olcxjas-softworks/LarpixServer
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make most requests use id instead of username
All checks were successful
Server Build / publish (push) Successful in 28s
Details
Voice Build / publish (push) Successful in 25s
Details

Browse source
This commit is contained in:
olcxja 2026-05-27 19:41:56 +02:00
commit 9183651c4f
3 changed files with 32 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

45
LarpixServer/Account/Requests.cs
View file

@ -20,7 +20,7 @@ public class Requests
public static async Task Delete(HttpContext context, Func<Task> next, IQueryCollection query, public static async Task Delete(HttpContext context, Func<Task> next, IQueryCollection query,
StreamReader bodyReader) StreamReader bodyReader)
{ {
if (!query.TryGetValue("u", out var username)) if (!query.TryGetValue("id", out var idQuery))
{ {
return; return;
} }
@ -30,9 +30,9 @@ public class Requests
return; return;
} }
string id = await Utils.IdFromName(username); string id = idQuery.ToString().Split(":")[0];
string password = await Utils.GetPassword(id); string password = await Utils.GetPassword(id);
secret = await Utils.NonceDecryptBody(username, password, secret); secret = await Utils.NonceDecryptBody(id, password, secret);
string auth = await Utils.Auth(id, password, secret); string auth = await Utils.Auth(id, password, secret);
if (auth != Utils.LOGIN_SUCCESS) if (auth != Utils.LOGIN_SUCCESS)
{ {
@ -279,7 +279,7 @@ public class Requests
public static async Task Auth(HttpContext context, Func<Task> next, IQueryCollection query, StreamReader bodyReader) public static async Task Auth(HttpContext context, Func<Task> next, IQueryCollection query, StreamReader bodyReader)
{ {
if (!query.TryGetValue("u", out var username)) if (!query.TryGetValue("id", out var idQuery))
{ {
return; return;
} }
@ -289,9 +289,9 @@ public class Requests
return; return;
} }
string id = await Utils.IdFromName(username); string id = idQuery.ToString().Split(":")[0];
string password = await Utils.GetPassword(id); string password = await Utils.GetPassword(id);
secret = await Utils.NonceDecryptBody(username, password, secret); secret = await Utils.NonceDecryptBody(id, password, secret);
string auth = await Utils.Auth(id, password, secret); string auth = await Utils.Auth(id, password, secret);
await context.Response.WriteAsync(auth); await context.Response.WriteAsync(auth);
@ -359,19 +359,20 @@ public class Requests
public static async Task NextNonce(HttpContext context, Func<Task> next, IQueryCollection query) public static async Task NextNonce(HttpContext context, Func<Task> next, IQueryCollection query)
{ {
if (!query.TryGetValue("u", out var username)) if (!query.TryGetValue("id", out var idQuery))
{ {
return; return;
} }
string plainPass = await Utils.GetPassword(await Utils.IdFromName(username)); string id = idQuery.ToString().Split(":")[0];
string plainPass = await Utils.GetPassword(id);
foreach (var kvp in nonceHolder) //clearowanie nieuzytych nonce foreach (var kvp in nonceHolder) //clearowanie nieuzytych nonce
{ {
if (kvp.Value.Item2 < DateTimeOffset.UtcNow.AddMinutes(-2)) if (kvp.Value.Item2 < DateTimeOffset.UtcNow.AddMinutes(-2))
{ {
nonceHolder.TryRemove(kvp.Key, out _); nonceHolder.TryRemove(kvp.Key, out _);
} }
else if (kvp.Key == username) else if (kvp.Key == id)
{ {
await context.Response.WriteAsync(Encryption.Encryption.EncryptString(kvp.Value.Item1, await context.Response.WriteAsync(Encryption.Encryption.EncryptString(kvp.Value.Item1,
plainPass)); plainPass));
@ -380,7 +381,7 @@ public class Requests
} }
string nonce = Encryption.Encryption.GetRandomString(64); string nonce = Encryption.Encryption.GetRandomString(64);
nonceHolder.TryAdd(username, (nonce, DateTimeOffset.UtcNow)); nonceHolder.TryAdd(id, (nonce, DateTimeOffset.UtcNow));
await context.Response.WriteAsync(Encryption.Encryption.EncryptString(nonce, await context.Response.WriteAsync(Encryption.Encryption.EncryptString(nonce,
plainPass)); plainPass));
return; return;
@ -389,7 +390,7 @@ public class Requests
public static async Task ChangePassword(HttpContext context, Func<Task> next, IQueryCollection query, public static async Task ChangePassword(HttpContext context, Func<Task> next, IQueryCollection query,
StreamReader bodyReader) StreamReader bodyReader)
{ {
if (!query.TryGetValue("u", out var username)) if (!query.TryGetValue("id", out var idQuery))
{ {
return; return;
} }
@ -399,11 +400,11 @@ public class Requests
return; return;
} }
string id = await Utils.IdFromName(username); string id = idQuery.ToString().Split(":")[0];
string body = await LoadBody(bodyReader); string body = await LoadBody(bodyReader);
string password = await Utils.GetPassword(id); string password = await Utils.GetPassword(id);
string newPass = await Utils.NonceDecryptBody(username, password, body, false); string newPass = await Utils.NonceDecryptBody(id, password, body, false);
secret = await Utils.NonceDecryptBody(username, password, secret); secret = await Utils.NonceDecryptBody(id, password, secret);
string auth = await Utils.Auth(id, password, secret); string auth = await Utils.Auth(id, password, secret);
@ -437,7 +438,7 @@ public class Requests
public static async Task ChangeUsername(HttpContext context, Func<Task> next, IQueryCollection query, public static async Task ChangeUsername(HttpContext context, Func<Task> next, IQueryCollection query,
StreamReader bodyReader) StreamReader bodyReader)
{ {
if (!query.TryGetValue("u", out var username)) if (!query.TryGetValue("id", out var idQuery))
{ {
return; return;
} }
@ -447,13 +448,13 @@ public class Requests
return; return;
} }
string id = await Utils.IdFromName(username); string id = idQuery.ToString().Split(":")[0];
string body = await LoadBody(bodyReader); string body = await LoadBody(bodyReader);
string password = await Utils.GetPassword(id); string password = await Utils.GetPassword(id);
body = await Utils.NonceDecryptBody(username, password, body, false); body = await Utils.NonceDecryptBody(id, password, body, false);
secret = await Utils.NonceDecryptBody(username, password, secret); secret = await Utils.NonceDecryptBody(id, password, secret);
string auth = await Utils.Auth(id, secret, password); string auth = await Utils.Auth(id, secret, password);
if (auth != Utils.LOGIN_SUCCESS) if (auth != Utils.LOGIN_SUCCESS)
@ -538,7 +539,7 @@ public class Requests
public static async Task EncryptedRequest(HttpContext context, Func<Task> next, IQueryCollection query, StreamReader bodyReader) public static async Task EncryptedRequest(HttpContext context, Func<Task> next, IQueryCollection query, StreamReader bodyReader)
{ {
if (!query.TryGetValue("u", out var username)) if (!query.TryGetValue("id", out var idQuery))
{ {
return; return;
} }
@ -548,11 +549,11 @@ public class Requests
return; return;
} }
string id = await Utils.IdFromName(username); string id = idQuery.ToString().Split(":")[0];
string body = await LoadBody(bodyReader); string body = await LoadBody(bodyReader);
string password = await Utils.GetPassword(id); string password = await Utils.GetPassword(id);
body = await Utils.NonceDecryptBody(username, password, body, false); body = await Utils.NonceDecryptBody(id, password, body, false);
secret = await Utils.NonceDecryptBody(username, password, secret); secret = await Utils.NonceDecryptBody(id, password, secret);
Universal2String serializedBody = JsonSerializer.Deserialize( Universal2String serializedBody = JsonSerializer.Deserialize(
body, body,

6
LarpixServer/Account/Utils.cs
View file

@ -137,16 +137,16 @@ public class Utils
return LOGIN_SUCCESS; return LOGIN_SUCCESS;
} }
public static async Task<string> NonceDecryptBody(string username, string password, string body, bool delEntry = true) public static async Task<string> NonceDecryptBody(string id, string password, string body, bool delEntry = true)
{ {
if (!Requests.nonceHolder.TryGetValue(username, out (string, DateTimeOffset) nonce)) if (!Requests.nonceHolder.TryGetValue(id, out (string, DateTimeOffset) nonce))
{ {
return "error:invalid.nonce"; return "error:invalid.nonce";
} }
string decBody = Encryption.Encryption.PacketDecPass(body, password, nonce.Item1); string decBody = Encryption.Encryption.PacketDecPass(body, password, nonce.Item1);
if (delEntry) if (delEntry)
{ {
Requests.nonceHolder.TryRemove(username, out _); Requests.nonceHolder.TryRemove(id, out _);
} }
return decBody; return decBody;

10
LarpixServer/Room/Requests.cs
View file

@ -128,6 +128,11 @@ public class Requests
return "error:user.not.found"; return "error:user.not.found";
} }
Universal2String keys = JsonSerializer.Deserialize( //we need to pull keys before we do anything, because if user do NOT have them, dm creation will crash
await Account.Utils.GetUserKeys(id),
AppJsonSerializerContext.Default.Universal2String
);
if (isUserLocal) if (isUserLocal)
{ {
@ -180,10 +185,7 @@ public class Requests
Encoding.UTF8.GetBytes(serializedBody.string2)); Encoding.UTF8.GetBytes(serializedBody.string2));
Universal2String keys = JsonSerializer.Deserialize(
await Account.Utils.GetUserKeys(id),
AppJsonSerializerContext.Default.Universal2String
);
await Fs.WriteFile($"{ROOMS_DIR}/dms/{DOMAIN}/{dmId}/keys/0/{id2};{domain}", await Fs.WriteFile($"{ROOMS_DIR}/dms/{DOMAIN}/{dmId}/keys/0/{id2};{domain}",
Encoding.UTF8.GetBytes($"SETUP:{keys.string2};{serializedBody.string3}")); //jezeli mamy setup to [1] to jest publiczny klucz drugiej osoby, Encoding.UTF8.GetBytes($"SETUP:{keys.string2};{serializedBody.string3}")); //jezeli mamy setup to [1] to jest publiczny klucz drugiej osoby,
//a string 3 to zaszyfrowany klucz pokoju ktory musi odszyfrowac za pomoca swoich kluczy i tego publicznego //a string 3 to zaszyfrowany klucz pokoju ktory musi odszyfrowac za pomoca swoich kluczy i tego publicznego