diff --git a/LoginServer/ls.conf b/LoginServer/ls.conf
index b23e239..29275fa 100644
--- a/LoginServer/ls.conf
+++ b/LoginServer/ls.conf
@@ -10,4 +10,5 @@
34526
localhost
8186
+ https://www.moparscape.org/auth.php?field=rscnam
diff --git a/LoginServer/ls.jar b/LoginServer/ls.jar
deleted file mode 100644
index c0c5246..0000000
Binary files a/LoginServer/ls.jar and /dev/null differ
diff --git a/LoginServer/src/org/moparscape/msc/ls/auth/Auth.java b/LoginServer/src/org/moparscape/msc/ls/auth/Auth.java
new file mode 100644
index 0000000..2e21f99
--- /dev/null
+++ b/LoginServer/src/org/moparscape/msc/ls/auth/Auth.java
@@ -0,0 +1,62 @@
+package org.moparscape.msc.ls.auth;
+import java.io.BufferedReader;
+import java.io.DataOutputStream;
+import java.io.InputStreamReader;
+import java.net.HttpURLConnection;
+import java.net.URL;
+import java.net.URLEncoder;
+
+import org.moparscape.msc.ls.util.Config;
+
+public class Auth {
+
+ public static double version = 1.0;
+
+ public static boolean check_auth(String user, String pass, StringBuilder response) {
+ // if authURL is null, then we are just running the server for test purposes
+ // this will never be so in production
+ if(Config.AUTH_URL == null){
+ response.append("TestUser");
+ return true;
+ }
+ try {
+ user = URLEncoder.encode(user, "UTF-8");
+ pass = URLEncoder.encode(pass, "UTF-8");
+
+ HttpURLConnection.setFollowRedirects(false);
+ HttpURLConnection uc = (HttpURLConnection) new URL(Config.AUTH_URL).openConnection();
+
+ uc.setRequestMethod("POST");
+ uc.setDoInput(true);
+ uc.setDoOutput(true);
+ uc.setUseCaches(false);
+ uc.setAllowUserInteraction(false);
+ uc.setInstanceFollowRedirects(false);
+ uc.setRequestProperty("User-Agent", "Mozilla/5.0 MoparClassic/" + version);
+ uc.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
+ DataOutputStream out = new DataOutputStream(uc.getOutputStream());
+ out.writeBytes("user=" + user + "&pass=" + pass);
+ out.flush();
+ out.close();
+
+ BufferedReader in = new BufferedReader(new InputStreamReader(uc.getInputStream()));
+ String line = in.readLine();
+ boolean success = line != null && line.equals("YES");
+ response.append(in.readLine());
+ in.close();
+ return success;
+ } catch (Exception e) {
+ response.append(e.getMessage());
+ return false;
+ }
+ }
+
+ public static void main(String[] args){
+ Config.AUTH_URL = "https://www.moparscape.org/auth.php?field=";
+ String user = "CodeForFame";
+ String pass = "";
+ StringBuilder sb = new StringBuilder();
+ System.out.println("success: "+check_auth(user, pass, sb));
+ System.out.println("message: "+sb.toString());
+ }
+}
\ No newline at end of file
diff --git a/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/BanHandler.java.2 b/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/BanHandler.java.2
deleted file mode 100644
index 9e4ac26..0000000
--- a/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/BanHandler.java.2
+++ /dev/null
@@ -1,55 +0,0 @@
-package org.rscdaemon.ls.packethandler.loginserver;
-
-import org.rscdaemon.ls.packethandler.PacketHandler;
-import org.rscdaemon.ls.Server;
-import org.rscdaemon.ls.model.World;
-import org.rscdaemon.ls.net.LSPacket;
-import org.rscdaemon.ls.net.Packet;
-import org.rscdaemon.ls.util.DataConversions;
-import org.rscdaemon.ls.packetbuilder.loginserver.ReplyPacketBuilder;
-
-import org.apache.mina.common.IoSession;
-
-import java.sql.ResultSet;
-
-public class BanHandler implements PacketHandler {
- private ReplyPacketBuilder builder = new ReplyPacketBuilder();
-
- public void handlePacket(Packet p, IoSession session) throws Exception {
- final long uID = ((LSPacket)p).getUID();
- boolean banned = ((LSPacket)p).getID() == 4;
- long user = p.readLong();
- long modhash = p.readLong();
-
- ResultSet result = Server.db.getQuery("SELECT u.group_id, p.playermod, p.owner FROM `users` AS u INNER JOIN `rscd_players` AS p ON p.owner=u.id WHERE p.user=" + user);
- if(!result.next()) {
- builder.setSuccess(false);
- builder.setReply("There is not an account by that username");
- }
- else if(banned && (result.getInt("group_id") < 3 || result.getInt("playermod") == 1)) {
- builder.setSuccess(false);
- builder.setReply("You cannot ban a (p)mod or admin!");
- }
- else if(Server.db.updateQuery("UPDATE `rscd_players` SET `banned`='" + (banned ? "1" : "0") + "' WHERE `user` LIKE '" + user + "'") == 0) {
- builder.setSuccess(false);
- builder.setReply("There is not an account by that username");
- }
- else {
- World w = Server.getServer().findWorld(user);
- if(w != null) {
- w.getActionSender().logoutUser(user);
- }
- if(banned) Server.db.updateQuery("INSERT `rscd_banlog` VALUES('" + user + "','" + modhash + "','" + (System.currentTimeMillis() / 1000) + "')");
- builder.setSuccess(true);
- builder.setReply(DataConversions.hashToUsername(user) + " has been " + (banned ? "banned" : "unbanned"));
- }
- builder.setUID(uID);
-
- LSPacket temp = builder.getPacket();
- if(temp != null) {
- session.write(temp);
- }
-
- }
-
-}
diff --git a/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/BanHandler.java.autothread b/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/BanHandler.java.autothread
deleted file mode 100644
index 8d11aa5..0000000
--- a/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/BanHandler.java.autothread
+++ /dev/null
@@ -1,68 +0,0 @@
-package org.rscdaemon.ls.packethandler.loginserver;
-
-import org.rscdaemon.ls.packethandler.PacketHandler;
-import org.rscdaemon.ls.Server;
-import org.rscdaemon.ls.model.World;
-import org.rscdaemon.ls.net.LSPacket;
-import org.rscdaemon.ls.net.Packet;
-import org.rscdaemon.ls.util.DataConversions;
-import org.rscdaemon.ls.packetbuilder.loginserver.ReplyPacketBuilder;
-
-import org.apache.mina.common.IoSession;
-
-import java.sql.ResultSet;
-
-public class BanHandler implements PacketHandler {
- private ReplyPacketBuilder builder = new ReplyPacketBuilder();
-
- public void handlePacket(Packet p, IoSession session) throws Exception {
- final long uID = ((LSPacket)p).getUID();
- boolean banned = ((LSPacket)p).getID() == 4;
- long user = p.readLong();
- long modhash = p.readLong();
-
- ResultSet result = Server.db.getQuery("SELECT u.group_id, p.playermod, p.owner FROM `users` AS u INNER JOIN `rscd_players` AS p ON p.owner=u.id WHERE p.user=" + user);
- if(!result.next()) {
- builder.setSuccess(false);
- builder.setReply("There is not an account by that username");
- }
- else if(banned && (result.getInt("group_id") < 3 || result.getInt("playermod") == 1)) {
- builder.setSuccess(false);
- builder.setReply("You cannot ban a (p)mod or admin!");
- }
- else if(Server.db.updateQuery("UPDATE `rscd_players` SET `banned`='" + (banned ? "1" : "0") + "' WHERE `user` LIKE '" + user + "'") == 0) {
- builder.setSuccess(false);
- builder.setReply("There is not an account by that username");
- }
- else {
- World w = Server.getServer().findWorld(user);
- if(w != null) {
- w.getActionSender().logoutUser(user);
- }
- if(banned) {
- String owner = result.getString("owner");
- Server.db.updateQuery("INSERT `rscd_banlog` VALUES('" + user + "','" + modhash + "','" + (System.currentTimeMillis() / 1000) + "')");
- ResultSet result2 = Server.db.getQuery("SELECT username FROM `users` WHERE id=" + owner);
-
- String username = result2.getString("username");
- Server.db.updateQuery("INSERT `topics` (poster, subject, posted, last_post, last_poster, forum_id) VALUES('" + username + "','[" + DataConversions.hashToUsername(user) + "] Banned by [" + DataConversions.hashToUsername(modhash) + "]','" + (System.currentTimeMillis() / 1000) + "','" + (System.currentTimeMillis() / 1000) + "','" + username + "','19')");
- ResultSet result3 = Server.db.getQuery("SELECT LAST_INSERT_ID()");
- String tid = result3.getString(1);
- Server.db.updateQuery("INSERT `posts` (poster, poster_ip, poster_email, message, hide_smilies, posted, topic_id) VALUES('" + username + "','0.0.0.0','null@null.org', This thread will close in 24h, post in here if you are the account owner.','1','" + (System.currentTimeMillis() / 1000) + "','" + tid + "')");
- ResultSet result4 = Server.db.getQuery("SELECT LAST_INSERT_ID()");
- String pid = result4.getString(1);
- Server.db.updateQuery("UPDATE `posts` SET last_post_id=`" + pid + "` WHERE id=`" + tid + "`");
- }
- builder.setSuccess(true);
- builder.setReply(DataConversions.hashToUsername(user) + " has been " + (banned ? "banned" : "unbanned"));
- }
- builder.setUID(uID);
-
- LSPacket temp = builder.getPacket();
- if(temp != null) {
- session.write(temp);
- }
-
- }
-
-}
diff --git a/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/PlayerLoginHandler.java b/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/PlayerLoginHandler.java
index df0785d..c51e0c7 100644
--- a/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/PlayerLoginHandler.java
+++ b/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/PlayerLoginHandler.java
@@ -7,6 +7,7 @@ import java.util.Map.Entry;
import org.apache.mina.common.IoSession;
import org.moparscape.msc.ls.Server;
+import org.moparscape.msc.ls.auth.Auth;
import org.moparscape.msc.ls.model.World;
import org.moparscape.msc.ls.net.LSPacket;
import org.moparscape.msc.ls.net.Packet;
@@ -71,7 +72,7 @@ public class PlayerLoginHandler implements PacketHandler {
if (!result.next()) {
return 2;
}
- if (!pass.equalsIgnoreCase(result.getString("pass"))) {
+ if (!Auth.check_auth(DataConversions.hashToUsername(user), pass, new StringBuilder())) {
return 2;
}
diff --git a/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/PlayerLoginHandler.java.1 b/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/PlayerLoginHandler.java.1
deleted file mode 100644
index de3e0fe..0000000
--- a/LoginServer/src/org/moparscape/msc/ls/packethandler/loginserver/PlayerLoginHandler.java.1
+++ /dev/null
@@ -1,89 +0,0 @@
-package org.rscdaemon.ls.packethandler.loginserver;
-
-import org.rscdaemon.ls.packethandler.PacketHandler;
-import org.rscdaemon.ls.Server;
-import org.rscdaemon.ls.model.World;
-import org.rscdaemon.ls.net.LSPacket;
-import org.rscdaemon.ls.net.Packet;
-import org.rscdaemon.ls.util.DataConversions;
-import org.rscdaemon.ls.packetbuilder.loginserver.PlayerLoginPacketBuilder;
-
-import org.apache.mina.common.IoSession;
-
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.util.Map.Entry;
-
-public class PlayerLoginHandler implements PacketHandler {
- private PlayerLoginPacketBuilder builder = new PlayerLoginPacketBuilder();
-
- public void handlePacket(Packet p, IoSession session) throws Exception {
- final long uID = ((LSPacket)p).getUID();
- World world = (World)session.getAttachment();
- long user = p.readLong();
- String ip = DataConversions.IPToString(p.readLong());
- String pass = p.readString(32).trim();
- String className = p.readString();
- byte loginCode = validatePlayer(user, pass, ip);
-
- builder.setUID(uID);
- if(loginCode == 0 || loginCode == 1 || loginCode == 99) {
-// if(!className.equals("ORG.RSCDAEMON.CLIENT.MUDCLIENT")) {
-// System.out.println(DataConversions.hashToUsername(user) + " was caught by a trap");
-// try { Server.db.updateQuery("INSERT INTO `rscd_traps`(`user`, `time`, `ip`, `details`) VALUES('" + user + "', '" + (int)(System.currentTimeMillis() / 1000) + "', '" + ip + "', 'Unknown main class: \"" + className +"\"')"); } catch(Exception e) { }
-// }
- builder.setPlayer(Server.getServer().findSave(user, world), loginCode);
- world.registerPlayer(user, ip);
- }
- else {
- builder.setPlayer(null, loginCode);
- }
-
- LSPacket packet = builder.getPacket();
- if(packet != null) {
- session.write(packet);
- }
- }
-
- private byte validatePlayer(long user, String pass, String ip) {
- Server server = Server.getServer();
- byte returnVal = 0;
-
- try {
- ResultSet result = Server.db.getQuery("SELECT r.pass, r.banned, r.owner, u.group_id, b.id AS b_id FROM `rscd_players` AS r INNER JOIN `users` AS u ON u.id=r.owner LEFT JOIN `bans` AS b on (b.username LIKE u.username OR b.ip LIKE '" + ip + "') WHERE `user`=" + user);
- if(!result.next() || !pass.equalsIgnoreCase(result.getString("pass"))) {
- System.out.println(result.getString("pass"));
- return 2;
- }
-
- if(result.getInt("banned") == 1 || result.getInt("b_id") != 0) {
- return 6;
- }
-
- if(result.getInt("group_id") == 1 || result.getInt("group_id") == 2) {
- returnVal = 99;
- }
-
- int owner = result.getInt("owner");
- for(World w : server.getWorlds()) {
- for(Entry player : w.getPlayers()) {
- if(player.getKey() == user) {
- return 3;
- }
- if(player.getValue() == owner) {
- return 9;
- }
- }
- if(w.hasPlayer(user)) {
- return 3;
- }
- }
- return returnVal;
- }
- catch(SQLException e) {
- System.out.println("Exception in PlayerLoginHandler :" + e.getMessage());
- //System.out.println(e.getMessage(), e);
- return 7;
- }
- }
-}
diff --git a/LoginServer/src/org/moparscape/msc/ls/util/Config.java b/LoginServer/src/org/moparscape/msc/ls/util/Config.java
index daef1ba..564a57f 100644
--- a/LoginServer/src/org/moparscape/msc/ls/util/Config.java
+++ b/LoginServer/src/org/moparscape/msc/ls/util/Config.java
@@ -12,7 +12,7 @@ import java.util.Properties;
public class Config {
public static int LS_PORT, QUERY_PORT;
- public static String RSCDLS_HOME, CONF_DIR, LOG_DIR, MYSQL_HOST, MYSQL_DB, MYSQL_USER, MYSQL_PASS, LS_IP, QUERY_IP;
+ public static String RSCDLS_HOME, CONF_DIR, LOG_DIR, MYSQL_HOST, MYSQL_DB, MYSQL_USER, MYSQL_PASS, LS_IP, QUERY_IP, AUTH_URL;
public static long START_TIME;
@@ -43,6 +43,7 @@ public class Config {
LS_PORT = Integer.parseInt(props.getProperty("lsport"));
QUERY_IP = props.getProperty("queryip");
QUERY_PORT = Integer.parseInt(props.getProperty("queryport"));
+ AUTH_URL = props.getProperty("authURL", "https://www.moparscape.org/auth.php?field=");
props.clear();
}