Add Server-Side Download Queue (#21)

* test add queueing to file service * further adjustments to download queueing * add check for whether the request is still in the queue to CheckQueue * forcefully release slot if download didn't finish in 15s * actually cancel the delay task * add metrics and refactor some of the request queue service * refactor pathing * reuse httpclient * add queue request dto to requestfile, enqueue users immediately if a slot is available * change startup to include all controllers * update server pathing * update pathing, again * several adjustments to auth, banning, jwt server tokens, renaming, authorization * update api I guess * adjust automated banning of charaident and reg * generate jwt on servers for internal authentication * remove mvcextensions Co-authored-by: rootdarkarchon <root.darkarchon@outlook.com>
2023-01-11 12:22:22 +01:00
parent db2d0451ca
commit 42b15cb6b7
38 changed files with 1116 additions and 98 deletions
--- a/MareSynchronosServer/MareSynchronosServer/Controllers/JwtController.cs
+++ b/MareSynchronosServer/MareSynchronosServer/Controllers/JwtController.cs
@@ -2,6 +2,7 @@
 using MareSynchronosServer.Authentication;
 using MareSynchronosShared;
 using MareSynchronosShared.Data;
+using MareSynchronosShared.Models;
 using MareSynchronosShared.Services;
 using MareSynchronosShared.Utils;
 using Microsoft.AspNetCore.Authorization;
@@ -38,7 +39,7 @@ public class JwtController : Controller
    }

    [AllowAnonymous]
-    [HttpPost(MareAuth.AuthCreateIdent)]
+    [HttpPost(MareAuth.Auth_CreateIdent)]
    public async Task<IActionResult> CreateToken(string auth, string charaIdent)
    {
        if (string.IsNullOrEmpty(auth)) return BadRequest("No Authkey");
@@ -52,10 +53,47 @@ public class JwtController : Controller
        var authResult = await _secretKeyAuthenticatorService.AuthorizeAsync(ip, auth);

        if (!authResult.Success && !authResult.TempBan) return Unauthorized("The provided secret key is invalid. Verify your accounts existence and/or recover the secret key.");
-        if (!authResult.Success && authResult.TempBan) return Unauthorized("You are temporarily banned. Try connecting again later.");
+        if (!authResult.Success && authResult.TempBan) return Unauthorized("You are temporarily banned. Try connecting again in 5 minutes.");
+        if (authResult.Permaban)
+        {
+            if (!_mareDbContext.BannedUsers.Any(c => c.CharacterIdentification == charaIdent))
+            {
+                _mareDbContext.BannedUsers.Add(new Banned()
+                {
+                    CharacterIdentification = charaIdent,
+                    Reason = "Autobanned CharacterIdent (" + authResult.Uid + ")"
+                });
+
+                await _mareDbContext.SaveChangesAsync();
+            }
+
+            var lodestone = await _mareDbContext.LodeStoneAuth.Include(a => a.User).FirstOrDefaultAsync(c => c.User.UID == authResult.Uid);
+
+            if (lodestone != null)
+            {
+                if (!_mareDbContext.BannedRegistrations.Any(c => c.DiscordIdOrLodestoneAuth == lodestone.HashedLodestoneId))
+                {
+                    _mareDbContext.BannedRegistrations.Add(new BannedRegistrations()
+                    {
+                        DiscordIdOrLodestoneAuth = lodestone.HashedLodestoneId
+                    });
+                }
+                if (!_mareDbContext.BannedRegistrations.Any(c => c.DiscordIdOrLodestoneAuth == lodestone.DiscordId.ToString()))
+                {
+                    _mareDbContext.BannedRegistrations.Add(new BannedRegistrations()
+                    {
+                        DiscordIdOrLodestoneAuth = lodestone.DiscordId.ToString()
+                    });
+                }
+
+                await _mareDbContext.SaveChangesAsync();
+            }
+
+            return Unauthorized("You are permanently banned.");
+        }

        var existingIdent = await _redis.GetAsync<string>("UID:" + authResult.Uid);
-        if (!string.IsNullOrEmpty(existingIdent)) return Unauthorized("Already logged in to this account.");
+        if (!string.IsNullOrEmpty(existingIdent)) return Unauthorized("Already logged in to this account. Reconnect in 60 seconds. If you keep seeing this issue, restart your game.");

        var token = CreateToken(new List<Claim>()
        {
@@ -66,26 +104,6 @@ public class JwtController : Controller
        return Content(token.RawData);
    }

-    [AllowAnonymous]
-    [HttpPost(MareAuth.AuthCreate)]
-    public async Task<IActionResult> CreateToken(string auth)
-    {
-        if (string.IsNullOrEmpty(auth)) return BadRequest("No Authkey");
-
-        var ip = _accessor.GetIpAddress();
-
-        var authResult = await _secretKeyAuthenticatorService.AuthorizeAsync(ip, auth);
-
-        if (!authResult.Success) return Unauthorized("Invalid Authkey");
-
-        var token = CreateToken(new List<Claim>()
-        {
-            new Claim(MareClaimTypes.Uid, authResult.Uid)
-        });
-
-        return Content(token.RawData);
-    }
-
    private JwtSecurityToken CreateToken(IEnumerable<Claim> authClaims)
    {
        var authSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(_configuration.GetValue<string>(nameof(MareConfigurationAuthBase.Jwt))));