refactor(sql): migrate authentication from sql to C#

Databases/MSSQL/UpdateScripts/20230607UpdateFrom20230304to20230607.sql

@@ -0,0 +1,76 @@
+USE OpenWorldServer
+GO
+
+UPDATE OWSVersion SET OWSDBVersion='20230607'
+GO
+
+SELECT OWSDBVersion FROM OWSVersion
+GO
+
+ALTER PROCEDURE [dbo].[AddNewCustomer]
+(
+	@CustomerName varchar(50),
+	@Email nvarchar(256),
+	@CustomerGUID uniqueidentifier = NULL
+)
+AS
+BEGIN
+
+BEGIN TRY
+BEGIN TRANSACTION
+
+    IF @CustomerGUID IS NULL
+BEGIN
+	    SET @CustomerGUID = NEWID()
+END
+
+   IF EXISTS(SELECT 1 FROM Customers WHERE CustomerGUID = @CustomerGUID)
+BEGIN
+      RAISERROR('Customer with specified GUID already exists.', 16, 10);
+END
+
+INSERT INTO Customers (CustomerGUID, CustomerName, CustomerEmail, CustomerPhone, CustomerNotes, EnableDebugLogging)
+VALUES (@CustomerGUID, @CustomerName, @Email, '', '', 1)
+
+    INSERT INTO WorldSettings (CustomerGUID, StartTime)
+    SELECT CustomerGUID, convert(float, datediff(dd, '1970-01-01', GETUTCDATE()))*24*3600 + datediff(ss, dateadd(dd, datediff(dd, 0, GETUTCDATE()), 0), GETUTCDATE())
+    FROM Customers C
+    WHERE C.CustomerGUID = @CustomerGUID
+
+	INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+	VALUES (@CustomerGUID, 'ThirdPersonExampleMap','ThirdPersonExampleMap', NULL, 1, 1)
+	INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+	VALUES (@CustomerGUID, 'Map2','Map2', NULL, 1, 1)
+	INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+	VALUES (@CustomerGUID, 'DungeonMap','DungeonMap', NULL, 1, 1)
+	INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+	VALUES (@CustomerGUID, 'FourZoneMap','Zone1', NULL, 1, 1)
+	INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+	VALUES (@CustomerGUID, 'FourZoneMap','Zone2', NULL, 1, 1)
+
+	DECLARE @ClassID int
+
+	INSERT INTO Class (CustomerGUID, ClassName, StartingMapName, X, Y, Z, Perception, Acrobatics, Climb, Stealth, RX, RY, RZ, Spirit, Magic, TeamNumber, Thirst, Hunger, Gold, Score, CharacterLevel, Gender, XP, HitDie, Wounds, Size, weight, MaxHealth, Health, HealthRegenRate, MaxMana, Mana, ManaRegenRate, MaxEnergy, Energy, EnergyRegenRate, MaxFatigue, Fatigue, FatigueRegenRate, MaxStamina, Stamina, StaminaRegenRate, MaxEndurance, Endurance, EnduranceRegenRate, Strength, Dexterity, Constitution, Intellect, Wisdom, Charisma, Agility, Fortitude, Reflex, Willpower, BaseAttack, BaseAttackBonus, AttackPower, AttackSpeed, CritChance, CritMultiplier, Haste, SpellPower, SpellPenetration, Defense, Dodge, Parry, Avoidance, Versatility, Multishot, Initiative, NaturalArmor, PhysicalArmor, BonusArmor, ForceArmor, MagicArmor, Resistance, ReloadSpeed, Range, Speed, Silver, Copper, FreeCurrency, PremiumCurrency, Fame, Alignment, Description)
+	VALUES (@CustomerGUID,'MaleWarrior','ThirdPersonExampleMap',0,0,250,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,1,0,10,0,1,0,100,50,1,100,0,1,100,0,5,100,0,1,0,0,0,0,0,0,10,10,10,10,10,10,0,1,1,1,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,'')
+
+    COMMIT TRAN -- Transaction Success!
+END TRY
+BEGIN CATCH
+IF @@TRANCOUNT > 0
+        ROLLBACK TRAN --RollBack in case of Error
+
+    DECLARE @ErrorMessage NVARCHAR(4000);
+    DECLARE @ErrorSeverity INT;
+    DECLARE @ErrorState INT;
+
+
+SELECT
+        @ErrorMessage=ERROR_MESSAGE(),
+        @ErrorSeverity=ERROR_SEVERITY(),
+        @ErrorState=ERROR_STATE();
+
+RAISERROR(@ErrorMessage, @ErrorSeverity, @ErrorState);
+END CATCH
+
+END
+GO

Databases/MySQL/UpdateScripts/20230607UpdateFrom20230304to20230607.sql

@@ -0,0 +1,66 @@
+UPDATE OWSVersion
+SET OWSDBVersion='20230607'
+WHERE OWSDBVersion IS NOT NULL;
+
+SELECT OWSDBVersion
+FROM OWSVersion;
+
+DELIMITER //
+
+CREATE OR REPLACE PROCEDURE AddNewCustomer(IN _CustomerName VARCHAR(50),
+                                                                       IN _Email VARCHAR(256),
+                                                                       IN _CustomerGUID VARCHAR(36))
+BEGIN
+    DECLARE _Exists CHAR(36);
+
+    IF _CustomerGUID IS NULL THEN
+        SET _CustomerGUID = UUID();
+    END IF;
+
+    SELECT CustomerGUID
+    INTO _Exists
+    FROM Customers C
+    WHERE C.CustomerGUID = _CustomerGUID;
+
+    IF _Exists IS NULL THEN
+
+        INSERT INTO Customers (CustomerGUID, CustomerName, CustomerEmail, CustomerPhone, CustomerNotes, EnableDebugLogging)
+        VALUES (_CustomerGUID, _CustomerName, _Email, '', '', TRUE);
+
+        INSERT INTO WorldSettings (CustomerGUID, StartTime)
+        SELECT _CustomerGUID, CAST(UNIX_TIMESTAMP() AS INTEGER)
+        FROM Customers C
+        WHERE C.CustomerGUID = _CustomerGUID;
+
+        INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+        VALUES (_CustomerGUID, 'ThirdPersonExampleMap', 'ThirdPersonExampleMap', NULL, 1, 1);
+        INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+        VALUES (_CustomerGUID, 'Map2', 'Map2', NULL, 1, 1);
+        INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+        VALUES (_CustomerGUID, 'DungeonMap', 'DungeonMap', NULL, 1, 1);
+        INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+        VALUES (_CustomerGUID, 'FourZoneMap', 'Zone1', NULL, 1, 1);
+        INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+        VALUES (_CustomerGUID, 'FourZoneMap', 'Zone2', NULL, 1, 1);
+
+        INSERT INTO Class (CustomerGUID, ClassName, StartingMapName, X, Y, Z, Perception, Acrobatics, Climb, Stealth, RX,
+                           RY, RZ, Spirit, Magic, TeamNumber, Thirst, Hunger, Gold, Score, CharacterLevel, Gender, XP,
+                           HitDie, Wounds, Size, weight, MaxHealth, Health, HealthRegenRate, MaxMana, Mana, ManaRegenRate,
+                           MaxEnergy, Energy, EnergyRegenRate, MaxFatigue, Fatigue, FatigueRegenRate, MaxStamina, Stamina,
+                           StaminaRegenRate, MaxEndurance, Endurance, EnduranceRegenRate, Strength, Dexterity, Constitution,
+                           Intellect, Wisdom, Charisma, Agility, Fortitude, Reflex, Willpower, BaseAttack, BaseAttackBonus,
+                           AttackPower, AttackSpeed, CritChance, CritMultiplier, Haste, SpellPower, SpellPenetration,
+                           Defense, Dodge, Parry, Avoidance, Versatility, Multishot, Initiative, NaturalArmor,
+                           PhysicalArmor, BonusArmor, ForceArmor, MagicArmor, Resistance, ReloadSpeed, `Range`, Speed,
+                           Silver,
+                           Copper, FreeCurrency, PremiumCurrency, Fame, ALIGNMENT, Description)
+        VALUES (_CustomerGUID, 'MaleWarrior', 'ThirdPersonExampleMap', 0, 0, 250, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0,
+                1, 1, 0, 10, 0, 1, 0, 100, 50, 1, 100, 0, 1, 100, 0, 5, 100, 0, 1, 0, 0, 0, 0, 0, 0, 10, 10, 10, 10, 10, 10,
+                0, 1, 1, 1, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                '');
+    ELSE
+        SELECT 'Customer with specified GUID already exists.';
+    END IF;
+END;
+
+// DELIMITER ;

Databases/Postgres/UpdateScripts/20230607UpdateFrom20230304to20230607.sql

@@ -0,0 +1,63 @@
+UPDATE OWSVersion
+SET OWSDBVersion='20230607'
+WHERE OWSDBVersion IS NOT NULL;
+
+SELECT OWSDBVersion
+FROM OWSVersion;
+
+ALTER TABLE Users
+ADD Salt NVARCHAR(50) NULL;
+
+CREATE OR REPLACE PROCEDURE addnewcustomer(IN _customername character varying, IN _email character varying, IN _customerguid uuid)
+    LANGUAGE plpgsql
+AS
+$$
+BEGIN
+    IF _CustomerGUID IS NULL THEN
+            _CustomerGUID := gen_random_uuid();
+    END IF;
+
+    IF NOT EXISTS(SELECT
+              FROM Customers
+              WHERE CustomerGUID = _CustomerGUID)
+        THEN
+
+        INSERT INTO Customers (CustomerGUID, CustomerName, CustomerEmail, CustomerPhone, CustomerNotes, EnableDebugLogging)
+        VALUES (_CustomerGUID, _CustomerName, _Email, '', '', TRUE);
+
+        INSERT INTO WorldSettings (CustomerGUID, StartTime)
+        SELECT _CustomerGUID, CAST(EXTRACT(EPOCH FROM CURRENT_TIMESTAMP) AS BIGINT)
+        FROM Customers C
+        WHERE C.CustomerGUID = _CustomerGUID;
+
+        INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+        VALUES (_CustomerGUID, 'ThirdPersonExampleMap', 'ThirdPersonExampleMap', NULL, 1, 1);
+        INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+        VALUES (_CustomerGUID, 'Map2', 'Map2', NULL, 1, 1);
+        INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+        VALUES (_CustomerGUID, 'DungeonMap', 'DungeonMap', NULL, 1, 1);
+        INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+        VALUES (_CustomerGUID, 'FourZoneMap', 'Zone1', NULL, 1, 1);
+        INSERT INTO Maps (CustomerGUID, MapName, ZoneName, MapData, Width, Height)
+        VALUES (_CustomerGUID, 'FourZoneMap', 'Zone2', NULL, 1, 1);
+
+        INSERT INTO CLASS (CustomerGUID, ClassName, StartingMapName, X, Y, Z, Perception, Acrobatics, Climb, Stealth, RX,
+                           RY, RZ, Spirit, Magic, TeamNumber, Thirst, Hunger, Gold, Score, CharacterLevel, Gender, XP,
+                           HitDie, Wounds, Size, weight, MaxHealth, Health, HealthRegenRate, MaxMana, Mana, ManaRegenRate,
+                           MaxEnergy, Energy, EnergyRegenRate, MaxFatigue, Fatigue, FatigueRegenRate, MaxStamina, Stamina,
+                           StaminaRegenRate, MaxEndurance, Endurance, EnduranceRegenRate, Strength, Dexterity, Constitution,
+                           Intellect, Wisdom, Charisma, Agility, Fortitude, Reflex, Willpower, BaseAttack, BaseAttackBonus,
+                           AttackPower, AttackSpeed, CritChance, CritMultiplier, Haste, SpellPower, SpellPenetration,
+                           Defense, Dodge, Parry, Avoidance, Versatility, Multishot, Initiative, NaturalArmor,
+                           PhysicalArmor, BonusArmor, ForceArmor, MagicArmor, Resistance, ReloadSpeed, RANGE, Speed, Silver,
+                           Copper, FreeCurrency, PremiumCurrency, Fame, ALIGNMENT, Description)
+        VALUES (_CustomerGUID, 'MaleWarrior', 'ThirdPersonExampleMap', 0, 0, 250, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0,
+                1, 1, 0, 10, 0, 1, 0, 100, 50, 1, 100, 0, 1, 100, 0, 5, 100, 0, 1, 0, 0, 0, 0, 0, 0, 10, 10, 10, 10, 10, 10,
+                0, 1, 1, 1, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                '');
+
+    ELSE
+        RAISE 'Duplicate Customer GUID: %', _CustomerGUID USING ERRCODE = 'unique_violation';
+    END IF;
+END
+$$;

docs/getting-started/database-setup/mssql.md

@@ -62,22 +62,16 @@ DATABASE='mssql'
    (Optional): A specific GUID can be entered as an optional final parameter, after password, in the format of '00000000-0000-0000-0000-000000000000'.
 
    ```sql
-   EXEC [dbo].[AddNewCustomer] 'CustomerName', 'FirstName', 'LastName', 'Email', 'Password'
+   EXEC [dbo].[AddNewCustomer] 'CustomerName', 'Email'
    ```
 
    Be sure to replace the values:
 
     <dl>
         <dt>CustomerName</dt>
         <dd>The nickname or profile name of the customer.</dd>
-        <dt>FirstName</dt>
-        <dd>The firstname of the customer.</dd>
-        <dt>LastName</dt>
-        <dd>The lastname of the customer.</dd>
         <dt>Email</dt>
         <dd>Enter the mail address of the customer.</dd>
-        <dt>Password</dt>
-        <dd>Enter a secure password.</dd>
     </dl>
 
 3. Run the following SQL statment against the Open World Server database to get your **API key**. Save the key for later.

docs/getting-started/database-setup/mysql.md

@@ -52,22 +52,16 @@ nav_order: 1
    (Optional): A specific GUID can be entered as an optional final parameter, after password, in the format of '00000000-0000-0000-0000-000000000000'.
 
    ```sql
-    CALL AddNewCustomer ('CustomerName', 'FirstName', 'LastName', 'Email', 'Password', NULL);
+    CALL AddNewCustomer ('CustomerName', 'Email', NULL);
    ```
 
    Be sure to replace the values:
 
     <dl>
         <dt>CustomerName</dt>
         <dd>The nickname or profile name of the customer.</dd>
-        <dt>FirstName</dt>
-        <dd>The firstname of the customer.</dd>
-        <dt>LastName</dt>
-        <dd>The lastname of the customer.</dd>
         <dt>Email</dt>
         <dd>Enter the mail address of the customer.</dd>
-        <dt>Password</dt>
-        <dd>Enter a secure password.</dd>
     </dl>
 
 3. Run the following SQL statment against the Open World Server database to get your **API key**. Save the key for later.
@@ -77,9 +71,7 @@ nav_order: 1
    ```
 
 ## Additional
-If you are using an external MySQL/MariaDB, you need to ensure that the `ENCRYPT` function works as is available. Consult your database administrator if unsure.
-
-Secondly you need will need to run the following as a SUPER user, or grant your SUPER access to your user.
+If you are using an external MySQL/MariaDB, you need will need to run the following as a SUPER user, or grant your SUPER access to your user.
 
 ```sql
 SET GLOBAL log_bin_trust_function_creators = 1;

docs/getting-started/database-setup/postgres.md

@@ -55,22 +55,16 @@ Notice that we ONLY change the first number to 15432 and not the second number.
    (Optional): Replace NULL with a single-quoted UUID. For example '00000000-0000-0000-0000-000000000000'::uuid
 
    ```sql
-    CALL AddNewCustomer ('CustomerName', 'FirstName', 'LastName', 'Email', 'Password', NULL);
+    CALL AddNewCustomer ('CustomerName', 'Email', NULL);
    ```
 
    Be sure to replace the values:
 
     <dl>
         <dt>CustomerName</dt>
         <dd>The nickname or profile name of the customer.</dd>
-        <dt>FirstName</dt>
-        <dd>The firstname of the customer.</dd>
-        <dt>LastName</dt>
-        <dd>The lastname of the customer.</dd>
         <dt>Email</dt>
         <dd>Enter the mail address of the customer.</dd>
-        <dt>Password</dt>
-        <dd>Enter a secure password.</dd>
     </dl>
 
 3. Run the following SQL statment against the Open World Server database to get your **API key**. Save the key for later.

src/OWSData/OWSData.csproj

@@ -3,10 +3,11 @@
     <TargetFramework>net8.0</TargetFramework>
   </PropertyGroup>
   <ItemGroup>
+    <PackageReference Include="CryptSharp.NET" Version="7.0.1" />
     <PackageReference Include="Dapper" Version="2.1.28" />
     <PackageReference Include="Dapper.Transaction" Version="2.1.24" />
     <PackageReference Include="MongoDB.Driver" Version="2.23.1" />
-    <PackageReference Include="MySql.Data" Version="8.3.0" />
+    <PackageReference Include="MySqlConnector" Version="2.3.7" />
     <PackageReference Include="Npgsql" Version="8.0.1" />
     <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
     <PackageReference Include="Microsoft.EntityFrameworkCore" Version="8.0.1" />

src/OWSData/Repositories/Implementations/MSSQL/InstanceManagementRepository.cs

@@ -247,13 +247,13 @@ public async Task<IEnumerable<GetZoneInstancesForZone>> GetZoneInstancesOfZone(G
 
             using (Connection)
             {
-                var p = new DynamicParameters();
-                p.Add("@CustomerGUID", customerGUID);
-                p.Add("@ZoneName", ZoneName);
+                var paremeters = new DynamicParameters();
+                paremeters.Add("@CustomerGUID", customerGUID);
+                paremeters.Add("@ZoneName", ZoneName);
 
-                output = await Connection.QueryAsync<GetZoneInstancesForZone>("GetZoneInstancesOfZone",
-                    p,
-                    commandType: CommandType.StoredProcedure);
+                output = await Connection.QueryAsync<GetZoneInstancesForZone>(GenericQueries.GetZoneInstancesOfZone,
+                    paremeters,
+                    commandType: CommandType.Text);
             }
 
 
@@ -283,17 +283,30 @@ public async Task<SuccessAndErrorMessage> RegisterLauncher(Guid customerGUID, st
             {
                 using (Connection)
                 {
-                    var p = new DynamicParameters();
-                    p.Add("@CustomerGUID", customerGUID);
-                    p.Add("@ZoneServerGUID", launcherGuid);
-                    p.Add("@ServerIP", serverIp);
-                    p.Add("@MaxNumberOfInstances", maxNumberOfInstances);
-                    p.Add("@InternalServerIP", internalServerIp);
-                    p.Add("@StartingMapInstancePort", startingInstancePort);
-
-                    await Connection.ExecuteAsync(MSSQLQueries.AddOrUpdateWorldServerSQL,
-                        p,
+                    var parameters = new DynamicParameters();
+                    parameters.Add("@CustomerGUID", customerGUID);
+                    parameters.Add("@ZoneServerGUID", launcherGuid);
+                    parameters.Add("@ServerIP", serverIp);
+                    parameters.Add("@MaxNumberOfInstances", maxNumberOfInstances);
+                    parameters.Add("@InternalServerIP", internalServerIp);
+                    parameters.Add("@StartingMapInstancePort", startingInstancePort);
+
+                    var outputWorldServer = await Connection.QuerySingleOrDefaultAsync<WorldServers>(GenericQueries.GetWorldByZoneGUID,
+                        parameters,
                         commandType: CommandType.Text);
+
+                    if (outputWorldServer != null)
+                    {
+                        await Connection.ExecuteAsync(GenericQueries.UpdateWorldServer,
+                            parameters,
+                            commandType: CommandType.Text);
+                    }
+                    else
+                    {
+                        await Connection.ExecuteAsync(GenericQueries.AddWorldServer,
+                            parameters,
+                            commandType: CommandType.Text);
+                    }
                 }
 
                 SuccessAndErrorMessage output = new SuccessAndErrorMessage()