derek/auth-mistox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix bad practice for account

Browse Source
This commit is contained in:
Derek Holloway
2025-07-24 21:07:06 -07:00
parent 36412a5139
commit 5209fd9bfc
3 changed files with 26 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Server/Services/DatabaseService/Account.cs
+20 -12
View File
@@ -32,21 +32,23 @@ namespace Auth.Services.DatabaseService {
int _curpasswordattempts = reader.GetInt32( "CurrentPasswordAttempts" );
string _role = reader.GetString( "Role" );
string _emailtoken = reader.GetString( "EmailToken" );
DateTime _emailtokencreated = reader.GetDateTime( "EmailTokenCreation" );
string _passwordtoken = reader.GetString( "PasswordToken" );
DateTime _passwordtokencreated = reader.GetDateTime( "PasswordTokenCreation" );
string _dataserver = reader.GetString( "DataServer" );
byte[] _loginToken = new byte[16];
reader.GetBytes( reader.GetOrdinal("LoginToken"), 0, _loginToken, 0, 16);
account = new Account() {
ID = _id,
UserName = _username,
Email = _email,
EmailVerified = _emailVerified,
PasswordHash = _passwordhash,
LoginToken = new Guid(_loginToken),
CurrentPasswordAttempts = _curpasswordattempts,
PasswordAttempts = _passwordattempts,
EmailToken = _emailtoken,
EmailTokenCreated = _emailtokencreated,
PasswordToken = _passwordtoken,
PasswordTokenCreated = _passwordtokencreated,
FailedPasswordLock = _failedpasswordlock,
Role = _role,
DataServer = _dataserver
@@ -85,21 +87,23 @@ namespace Auth.Services.DatabaseService {
int _curpasswordattempts = reader.GetInt32( "CurrentPasswordAttempts" );
string _role = reader.GetString( "Role" );
string _emailtoken = reader.GetString( "EmailToken" );
DateTime _emailtokencreated = reader.GetDateTime( "EmailTokenCreation" );
string _passwordtoken = reader.GetString( "PasswordToken" );
DateTime _passwordtokencreated = reader.GetDateTime( "PasswordTokenCreation" );
string _dataserver = reader.GetString("DataServer");
byte[] _loginToken = new byte[16];
reader.GetBytes( reader.GetOrdinal("LoginToken"), 0, _loginToken, 0, 16);
account = new Account() {
ID = _id,
UserName = _username,
Email = _email,
EmailVerified = _emailVerified,
PasswordHash = _passwordhash,
LoginToken = new Guid(_loginToken),
CurrentPasswordAttempts = _passwordattempts,
PasswordAttempts = _passwordattempts,
EmailToken = _emailtoken,
EmailTokenCreated = _emailtokencreated,
PasswordToken = _passwordtoken,
PasswordTokenCreated = _passwordtokencreated,
FailedPasswordLock = _failedpasswordlock,
Role = _role,
DataServer = _dataserver
@@ -116,20 +120,22 @@ namespace Auth.Services.DatabaseService {
string command = @"
INSERT INTO Account
(ID,UserName,Email,EmailVerified,PasswordHash,LoginToken,FailedPasswordLock,PasswordAttempts,CurrentPasswordAttempts,Role,EmailToken,DataServer)
(ID,UserName,Email,EmailVerified,PasswordHash,FailedPasswordLock,PasswordAttempts,CurrentPasswordAttempts,Role,EmailToken,EmailTokenCreation,PasswordToken,PasswordTokenCreation,DataServer)
VALUES
(@ID,@UserName,@Email,@EmailVerified,@PasswordHash,@LoginToken,@FailedPasswordLock,@PasswordAttempts,@CurrentPasswordAttempts,@Role,@EmailToken,@DataServer)
(@ID,@UserName,@Email,@EmailVerified,@PasswordHash,@FailedPasswordLock,@PasswordAttempts,@CurrentPasswordAttempts,@Role,@EmailToken,@EmailTokenCreation,@PasswordToken,@PasswordTokenCreation,@DataServer)
ON DUPLICATE KEY UPDATE
UserName = @UserName,
Email = @Email,
EmailVerified = @EmailVerified,
PasswordHash = @PasswordHash,
LoginToken = @LoginToken,
FailedPasswordLock = @FailedPasswordLock,
PasswordAttempts = @PasswordAttempts,
CurrentPasswordAttempts = @CurrentPasswordAttempts,
Role = @Role,
EmailToken = @EmailToken,
EmailTokenCreation = @EmailTokenCreation,
PasswordToken = @PasswordToken,
PasswordTokenCreation = @PasswordTokenCreation,
DataServer = @DataServer;
";
@@ -139,12 +145,14 @@ namespace Auth.Services.DatabaseService {
cmd.Parameters.AddWithValue("@Email", Profile.Email);
cmd.Parameters.AddWithValue("@EmailVerified", Profile.EmailVerified);
cmd.Parameters.AddWithValue("@PasswordHash", Profile.PasswordHash);
cmd.Parameters.AddWithValue("@LoginToken", Profile.LoginToken.ToByteArray());
cmd.Parameters.AddWithValue("@FailedPasswordLock", Profile.FailedPasswordLock);
cmd.Parameters.AddWithValue("@PasswordAttempts", Profile.PasswordAttempts);
cmd.Parameters.AddWithValue("@CurrentPasswordAttempts", Profile.CurrentPasswordAttempts);
cmd.Parameters.AddWithValue("@Role", Profile.Role);
cmd.Parameters.AddWithValue("@EmailToken", Profile.EmailToken);
cmd.Parameters.AddWithValue("@EmailTokenCreation", Profile.EmailTokenCreated);
cmd.Parameters.AddWithValue("@PasswordToken", Profile.PasswordToken);
cmd.Parameters.AddWithValue("@PasswordTokenCreation", Profile.PasswordTokenCreated);
cmd.Parameters.AddWithValue("@DataServer", Profile.DataServer);
await cmd.ExecuteNonQueryAsync();