From f2712900cd4f94626a91aeca7d319798e89638ba Mon Sep 17 00:00:00 2001 From: John Cardinal Date: Mon, 18 Oct 2021 17:41:05 +0000 Subject: [PATCH] --- .vscode/launch.json | 2 +- server/AyaNova/Controllers/AuthController.cs | 34 +++++++++++++------- server/AyaNova/util/License.cs | 2 +- 3 files changed, 25 insertions(+), 13 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index c74c1699..8c69e4d3 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -52,7 +52,7 @@ "AYANOVA_FOLDER_USER_FILES": "c:\\temp\\RavenTestData\\userfiles", "AYANOVA_FOLDER_BACKUP_FILES": "c:\\temp\\RavenTestData\\backupfiles", "AYANOVA_FOLDER_TEMPORARY_SERVER_FILES": "c:\\temp\\RavenTestData\\tempfiles", - "AYANOVA_SERVER_TEST_MODE": "true", + "AYANOVA_SERVER_TEST_MODE": "false", "AYANOVA_SERVER_TEST_MODE_SEEDLEVEL": "small", "AYANOVA_SERVER_TEST_MODE_TZ_OFFSET": "-7", "AYANOVA_BACKUP_PG_DUMP_PATH": "C:\\data\\code\\postgres_14\\bin\\" diff --git a/server/AyaNova/Controllers/AuthController.cs b/server/AyaNova/Controllers/AuthController.cs index e70ef62f..2f155f17 100644 --- a/server/AyaNova/Controllers/AuthController.cs +++ b/server/AyaNova/Controllers/AuthController.cs @@ -67,15 +67,6 @@ namespace AyaNova.Api.Controllers [AllowAnonymous] public async Task PostCreds([FromBody] AuthController.CredentialsParam creds) //if was a json body then //public JsonResult PostCreds([FromBody] string login, [FromBody] string password) { - //a bit different as ops users can still login if the state is opsonly - //so the only real barrier here would be a completely closed api - - - if (serverState.IsClosed && AyaNova.Core.License.ActiveKey.KeyDoesNotNeedAttention) - { - return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason)); - } - #if (DEBUG) @@ -168,6 +159,27 @@ namespace AyaNova.Api.Controllers string hashed = Hasher.hash(u.Salt, creds.Password); if (hashed == u.Password) { + + //LOCKOUT?? + //done here because we need to know the user in case there is an exception (superuser) + //a bit different as ops users can still login if the state is opsonly + //so the only real barrier here would be a completely closed api + + //Is the server completely closed?? If so only the Super user can login + if (serverState.IsClosed && u.Id != 1) + { + return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason)); + } + + //not sure if key needs attention is relevant as closed is closed + // if (u.Id!=1 && serverState.IsClosed && AyaNova.Core.License.ActiveKey.KeyDoesNotNeedAttention) + // { + // //can't login as *any* user due to some issue not license key related + // return StatusCode(503, new ApiErrorResponse(ApiErrorCode.API_CLOSED, null, serverState.Reason)); + // } + + + //TWO FACTOR ENABLED?? //if 2fa enabled then need to validate it before sending token, so we're halfway there and need to send a 2fa prompt if (u.TwoFactorEnabled) @@ -336,8 +348,8 @@ namespace AyaNova.Api.Controllers //save auth token to ensure single sign on only u.CurrentAuthToken = token; - u.LastLogin = DateTime.UtcNow; - + u.LastLogin = DateTime.UtcNow; + await ct.SaveChangesAsync(); //KEEP this, masked version of IP address diff --git a/server/AyaNova/util/License.cs b/server/AyaNova/util/License.cs index 465d7988..88514b19 100644 --- a/server/AyaNova/util/License.cs +++ b/server/AyaNova/util/License.cs @@ -186,7 +186,7 @@ namespace AyaNova.Core { get { - // return !IsEmpty && !LicenseExpired; + return (Status == LicenseStatus.ActivePurchased) || (Status == LicenseStatus.ActiveTrial); }