moparisthebest/MoparClassic
1
0
Fork 0
mirror of https://github.com/moparisthebest/MoparClassic synced 2025-02-28 08:21:52 -05:00
Code Issues Releases Wiki Activity

Added Authentication via website w/ config

Browse Source
This commit is contained in:
CodeForFame 2011-05-14 11:12:31 -05:00
parent 089a54eb5b
commit 5fc6663ec2
8 changed files with 67 additions and 214 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
LoginServer/ls.conf
View File

@ -10,4 +10,5 @@
<entry key="lsport">34526</entry>
<entry key="queryip">localhost</entry>
<entry key="queryport">8186</entry>
<entry key="authURL">https://www.moparscape.org/auth.php?field=rscnam</entry>
</properties>

BIN
LoginServer/ls.jar
View File

Binary file not shown.

62
LoginServer/src/org/moparscape/msc/ls/auth/Auth.java Normal file
View File

@ -0,0 +1,62 @@
package org.moparscape.msc.ls.auth;
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import org.moparscape.msc.ls.util.Config;
public class Auth {
public static double version = 1.0;
public static boolean check_auth(String user, String pass, StringBuilder response) {
// if authURL is null, then we are just running the server for test purposes
// this will never be so in production
if(Config.AUTH_URL == null){
response.append("TestUser");
return true;
}
try {
user = URLEncoder.encode(user, "UTF-8");
pass = URLEncoder.encode(pass, "UTF-8");
HttpURLConnection.setFollowRedirects(false);
HttpURLConnection uc = (HttpURLConnection) new URL(Config.AUTH_URL).openConnection();
uc.setRequestMethod("POST");
uc.setDoInput(true);
uc.setDoOutput(true);
uc.setUseCaches(false);
uc.setAllowUserInteraction(false);
uc.setInstanceFollowRedirects(false);
uc.setRequestProperty("User-Agent", "Mozilla/5.0 MoparClassic/" + version);
uc.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
DataOutputStream out = new DataOutputStream(uc.getOutputStream());
out.writeBytes("user=" + user + "&pass=" + pass);
out.flush();
out.close();
BufferedReader in = new BufferedReader(new InputStreamReader(uc.getInputStream()));
String line = in.readLine();
boolean success = line != null && line.equals("YES");
response.append(in.readLine());
in.close();
return success;
} catch (Exception e) {
response.append(e.getMessage());
return false;
}
}
public static void main(String[] args){
Config.AUTH_URL = "https://www.moparscape.org/auth.php?field=";
String user = "CodeForFame";
String pass = "";
StringBuilder sb = new StringBuilder();
System.out.println("success: "+check_auth(user, pass, sb));
System.out.println("message: "+sb.toString());
}
}

55
LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/BanHandler.java.2
View File

@ -1,55 +0,0 @@
package org.rscdaemon.ls.packethandler.loginserver;
import org.rscdaemon.ls.packethandler.PacketHandler;
import org.rscdaemon.ls.Server;
import org.rscdaemon.ls.model.World;
import org.rscdaemon.ls.net.LSPacket;
import org.rscdaemon.ls.net.Packet;
import org.rscdaemon.ls.util.DataConversions;
import org.rscdaemon.ls.packetbuilder.loginserver.ReplyPacketBuilder;
import org.apache.mina.common.IoSession;
import java.sql.ResultSet;
public class BanHandler implements PacketHandler {
private ReplyPacketBuilder builder = new ReplyPacketBuilder();
public void handlePacket(Packet p, IoSession session) throws Exception {
final long uID = ((LSPacket)p).getUID();
boolean banned = ((LSPacket)p).getID() == 4;
long user = p.readLong();
long modhash = p.readLong();
ResultSet result = Server.db.getQuery("SELECT u.group_id, p.playermod, p.owner FROM `users` AS u INNER JOIN `rscd_players` AS p ON p.owner=u.id WHERE p.user=" + user);
if(!result.next()) {
builder.setSuccess(false);
builder.setReply("There is not an account by that username");
}
else if(banned && (result.getInt("group_id") < 3 || result.getInt("playermod") == 1)) {
builder.setSuccess(false);
builder.setReply("You cannot ban a (p)mod or admin!");
}
else if(Server.db.updateQuery("UPDATE `rscd_players` SET `banned`='" + (banned ? "1" : "0") + "' WHERE `user` LIKE '" + user + "'") == 0) {
builder.setSuccess(false);
builder.setReply("There is not an account by that username");
}
else {
World w = Server.getServer().findWorld(user);
if(w != null) {
w.getActionSender().logoutUser(user);
}
if(banned) Server.db.updateQuery("INSERT `rscd_banlog` VALUES('" + user + "','" + modhash + "','" + (System.currentTimeMillis() / 1000) + "')");
builder.setSuccess(true);
builder.setReply(DataConversions.hashToUsername(user) + " has been " + (banned ? "banned" : "unbanned"));
}
builder.setUID(uID);
LSPacket temp = builder.getPacket();
if(temp != null) {
session.write(temp);
}
}
}

68
LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/BanHandler.java.autothread
View File

@ -1,68 +0,0 @@
package org.rscdaemon.ls.packethandler.loginserver;
import org.rscdaemon.ls.packethandler.PacketHandler;
import org.rscdaemon.ls.Server;
import org.rscdaemon.ls.model.World;
import org.rscdaemon.ls.net.LSPacket;
import org.rscdaemon.ls.net.Packet;
import org.rscdaemon.ls.util.DataConversions;
import org.rscdaemon.ls.packetbuilder.loginserver.ReplyPacketBuilder;
import org.apache.mina.common.IoSession;
import java.sql.ResultSet;
public class BanHandler implements PacketHandler {
private ReplyPacketBuilder builder = new ReplyPacketBuilder();
public void handlePacket(Packet p, IoSession session) throws Exception {
final long uID = ((LSPacket)p).getUID();
boolean banned = ((LSPacket)p).getID() == 4;
long user = p.readLong();
long modhash = p.readLong();
ResultSet result = Server.db.getQuery("SELECT u.group_id, p.playermod, p.owner FROM `users` AS u INNER JOIN `rscd_players` AS p ON p.owner=u.id WHERE p.user=" + user);
if(!result.next()) {
builder.setSuccess(false);
builder.setReply("There is not an account by that username");
}
else if(banned && (result.getInt("group_id") < 3 || result.getInt("playermod") == 1)) {
builder.setSuccess(false);
builder.setReply("You cannot ban a (p)mod or admin!");
}
else if(Server.db.updateQuery("UPDATE `rscd_players` SET `banned`='" + (banned ? "1" : "0") + "' WHERE `user` LIKE '" + user + "'") == 0) {
builder.setSuccess(false);
builder.setReply("There is not an account by that username");
}
else {
World w = Server.getServer().findWorld(user);
if(w != null) {
w.getActionSender().logoutUser(user);
}
if(banned) {
String owner = result.getString("owner");
Server.db.updateQuery("INSERT `rscd_banlog` VALUES('" + user + "','" + modhash + "','" + (System.currentTimeMillis() / 1000) + "')");
ResultSet result2 = Server.db.getQuery("SELECT username FROM `users` WHERE id=" + owner);
String username = result2.getString("username");
Server.db.updateQuery("INSERT `topics` (poster, subject, posted, last_post, last_poster, forum_id) VALUES('" + username + "','[" + DataConversions.hashToUsername(user) + "] Banned by [" + DataConversions.hashToUsername(modhash) + "]','" + (System.currentTimeMillis() / 1000) + "','" + (System.currentTimeMillis() / 1000) + "','" + username + "','19')");
ResultSet result3 = Server.db.getQuery("SELECT LAST_INSERT_ID()");
String tid = result3.getString(1);
Server.db.updateQuery("INSERT `posts` (poster, poster_ip, poster_email, message, hide_smilies, posted, topic_id) VALUES('" + username + "','0.0.0.0','null@null.org', This thread will close in 24h, post in here if you are the account owner.','1','" + (System.currentTimeMillis() / 1000) + "','" + tid + "')");
ResultSet result4 = Server.db.getQuery("SELECT LAST_INSERT_ID()");
String pid = result4.getString(1);
Server.db.updateQuery("UPDATE `posts` SET last_post_id=`" + pid + "` WHERE id=`" + tid + "`");
}
builder.setSuccess(true);
builder.setReply(DataConversions.hashToUsername(user) + " has been " + (banned ? "banned" : "unbanned"));
}
builder.setUID(uID);
LSPacket temp = builder.getPacket();
if(temp != null) {
session.write(temp);
}
}
}

3
LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/PlayerLoginHandler.java
View File

@ -7,6 +7,7 @@ import java.util.Map.Entry;
import org.apache.mina.common.IoSession;
import org.moparscape.msc.ls.Server;
import org.moparscape.msc.ls.auth.Auth;
import org.moparscape.msc.ls.model.World;
import org.moparscape.msc.ls.net.LSPacket;
import org.moparscape.msc.ls.net.Packet;
@ -71,7 +72,7 @@ public class PlayerLoginHandler implements PacketHandler {
if (!result.next()) {
return 2;
}
if (!pass.equalsIgnoreCase(result.getString("pass"))) {
if (!Auth.check_auth(DataConversions.hashToUsername(user), pass, new StringBuilder())) {
return 2;
}

89
LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/PlayerLoginHandler.java.1
View File

@ -1,89 +0,0 @@
package org.rscdaemon.ls.packethandler.loginserver;
import org.rscdaemon.ls.packethandler.PacketHandler;
import org.rscdaemon.ls.Server;
import org.rscdaemon.ls.model.World;
import org.rscdaemon.ls.net.LSPacket;
import org.rscdaemon.ls.net.Packet;
import org.rscdaemon.ls.util.DataConversions;
import org.rscdaemon.ls.packetbuilder.loginserver.PlayerLoginPacketBuilder;
import org.apache.mina.common.IoSession;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Map.Entry;
public class PlayerLoginHandler implements PacketHandler {
private PlayerLoginPacketBuilder builder = new PlayerLoginPacketBuilder();
public void handlePacket(Packet p, IoSession session) throws Exception {
final long uID = ((LSPacket)p).getUID();
World world = (World)session.getAttachment();
long user = p.readLong();
String ip = DataConversions.IPToString(p.readLong());
String pass = p.readString(32).trim();
String className = p.readString();
byte loginCode = validatePlayer(user, pass, ip);
builder.setUID(uID);
if(loginCode == 0 || loginCode == 1 || loginCode == 99) {
// if(!className.equals("ORG.RSCDAEMON.CLIENT.MUDCLIENT")) {
// System.out.println(DataConversions.hashToUsername(user) + " was caught by a trap");
// try { Server.db.updateQuery("INSERT INTO `rscd_traps`(`user`, `time`, `ip`, `details`) VALUES('" + user + "', '" + (int)(System.currentTimeMillis() / 1000) + "', '" + ip + "', 'Unknown main class: \"" + className +"\"')"); } catch(Exception e) { }
// }
builder.setPlayer(Server.getServer().findSave(user, world), loginCode);
world.registerPlayer(user, ip);
}
else {
builder.setPlayer(null, loginCode);
}
LSPacket packet = builder.getPacket();
if(packet != null) {
session.write(packet);
}
}
private byte validatePlayer(long user, String pass, String ip) {
Server server = Server.getServer();
byte returnVal = 0;
try {
ResultSet result = Server.db.getQuery("SELECT r.pass, r.banned, r.owner, u.group_id, b.id AS b_id FROM `rscd_players` AS r INNER JOIN `users` AS u ON u.id=r.owner LEFT JOIN `bans` AS b on (b.username LIKE u.username OR b.ip LIKE '" + ip + "') WHERE `user`=" + user);
if(!result.next() || !pass.equalsIgnoreCase(result.getString("pass"))) {
System.out.println(result.getString("pass"));
return 2;
}
if(result.getInt("banned") == 1 || result.getInt("b_id") != 0) {
return 6;
}
if(result.getInt("group_id") == 1 || result.getInt("group_id") == 2) {
returnVal = 99;
}
int owner = result.getInt("owner");
for(World w : server.getWorlds()) {
for(Entry<Long, Integer> player : w.getPlayers()) {
if(player.getKey() == user) {
return 3;
}
if(player.getValue() == owner) {
return 9;
}
}
if(w.hasPlayer(user)) {
return 3;
}
}
return returnVal;
}
catch(SQLException e) {
System.out.println("Exception in PlayerLoginHandler :" + e.getMessage());
//System.out.println(e.getMessage(), e);
return 7;
}
}
}

3
LoginServer/src/org/moparscape/msc/ls/util/Config.java
View File

@ -12,7 +12,7 @@ import java.util.Properties;
public class Config {
public static int LS_PORT, QUERY_PORT;
public static String RSCDLS_HOME, CONF_DIR, LOG_DIR, MYSQL_HOST, MYSQL_DB, MYSQL_USER, MYSQL_PASS, LS_IP, QUERY_IP;
public static String RSCDLS_HOME, CONF_DIR, LOG_DIR, MYSQL_HOST, MYSQL_DB, MYSQL_USER, MYSQL_PASS, LS_IP, QUERY_IP, AUTH_URL;
public static long START_TIME;
@ -43,6 +43,7 @@ public class Config {
LS_PORT = Integer.parseInt(props.getProperty("lsport"));
QUERY_IP = props.getProperty("queryip");
QUERY_PORT = Integer.parseInt(props.getProperty("queryport"));
AUTH_URL = props.getProperty("authURL", "https://www.moparscape.org/auth.php?field=");
props.clear();
}