source: binary-improvements2/WebServer/src/WebAPI/APIs/RegisterUser.cs@ 413

Last change on this file since 413 was 413, checked in by alloc, 21 months ago

Added user registration classes
File size: 3.4 KB
Line 
1using System;
2using System.Collections.Generic;
3using System.Net;
4using System.Text.RegularExpressions;
5using JetBrains.Annotations;
6using Utf8Json;
7using Webserver.Permissions;
8using Webserver.UrlHandlers;
9
10namespace Webserver.WebAPI.APIs {
11 [UsedImplicitly]
12 public class RegisterUser : AbsRestApi {
13 private static readonly byte[] jsonPlayerNameKey = JsonWriter.GetEncodedPropertyNameWithBeginObject ("playerName");
14 private static readonly byte[] jsonExpirationKey = JsonWriter.GetEncodedPropertyNameWithPrefixValueSeparator ("expirationSeconds");
15
16 // TODO: Rate-limiting
17
18 private static readonly Regex userValidationRegex = new Regex ("^\\w{4,16}$", RegexOptions.ECMAScript | RegexOptions.Compiled);
19 private static readonly Regex passValidationRegex = new Regex ("^\\w{4,16}$", RegexOptions.ECMAScript | RegexOptions.Compiled);
20
21 public RegisterUser (Web _parentWeb) : base (_parentWeb) {
22 }
23
24 protected override void HandleRestGet (RequestContext _context) {
25 string token = _context.RequestPath;
26
27 if (string.IsNullOrEmpty (token)) {
28 SendErrorResult (_context, HttpStatusCode.BadRequest, null, "NO_TOKEN");
29 return;
30 }
31
32 if (!UserRegistrationTokens.TryValidate (token, out UserRegistrationTokens.RegistrationData regData)) {
33 SendErrorResult (_context, HttpStatusCode.NotFound, null, "INVALID_OR_EXPIRED_TOKEN");
34 return;
35 }
36
37 PrepareEnvelopedResult (out JsonWriter writer);
38
39 writer.WriteRaw (jsonPlayerNameKey);
40 writer.WriteString (regData.PlayerName);
41
42 writer.WriteRaw (jsonExpirationKey);
43 writer.WriteDouble ((regData.ExpiryTime - DateTime.Now).TotalSeconds);
44
45 writer.WriteEndObject ();
46
47 SendEnvelopedResult (_context, ref writer);
48 }
49
50 protected override void HandleRestPost (RequestContext _context, IDictionary<string, object> _jsonInput, byte[] _jsonInputData) {
51 if (!TryGetJsonField (_jsonInput, "token", out string token)) {
52 SendErrorResult (_context, HttpStatusCode.BadRequest, _jsonInputData, "MISSING_TOKEN");
53 return;
54 }
55
56 if (!TryGetJsonField (_jsonInput, "username", out string username)) {
57 SendErrorResult (_context, HttpStatusCode.BadRequest, _jsonInputData, "MISSING_USERNAME");
58 return;
59 }
60
61 if (!TryGetJsonField (_jsonInput, "password", out string password)) {
62 SendErrorResult (_context, HttpStatusCode.BadRequest, _jsonInputData, "MISSING_PASSWORD");
63 return;
64 }
65
66 if (!UserRegistrationTokens.TryValidate (token, out UserRegistrationTokens.RegistrationData regData)) {
67 SendErrorResult (_context, HttpStatusCode.Unauthorized, null, "INVALID_OR_EXPIRED_TOKEN");
68 return;
69 }
70
71 if (!userValidationRegex.IsMatch (username)) {
72 SendErrorResult (_context, HttpStatusCode.Unauthorized, _jsonInputData, "INVALID_USERNAME");
73 return;
74 }
75
76 if (!passValidationRegex.IsMatch (password)) {
77 SendErrorResult (_context, HttpStatusCode.Unauthorized, _jsonInputData, "INVALID_PASSWORD");
78 return;
79 }
80
81 // TODO: Check if username is already used!
82
83 AdminWebUsers.Instance.AddUser (username, password, regData.PlatformUserId, regData.CrossPlatformUserId);
84
85 string remoteEndpointString = _context.Request.RemoteEndPoint!.ToString ();
86 SessionHandler.HandleUserIdLogin (ParentWeb.ConnectionHandler, _context, remoteEndpointString, SessionHandler.userPassLoginName,
87 SessionHandler.userPassErrorPage, username, regData.PlatformUserId, regData.CrossPlatformUserId);
88 }
89
90 public override int DefaultPermissionLevel () => 2000;
91 }
92}
Note: See TracBrowser for help on using the repository browser.