From e7d14d4687b094a9d3470524118d921806d91a52 Mon Sep 17 00:00:00 2001 From: LittleSheep Date: Fri, 8 Aug 2025 15:42:17 +0800 Subject: [PATCH] :sparkles: Punishment block login and disable account --- DysonNetwork.Pass/Account/Punishment.cs | 1 + DysonNetwork.Pass/Auth/AuthController.cs | 12 +++++++++--- DysonNetwork.Pass/Permission/PermissionService.cs | 2 +- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/DysonNetwork.Pass/Account/Punishment.cs b/DysonNetwork.Pass/Account/Punishment.cs index e92b27c..2231b8a 100644 --- a/DysonNetwork.Pass/Account/Punishment.cs +++ b/DysonNetwork.Pass/Account/Punishment.cs @@ -7,6 +7,7 @@ namespace DysonNetwork.Pass.Account; public enum PunishmentType { + // TODO: impl the permission modification PermissionModification, BlockLogin, DisableAccount diff --git a/DysonNetwork.Pass/Auth/AuthController.cs b/DysonNetwork.Pass/Auth/AuthController.cs index d6baee3..1181c74 100644 --- a/DysonNetwork.Pass/Auth/AuthController.cs +++ b/DysonNetwork.Pass/Auth/AuthController.cs @@ -36,14 +36,20 @@ public class AuthController( var account = await accounts.LookupAccount(request.Account); if (account is null) return NotFound("Account was not found."); + var now = SystemClock.Instance.GetCurrentInstant(); + var punishment = await db.Punishments + .Where(e => e.AccountId == account.Id) + .Where(e => e.Type == PunishmentType.BlockLogin || e.Type == PunishmentType.DisableAccount) + .Where(e => e.ExpiredAt == null || now < e.ExpiredAt) + .FirstOrDefaultAsync(); + if (punishment is not null) return StatusCode(423, punishment); + var ipAddress = HttpContext.Connection.RemoteIpAddress?.ToString(); var userAgent = HttpContext.Request.Headers.UserAgent.ToString(); - var now = Instant.FromDateTimeUtc(DateTime.UtcNow); - // Trying to pick up challenges from the same IP address and user agent var existingChallenge = await db.AuthChallenges - .Where(e => e.Account == account) + .Where(e => e.AccountId == account.Id) .Where(e => e.IpAddress == ipAddress) .Where(e => e.UserAgent == userAgent) .Where(e => e.StepRemain > 0) diff --git a/DysonNetwork.Pass/Permission/PermissionService.cs b/DysonNetwork.Pass/Permission/PermissionService.cs index 0ff2812..a3214b6 100644 --- a/DysonNetwork.Pass/Permission/PermissionService.cs +++ b/DysonNetwork.Pass/Permission/PermissionService.cs @@ -39,7 +39,7 @@ public class PermissionService( var (hit, cachedValue) = await cache.GetAsyncWithStatus(cacheKey); if (hit) return cachedValue; - + var now = SystemClock.Instance.GetCurrentInstant(); var groupsKey = _GetGroupsCacheKey(actor);