friendlynamazu/server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OneTime Invites Server handling (#17)

Browse Source 
* add server-side handling for one time invites
This commit is contained in:
rootdarkarchon
2022-10-25 00:54:51 +02:00
committed by GitHub
parent c13e457780
commit d83d9a6753
10 changed files with 1206 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
MareSynchronosServer/MareSynchronosServer/Hubs/MareHub.Groups.cs
View File

@@ -8,6 +8,7 @@ using Microsoft.AspNetCore.SignalR;
using Microsoft.EntityFrameworkCore;
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Linq;
using System.Security.Cryptography;
using System.Threading.Tasks;
@@ -173,9 +174,11 @@ public partial class MareHub
var existingUserCount = await _dbContext.GroupPairs.AsNoTracking().CountAsync(g => g.GroupGID == gid).ConfigureAwait(false);
var joinedGroups = await _dbContext.GroupPairs.CountAsync(g => g.GroupUserUID == AuthenticatedUserId).ConfigureAwait(false);
var isBanned = await _dbContext.GroupBans.AnyAsync(g => g.GroupGID == gid && g.BannedUserUID == AuthenticatedUserId).ConfigureAwait(false);
var groupGid = group?.GID ?? string.Empty;
var oneTimeInvite = await _dbContext.GroupTempInvites.SingleOrDefaultAsync(g => g.GroupGID == groupGid && g.Invite == hashedPw).ConfigureAwait(false);
if (group == null
|| !string.Equals(group.HashedPassword, hashedPw, StringComparison.Ordinal)
|| (!string.Equals(group.HashedPassword, hashedPw, StringComparison.Ordinal) && oneTimeInvite == null)
|| existingPair != null
|| existingUserCount >= _maxGroupUserCount
|| !group.InvitesEnabled
@@ -183,6 +186,12 @@ public partial class MareHub
|| isBanned)
return false;
if (oneTimeInvite != null)
{
_logger.LogCallInfo(MareHubLogger.Args(gid, "TempInvite", oneTimeInvite.Invite));
_dbContext.Remove(oneTimeInvite);
}
GroupPair newPair = new()
{
GroupGID = group.GID,
@@ -239,6 +248,45 @@ public partial class MareHub
return true;
}
[Authorize(Policy = "Identified")]
public async Task<List<string>> GroupCreateTempInvite(string gid, int amount)
{
_logger.LogCallInfo(MareHubLogger.Args(gid, amount));
List<string> inviteCodes = new();
List<GroupTempInvite> tempInvites = new();
var (hasRights, group) = await TryValidateGroupModeratorOrOwner(gid).ConfigureAwait(false);
if (!hasRights) return new();
var existingInvites = await _dbContext.GroupTempInvites.Where(g => g.GroupGID == group.GID).ToListAsync().ConfigureAwait(false);
for (int i = 0; i < amount; i++)
{
bool hasValidInvite = false;
string invite = string.Empty;
string hashedInvite = string.Empty;
while (!hasValidInvite)
{
invite = StringUtils.GenerateRandomString(10, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789");
hashedInvite = StringUtils.Sha256String(invite);
if (existingInvites.Any(i => string.Equals(i.Invite, hashedInvite, StringComparison.Ordinal))) continue;
hasValidInvite = true;
inviteCodes.Add(invite);
}
tempInvites.Add(new GroupTempInvite()
{
ExpirationDate = DateTime.UtcNow.AddDays(1),
GroupGID = group.GID,
Invite = hashedInvite
});
}
_dbContext.GroupTempInvites.AddRange(tempInvites);
await _dbContext.SaveChangesAsync().ConfigureAwait(false);
return inviteCodes;
}
[Authorize(Policy = "Identified")]
public async Task GroupLeave(string gid)
{