IW4M-Admin/WebfrontCore/Controllers/AccountController.cs

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Mvc;
using SharedLibraryCore;
using SharedLibraryCore.Interfaces;
using System;
using System.Security.Claims;
using System.Threading.Tasks;

namespace WebfrontCore.Controllers
{
    public class AccountController : BaseController
    {
        public AccountController(IManager manager) : base(manager)
        {

        }

        [HttpGet]
        public async Task<IActionResult> LoginAsync(int clientId, string password)
        {
            if (clientId == 0 || string.IsNullOrEmpty(password))
            {
                return Unauthorized();
            }

            try
            {
                var privilegedClient = await Manager.GetClientService().GetClientForLogin(clientId);
                bool loginSuccess = false;
#if DEBUG
                loginSuccess = clientId == 1;
#endif
                if (!Authorized && !loginSuccess)
                {
                    loginSuccess = Manager.TokenAuthenticator.AuthorizeToken(privilegedClient.NetworkId, password) ||
                        (await Task.FromResult(SharedLibraryCore.Helpers.Hashing.Hash(password, privilegedClient.PasswordSalt)))[0] == privilegedClient.Password;
                }

                if (loginSuccess)
                {
                    var claims = new[]
                    {
                        new Claim(ClaimTypes.NameIdentifier, privilegedClient.Name),
                        new Claim(ClaimTypes.Role, privilegedClient.Level.ToString()),
                        new Claim(ClaimTypes.Sid, privilegedClient.ClientId.ToString()),
                        new Claim(ClaimTypes.PrimarySid, privilegedClient.NetworkId.ToString("X"))
                    };

                    var claimsIdentity = new ClaimsIdentity(claims, "login");
                    var claimsPrinciple = new ClaimsPrincipal(claimsIdentity);
                    await SignInAsync(claimsPrinciple);

                    return Ok();
                }
            }

            catch (Exception)
            {
                return Unauthorized();
            }

            return Unauthorized();
        }

        [HttpGet]
        public async Task<IActionResult> LogoutAsync()
        {
            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
            return RedirectToAction("Index", "Home");
        }
    }
}
-												begin implementation of token authentication
replacing password authentication ingame
precompile views for webfront
issue #66
issue #52

											
										
										
											2019-02-15 23:19:59 -05:00
+								using Microsoft.AspNetCore.Authentication;
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								using Microsoft.AspNetCore.Authentication.Cookies;
-												begin implementation of token authentication
replacing password authentication ingame
precompile views for webfront
issue #66
issue #52

											
										
										
											2019-02-15 23:19:59 -05:00
+								using Microsoft.AspNetCore.Mvc;
-												refine webfront pages
finish refactor of penalty information/profile
optimize pull penalty query
start impl of quick message mapping

											
										
										
											2019-03-31 20:56:31 -04:00
+								using SharedLibraryCore;
-												move all the deployment setup into 2.4 pr (#85)

* don't run build commands in release

* fix test file

* Set up CI with Azure Pipelines

[skip ci]

* Include fonts and fix automessage hidden command

* more project changes

* migration from bower to libman

* more lib man changes

* project update for sneaky commands

* add missing canvas.js dep
update projects not to have stupid extra dlls

include in previous

* update pipeline file

* update post publish script and pipeline definition

* fix broken yaml

* move encoding conversion to seperate script

* remove extra uneeded rank icons
remove garbage language files being created
remove frontend lib when done

* fix publish script path

* grab localizations through powershell

* fix broken batch :shrug:

* actually fixed

* only include runtime compilation in debug mode for webfront

* don't deploy un minified css
use full jquery version

* add step to download the scss for open iconic
change the font path

* update mkdir for iconic path

* don't include old iconic css

* correct font path for real now

* copy script plugins

* lots of changes for deployment

* build the projects

* use projectdir instead of solution dir

* nerf script commands plugin
fix live radar left over command

* actually kill script command post build

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

* fix the font file copy (I think)

* maybe fix delete folder issue

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

											
										
										
											2019-12-02 16:52:36 -05:00
+								using SharedLibraryCore.Interfaces;
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
+								using System;
-												begin implementation of token authentication
replacing password authentication ingame
precompile views for webfront
issue #66
issue #52

											
										
										
											2019-02-15 23:19:59 -05:00
+								using System.Security.Claims;
 								using System.Threading.Tasks;
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
 								namespace WebfrontCore.Controllers
 								{
 								    public class AccountController : BaseController
 								    {
-												move all the deployment setup into 2.4 pr (#85)

* don't run build commands in release

* fix test file

* Set up CI with Azure Pipelines

[skip ci]

* Include fonts and fix automessage hidden command

* more project changes

* migration from bower to libman

* more lib man changes

* project update for sneaky commands

* add missing canvas.js dep
update projects not to have stupid extra dlls

include in previous

* update pipeline file

* update post publish script and pipeline definition

* fix broken yaml

* move encoding conversion to seperate script

* remove extra uneeded rank icons
remove garbage language files being created
remove frontend lib when done

* fix publish script path

* grab localizations through powershell

* fix broken batch :shrug:

* actually fixed

* only include runtime compilation in debug mode for webfront

* don't deploy un minified css
use full jquery version

* add step to download the scss for open iconic
change the font path

* update mkdir for iconic path

* don't include old iconic css

* correct font path for real now

* copy script plugins

* lots of changes for deployment

* build the projects

* use projectdir instead of solution dir

* nerf script commands plugin
fix live radar left over command

* actually kill script command post build

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

* fix the font file copy (I think)

* maybe fix delete folder issue

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

* Update azure-pipelines.yml for Azure Pipelines

											
										
										
											2019-12-02 16:52:36 -05:00
+								        public AccountController(IManager manager) : base(manager)
 								        {
 								        }
-												re-enable login to webfront with password
update cookie to last 3 months
add configuration option to limit # of rss feed items
prevent database tracking of bots if ignore bots requested
add last map and last server played to profile

											
										
										
											2019-02-22 20:06:51 -05:00
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								        [HttpGet]
-												fix login issue
strip colors for logging
feature implementation for issue #76

											
										
										
											2019-08-04 21:38:55 -04:00
+								        public async Task<IActionResult> LoginAsync(int clientId, string password)
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								        {
-												fix accidental improper name for login ClientId
added label field to InputInfo
added logout button
revert graph color

											
										
										
											2018-04-05 18:50:04 -04:00
+								            if (clientId == 0 || string.IsNullOrEmpty(password))
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								            {
 								                return Unauthorized();
 								            }
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
+								            try
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								            {
-												finish color code support (I think)

											
										
										
											2019-08-02 19:04:34 -04:00
+								                var privilegedClient = await Manager.GetClientService().GetClientForLogin(clientId);
-												add a bit more logged for when live radar fail to update
update killhouse map offsets (it's still wrong though)

											
										
										
											2019-07-29 13:08:25 -04:00
+								                bool loginSuccess = false;
 								#if DEBUG
 								                loginSuccess = clientId == 1;
 								#endif
 								                if (!Authorized && !loginSuccess)
 								                {
 								                    loginSuccess = Manager.TokenAuthenticator.AuthorizeToken(privilegedClient.NetworkId, password) ||
 								                        (await Task.FromResult(SharedLibraryCore.Helpers.Hashing.Hash(password, privilegedClient.PasswordSalt)))[0] == privilegedClient.Password;
 								                }
-												fix damage event not including log line
complete initiall implementation for "2FA"
issue #52
issue #66

											
										
										
											2019-02-16 16:04:40 -05:00
-												re-enable login to webfront with password
update cookie to last 3 months
add configuration option to limit # of rss feed items
prevent database tracking of bots if ignore bots requested
add last map and last server played to profile

											
										
										
											2019-02-22 20:06:51 -05:00
+								                if (loginSuccess)
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								                {
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
+								                    var claims = new[]
 								                    {
-												fix issue with login

											
										
										
											2019-04-17 18:50:53 -04:00
+								                        new Claim(ClaimTypes.NameIdentifier, privilegedClient.Name),
 								                        new Claim(ClaimTypes.Role, privilegedClient.Level.ToString()),
 								                        new Claim(ClaimTypes.Sid, privilegedClient.ClientId.ToString()),
 								                        new Claim(ClaimTypes.PrimarySid, privilegedClient.NetworkId.ToString("X"))
-												don't migrate context on MySql

											
										
										
											2018-04-07 17:47:21 -04:00
+								                    };
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
+								                    var claimsIdentity = new ClaimsIdentity(claims, "login");
 								                    var claimsPrinciple = new ClaimsPrincipal(claimsIdentity);
-												fix login issue
strip colors for logging
feature implementation for issue #76

											
										
										
											2019-08-04 21:38:55 -04:00
+								                    await SignInAsync(claimsPrinciple);
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
 								                    return Ok();
 								                }
 								            }
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
-												auth cookie expires after 30 days
only check hit offset when distance > 3 meters
fix null reference on unauthorized user
fixed stats not showing on profile if anticheat disabled
server client history turns red server is unresponsive

											
										
										
											2018-04-05 00:38:45 -04:00
+								            catch (Exception)
 								            {
 								                return Unauthorized();
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								            }
 								            return Unauthorized();
 								        }
-												fix accidental improper name for login ClientId
added label field to InputInfo
added logout button
revert graph color

											
										
										
											2018-04-05 18:50:04 -04:00
 								        [HttpGet]
 								        public async Task<IActionResult> LogoutAsync()
 								        {
-												migrating to .NET Core 2.0

											
										
										
											2018-04-08 02:44:42 -04:00
+								            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
-												fix accidental improper name for login ClientId
added label field to InputInfo
added logout button
revert graph color

											
										
										
											2018-04-05 18:50:04 -04:00
+								            return RedirectToAction("Index", "Home");
 								        }
-												RCon error handling is clearer
Show chat on mobile view of server overview
basic authentication
switched to extreme-ip-lookup for ip lookups (SSL)

											
										
										
											2018-04-04 15:38:34 -04:00
+								    }
 								}