IW4M-Admin/WebfrontCore/Controllers/AccountController.cs

using Microsoft.AspNetCore.Mvc;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication.Cookies;
using System.Security.Claims;
using System;

namespace WebfrontCore.Controllers
{
    public class AccountController : BaseController
    {
        [HttpGet]
        public async Task<IActionResult> Login(int userId, string password)
        {
            if (userId == 0 || string.IsNullOrEmpty(password))
            {
                return Unauthorized();
            }

            try
            {
                var client = IW4MAdmin.Program.ServerManager.PrivilegedClients[userId];
                string[] hashedPassword = await Task.FromResult(SharedLibrary.Helpers.Hashing.Hash(password, client.PasswordSalt));

                if (hashedPassword[0] == client.Password)
                {
                    var claims = new[]
                    {
                    new Claim(ClaimTypes.NameIdentifier, client.Name),
                    new Claim(ClaimTypes.Role, client.Level.ToString()),
                    new Claim(ClaimTypes.Sid, client.ClientId.ToString())
                };

                    var claimsIdentity = new ClaimsIdentity(claims, "login");
                    var claimsPrinciple = new ClaimsPrincipal(claimsIdentity);
                    await HttpContext.Authentication.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, claimsPrinciple, new Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties()
                    {
                        AllowRefresh = true,
                        ExpiresUtc = DateTime.UtcNow.AddDays(30),
                        IsPersistent = true,
                        IssuedUtc = DateTime.UtcNow
                    });

                    return Ok();
                }
            }

            catch (Exception)
            {
                return Unauthorized();
            }

            return Unauthorized();
        }
    }
}
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								using Microsoft.AspNetCore.Mvc;
 								using System.Threading.Tasks;
 								using Microsoft.AspNetCore.Authentication.Cookies;
 								using System.Security.Claims;
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
+								using System;
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
 								namespace WebfrontCore.Controllers
 								{
 								    public class AccountController : BaseController
 								    {
 								        [HttpGet]
 								        public async Task<IActionResult> Login(int userId, string password)
 								        {
 								            if (userId == 0 || string.IsNullOrEmpty(password))
 								            {
 								                return Unauthorized();
 								            }
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
+								            try
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								            {
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
+								                var client = IW4MAdmin.Program.ServerManager.PrivilegedClients[userId];
 								                string[] hashedPassword = await Task.FromResult(SharedLibrary.Helpers.Hashing.Hash(password, client.PasswordSalt));
 								                if (hashedPassword[0] == client.Password)
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								                {
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
+								                    var claims = new[]
 								                    {
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								                    new Claim(ClaimTypes.NameIdentifier, client.Name),
 								                    new Claim(ClaimTypes.Role, client.Level.ToString()),
 								                    new Claim(ClaimTypes.Sid, client.ClientId.ToString())
 								                };
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
+								                    var claimsIdentity = new ClaimsIdentity(claims, "login");
 								                    var claimsPrinciple = new ClaimsPrincipal(claimsIdentity);
 								                    await HttpContext.Authentication.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, claimsPrinciple, new Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties()
 								                    {
 								                        AllowRefresh = true,
 								                        ExpiresUtc = DateTime.UtcNow.AddDays(30),
 								                        IsPersistent = true,
 								                        IssuedUtc = DateTime.UtcNow
 								                    });
 								                    return Ok();
 								                }
 								            }
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
+								            catch (Exception)
 								            {
 								                return Unauthorized();
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								            }
 								            return Unauthorized();
 								        }
 								    }
 								}