From 4dade47819e97343daf01e7e4af61fa870d3345f Mon Sep 17 00:00:00 2001 From: rootdarkarchon Date: Sat, 21 Jan 2023 02:46:18 +0100 Subject: [PATCH] adjustments to auth --- .../Controllers/JwtController.cs | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/MareSynchronosServer/MareSynchronosServer/Controllers/JwtController.cs b/MareSynchronosServer/MareSynchronosServer/Controllers/JwtController.cs index 1c3b4c1..a00b5a5 100644 --- a/MareSynchronosServer/MareSynchronosServer/Controllers/JwtController.cs +++ b/MareSynchronosServer/MareSynchronosServer/Controllers/JwtController.cs @@ -45,13 +45,23 @@ public class JwtController : Controller if (string.IsNullOrEmpty(auth)) return BadRequest("No Authkey"); if (string.IsNullOrEmpty(charaIdent)) return BadRequest("No CharaIdent"); - var isBanned = await _mareDbContext.BannedUsers.AsNoTracking().AnyAsync(u => u.CharacterIdentification == charaIdent).ConfigureAwait(false); - if (isBanned) return Unauthorized("Your character is banned from using the service."); - var ip = _accessor.GetIpAddress(); var authResult = await _secretKeyAuthenticatorService.AuthorizeAsync(ip, auth); + var isBanned = await _mareDbContext.BannedUsers.AsNoTracking().AnyAsync(u => u.CharacterIdentification == charaIdent).ConfigureAwait(false); + if (isBanned) + { + var authToBan = _mareDbContext.Auth.SingleOrDefault(a => a.UserUID == authResult.Uid); + if (authToBan != null) + { + authToBan.IsBanned = true; + await _mareDbContext.SaveChangesAsync().ConfigureAwait(false); + } + + return Unauthorized("Your character is banned from using the service."); + } + if (!authResult.Success && !authResult.TempBan) return Unauthorized("The provided secret key is invalid. Verify your accounts existence and/or recover the secret key."); if (!authResult.Success && authResult.TempBan) return Unauthorized("You are temporarily banned. Try connecting again in 5 minutes."); if (authResult.Permaban)