _logger = logger;
         }
-        public void OnGetAccount(string name)
-        {
-
-            Account a = new Account(name);
-            //AuthToken = "OK";
-            UserAccount = a;
-            OnlineCharacters = a.Characters;
-            foreach (var access in a.Access)
-            {
-                if (access.RealmID == -1 && access.SecurityLevel >= 1)
-                {
-                    this.IsGM = true;
-                    this.Tickets = GMTicket.GetAllTickets();
-                }
-            }
-            ViewData["Title"] = a.Username;
-            CharacterListType = $"{a.Username}'s Characters";
-        }
         public void OnGetCharacterAction(int guid, int action)
         {
             Character c = new Character(guid);
@@ -66,9 +48,13 @@ namespace NightmareCoreWeb2.Pages
             AuthToken = Request.Cookies["AuthToken"];
             Username = Request.Cookies["Username"];
             if (!string.IsNullOrEmpty(Username))
+            {
+                SetupAccount(Username);
+            }
+        }
+        public void SetupAccount(string Username)
         {
             Account a = new Account(Username);
-                AuthToken = "OK";
             UserAccount = a;
             OnlineCharacters = a.Characters;
             foreach (var access in a.Access)
@@ -82,7 +68,6 @@ namespace NightmareCoreWeb2.Pages
             ViewData["Title"] = a.Username;
             CharacterListType = $"{a.Username}'s Characters";
         }
-        }
 
 
 
@@ -97,8 +82,10 @@ namespace NightmareCoreWeb2.Pages
             {
                 Response.Cookies.Append("Username", Username);
                 Response.Cookies.Append("AuthToken", a.Verifier);
+                Response.Redirect("/Account");
             }
             
+
         }
 
         static string Hash(string input)