re-enable login to webfront with password

update cookie to last 3 months add configuration option to limit # of rss feed items prevent database tracking of bots if ignore bots requested add last map and last server played to profile
2019-02-22 19:06:51 -06:00
parent 74cdf8e885
commit 4b1f44cc2a
15 changed files with 864 additions and 27 deletions
--- a/WebfrontCore/Controllers/AccountController.cs
+++ b/WebfrontCore/Controllers/AccountController.cs
@ -1,6 +1,5 @@
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.Cookies;
-using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using System;
 using System.Security.Claims;
@ -10,6 +9,11 @@ namespace WebfrontCore.Controllers
 {
    public class AccountController : BaseController
    {
+        /// <summary>
+        /// life span in months
+        /// </summary>
+        private const int COOKIE_LIFESPAN = 3;
+
        [HttpGet]
        public async Task<IActionResult> LoginAsync(int clientId, string password)
        {
@ -22,10 +26,10 @@ namespace WebfrontCore.Controllers
            {
                var client = Manager.GetPrivilegedClients()[clientId];

-                // string[] hashedPassword = await Task.FromResult(SharedLibraryCore.Helpers.Hashing.Hash(password, client.PasswordSalt));
-                //if (hashedPassword[0] == client.Password)
+                bool loginSuccess = Manager.TokenAuthenticator.AuthorizeToken(client.NetworkId, password) ||
+                    (await Task.FromResult(SharedLibraryCore.Helpers.Hashing.Hash(password, client.PasswordSalt)))[0] == client.Password;

-                if (Manager.TokenAuthenticator.AuthorizeToken(client.NetworkId, password))
+                if (loginSuccess)
                {
                    var claims = new[]
                    {
@ -40,7 +44,7 @@ namespace WebfrontCore.Controllers
                    await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, claimsPrinciple, new AuthenticationProperties()
                    {
                        AllowRefresh = true,
-                        ExpiresUtc = DateTime.UtcNow.AddDays(30),
+                        ExpiresUtc = DateTime.UtcNow.AddMonths(COOKIE_LIFESPAN),
                        IsPersistent = true,
                        IssuedUtc = DateTime.UtcNow
                    });
--- a/WebfrontCore/Controllers/ClientController.cs
+++ b/WebfrontCore/Controllers/ClientController.cs
@ -59,7 +59,7 @@ namespace WebfrontCore.Controllers
                LinkedAccounts = client.LinkedAccounts
            };

-            var meta = await MetaService.GetMeta(client.ClientId);
+            var meta = await MetaService.GetRuntimeMeta(client.ClientId);
            var penaltyMeta = await Manager.GetPenaltyService()
                .ReadGetClientPenaltiesAsync(client.ClientId);
            var administeredPenaltiesMeta = await Manager.GetPenaltyService()