rudi/NightmareCoreWeb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

It's finally working properly!

Browse Source
This commit is contained in:
Gregory Rudolph
2021-09-07 20:47:57 -04:00
parent 0e8650d4a8
commit c157a4d3d8
4 changed files with 141 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Account.cs
View File

@ -75,6 +75,7 @@ namespace NightmareCoreWeb2
cmd.Parameters.AddWithValue("id", this.Id);
rdr = cmd.ExecuteReader();
this.Characters = new List<Character>();
while (rdr.Read())
{
try

7
Config.cs
View File

@ -1,4 +1,5 @@
// MysqlConfig myDeserializedClass = JsonConvert.DeserializeObject<MysqlConfig>(myJsonResponse);
using System.Collections.Generic;
public class MysqlConfig
{
public string MysqlUsername { get; set; }
@ -6,5 +7,11 @@
public string MysqlPort { get; set; }
public string MysqlServer { get; set; }
public string MysqlDatabase { get; set; }
public string EmailAddress { get; set; }
public string EmailDomain { get; set; }
public string EmailHost { get; set; }
public string EmailPass { get; set; }
public List<string> AllowedDomains { get; set; }
}

139
Pages/Index.cshtml.cs
View File

@ -1,5 +1,6 @@
using System;
using System.IO;
using System.Net;
using System.Net.Mail;
using System.Collections.Generic;
using MySql.Data.MySqlClient;
using Microsoft.AspNetCore.Mvc.RazorPages;
@ -91,38 +92,136 @@ namespace NightmareCoreWeb2.Pages
public void OnPostActivateAccount()
{
conn.Open();
bool valid = false;
ActivateEmail = Request.Form["ActivateEmail"];
string Username = ActivateEmail.Substring(0, ActivateEmail.IndexOf("@"));
ActivatePassword = Request.Form["ActivatePassword"];
ActivateToken = Request.Form["ActivateToken"];
string sql = "SELECT token from tokens.active_tokens where email=@email";
MySqlCommand cmd = new MySqlCommand(sql, conn);
cmd.Parameters.AddWithValue("email", ActivateEmail);
MySqlDataReader rdr = cmd.ExecuteReader();
while (rdr.Read())
{
if (ActivateToken.Equals(rdr.GetString(0)))
{
valid = true;
}
}
conn.Close();
if (valid)
{
conn.Open();
byte[] salt = new byte[32];
byte[] verifier = new byte[32];
(salt, verifier) = Framework.Cryptography.SRP6.MakeRegistrationData(Username, ActivatePassword);
sql = "INSERT INTO auth.account (username,salt,verifier,email) VALUES (@username,@salt,@verifier,@email)";
cmd = new MySqlCommand(sql, conn);
cmd.Parameters.AddWithValue("email", ActivateEmail);
cmd.Parameters.AddWithValue("username", Username);
cmd.Parameters.AddWithValue("salt", salt);
cmd.Parameters.AddWithValue("verifier", verifier);
cmd.ExecuteNonQuery();
conn.Close();
}
}
public void OnPostRequestToken()
{
RequestTokenEmail = Request.Form["RequestTokenEmail"];
string Username = RequestTokenEmail.Substring(0, RequestTokenEmail.IndexOf("@"));
string UserDomain = RequestTokenEmail.Substring(RequestTokenEmail.IndexOf("@"));
bool valid = false;
foreach (string s in Program.AllowedDomains)
{
if (UserDomain.Contains(s))
{
valid = true;
}
}
if (!valid)
{
Console.WriteLine($"Invalid Email {RequestTokenEmail}");
return;
}
try
{
Account a = new Account(Username);
AccountAccess access = a.Access[0];
Console.WriteLine($"Account already exists {Username}");
}
catch (Exception)
{
conn.Open();
string sql = "INSERT INTO tokens.active_tokens (email,token) VALUES (@email,@token)";
MySqlCommand cmd = new MySqlCommand(sql, conn);
cmd.Parameters.AddWithValue("email", RequestTokenEmail);
var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
var stringChars = new char[13];
var random = new Random();
for (int i = 0; i < stringChars.Length; i++)
{
stringChars[i] = chars[random.Next(chars.Length)];
}
var finalString = new String(stringChars);
cmd.Parameters.AddWithValue("token", $"token_{finalString}");
cmd.ExecuteNonQuery();
using (SmtpClient smtpClient = new SmtpClient())
{
var basicCredential = new NetworkCredential($"{Program.EmailAddress}{Program.EmailDomain}", Program.EmailPass);
using (MailMessage message = new MailMessage())
{
MailAddress fromAddress = new MailAddress($"{Program.EmailAddress}{Program.EmailDomain}");
smtpClient.Host = Program.EmailHost;
smtpClient.UseDefaultCredentials = false;
smtpClient.Credentials = basicCredential;
smtpClient.Port = 587;
smtpClient.EnableSsl = true;
message.From = fromAddress;
message.Subject = "WoTDN Auth Token";
message.IsBodyHtml = false;
message.Body = $"WoTDN Auth Token for Account {Username}: token_{finalString}";
message.To.Add(RequestTokenEmail);
try
{
smtpClient.Send(message);
}
catch (Exception ex)
{
Console.WriteLine("Unable to send message.");
//Error, could not send the message
Console.WriteLine(ex.Message);
}
}
}
conn.Close();
}
}
public bool RequestToken()
public ActionResult OnGetAlert()
{
return false;
}
public bool CreateAccount()
{
return false;
}
public bool IsTokenValid(string username, string token)
{
return false;
}
public ActionResult OnGetAlert() {
string ret = "SERVERALERT:\n\n<html><body>\n";
if (this.OnlineCharacters.Count > 0) {
ret += "<br/><h1 align=\"center\">Online Players</h1>\n";
foreach (Character c in OnlineCharacters) {
ret += $"<p> <a href=\"https://wotdn.nightmare.haus/?handler=Account&amp;name={c.Username}\">{c.Username}</a>: Level {c.Level} {c.GetRace()} {c.GetClass()}, {c.Name}</p>";
}
if (this.OnlineCharacters.Count > 0)
{
ret += "<br/><h1 align=\"center\">Online Players</h1>\n";
foreach (Character c in OnlineCharacters)
{
ret += $"<p> <a href=\"https://wotdn.nightmare.haus/?handler=Account&amp;name={c.Username}\">{c.Username}</a>: Level {c.Level} {c.GetRace()} {c.GetClass()}, {c.Name}</p>";
}
}
if (System.IO.File.Exists("announce.html")) {
if (System.IO.File.Exists("announce.html"))
{
ret += "<br/>";
ret += System.IO.File.ReadAllText("announce.html");
}

10
Program.cs
View File

@ -18,6 +18,11 @@ namespace NightmareCoreWeb2
public static string MysqlDatabase;
public static string MysqlPort;
public static string MysqlPassword;
public static string EmailAddress;
public static string EmailDomain;
public static string EmailHost;
public static string EmailPass;
public static List<string> AllowedDomains;
public static string connStr;
public static void Main(string[] args)
{
@ -30,6 +35,11 @@ namespace NightmareCoreWeb2
Program.MysqlDatabase = config.MysqlDatabase;
Program.MysqlPassword = config.MysqlPassword;
Program.MysqlPort = config.MysqlPort;
Program.EmailAddress = config.EmailAddress;
Program.EmailDomain = config.EmailDomain;
Program.EmailHost = config.EmailHost;
Program.EmailPass = config.EmailPass;
Program.AllowedDomains = config.AllowedDomains;
connStr = $"SslMode=None;server={Program.MysqlServer};user={Program.MysqlUser};database={Program.MysqlDatabase};port={Program.MysqlPort};password={Program.MysqlPassword}";