1
0
mirror of https://github.com/moparisthebest/minetest synced 2024-12-23 08:08:47 -05:00
minetest/builtin/game/auth.lua

189 lines
5.3 KiB
Lua
Raw Normal View History

2012-04-01 05:37:41 -04:00
-- Minetest: builtin/auth.lua
--
-- Authentication handler
--
2014-04-27 21:02:48 -04:00
function core.string_to_privs(str, delim)
2012-04-01 05:37:41 -04:00
assert(type(str) == "string")
delim = delim or ','
privs = {}
for _, priv in pairs(string.split(str, delim)) do
privs[priv:trim()] = true
end
return privs
end
2014-04-27 21:02:48 -04:00
function core.privs_to_string(privs, delim)
2012-04-01 05:37:41 -04:00
assert(type(privs) == "table")
delim = delim or ','
list = {}
for priv, bool in pairs(privs) do
if bool then
table.insert(list, priv)
end
end
return table.concat(list, delim)
end
2014-04-27 21:02:48 -04:00
assert(core.string_to_privs("a,b").b == true)
assert(core.privs_to_string({a=true,b=true}) == "a,b")
2012-04-01 05:37:41 -04:00
2014-04-27 21:02:48 -04:00
core.auth_file_path = core.get_worldpath().."/auth.txt"
core.auth_table = {}
2012-04-01 05:37:41 -04:00
local function read_auth_file()
local newtable = {}
2014-04-27 21:02:48 -04:00
local file, errmsg = io.open(core.auth_file_path, 'rb')
2012-04-01 05:37:41 -04:00
if not file then
2014-04-27 21:02:48 -04:00
core.log("info", core.auth_file_path.." could not be opened for reading ("..errmsg.."); assuming new world")
2012-04-01 05:37:41 -04:00
return
end
for line in file:lines() do
if line ~= "" then
local name, password, privilegestring = string.match(line, "([^:]*):([^:]*):([^:]*)")
if not name or not password or not privilegestring then
error("Invalid line in auth.txt: "..dump(line))
end
2014-04-27 21:02:48 -04:00
local privileges = core.string_to_privs(privilegestring)
2012-04-01 05:37:41 -04:00
newtable[name] = {password=password, privileges=privileges}
end
end
io.close(file)
2014-04-27 21:02:48 -04:00
core.auth_table = newtable
core.notify_authentication_modified()
2012-04-01 05:37:41 -04:00
end
local function save_auth_file()
local newtable = {}
-- Check table for validness before attempting to save
2014-04-27 21:02:48 -04:00
for name, stuff in pairs(core.auth_table) do
2012-04-01 05:37:41 -04:00
assert(type(name) == "string")
assert(name ~= "")
assert(type(stuff) == "table")
assert(type(stuff.password) == "string")
assert(type(stuff.privileges) == "table")
end
2014-04-27 21:02:48 -04:00
local file, errmsg = io.open(core.auth_file_path, 'w+b')
2012-04-01 05:37:41 -04:00
if not file then
2014-04-27 21:02:48 -04:00
error(core.auth_file_path.." could not be opened for writing: "..errmsg)
2012-04-01 05:37:41 -04:00
end
2014-04-27 21:02:48 -04:00
for name, stuff in pairs(core.auth_table) do
local privstring = core.privs_to_string(stuff.privileges)
2012-04-01 05:37:41 -04:00
file:write(name..":"..stuff.password..":"..privstring..'\n')
end
io.close(file)
end
read_auth_file()
2014-04-27 21:02:48 -04:00
core.builtin_auth_handler = {
2012-04-01 05:37:41 -04:00
get_auth = function(name)
assert(type(name) == "string")
-- Figure out what password to use for a new player (singleplayer
-- always has an empty password, otherwise use default, which is
-- usually empty too)
local new_password_hash = ""
-- If not in authentication table, return nil
2014-04-27 21:02:48 -04:00
if not core.auth_table[name] then
return nil
2012-04-01 05:37:41 -04:00
end
-- Figure out what privileges the player should have.
-- Take a copy of the privilege table
local privileges = {}
2014-04-27 21:02:48 -04:00
for priv, _ in pairs(core.auth_table[name].privileges) do
2012-04-01 05:37:41 -04:00
privileges[priv] = true
end
-- If singleplayer, give all privileges except those marked as give_to_singleplayer = false
2014-04-27 21:02:48 -04:00
if core.is_singleplayer() then
for priv, def in pairs(core.registered_privileges) do
2012-04-01 05:37:41 -04:00
if def.give_to_singleplayer then
privileges[priv] = true
end
end
-- For the admin, give everything
2014-04-27 21:02:48 -04:00
elseif name == core.setting_get("name") then
for priv, def in pairs(core.registered_privileges) do
2012-04-01 05:37:41 -04:00
privileges[priv] = true
end
end
-- All done
return {
2014-04-27 21:02:48 -04:00
password = core.auth_table[name].password,
2012-04-01 05:37:41 -04:00
privileges = privileges,
}
end,
create_auth = function(name, password)
assert(type(name) == "string")
assert(type(password) == "string")
2014-04-27 21:02:48 -04:00
core.log('info', "Built-in authentication handler adding player '"..name.."'")
core.auth_table[name] = {
2012-04-01 05:37:41 -04:00
password = password,
2014-04-27 21:02:48 -04:00
privileges = core.string_to_privs(core.setting_get("default_privs")),
2012-04-01 05:37:41 -04:00
}
save_auth_file()
end,
set_password = function(name, password)
assert(type(name) == "string")
assert(type(password) == "string")
2014-04-27 21:02:48 -04:00
if not core.auth_table[name] then
core.builtin_auth_handler.create_auth(name, password)
2012-04-01 05:37:41 -04:00
else
2014-04-27 21:02:48 -04:00
core.log('info', "Built-in authentication handler setting password of player '"..name.."'")
core.auth_table[name].password = password
2012-04-01 05:37:41 -04:00
save_auth_file()
end
return true
end,
set_privileges = function(name, privileges)
assert(type(name) == "string")
assert(type(privileges) == "table")
2014-04-27 21:02:48 -04:00
if not core.auth_table[name] then
core.builtin_auth_handler.create_auth(name, core.get_password_hash(name, core.setting_get("default_password")))
2012-04-01 05:37:41 -04:00
end
2014-04-27 21:02:48 -04:00
core.auth_table[name].privileges = privileges
core.notify_authentication_modified(name)
2012-04-01 05:37:41 -04:00
save_auth_file()
end,
reload = function()
read_auth_file()
return true
end,
}
2014-04-27 21:02:48 -04:00
function core.register_authentication_handler(handler)
if core.registered_auth_handler then
error("Add-on authentication handler already registered by "..core.registered_auth_handler_modname)
2012-04-01 05:37:41 -04:00
end
2014-04-27 21:02:48 -04:00
core.registered_auth_handler = handler
core.registered_auth_handler_modname = core.get_current_modname()
2012-04-01 05:37:41 -04:00
end
2014-04-27 21:02:48 -04:00
function core.get_auth_handler()
if core.registered_auth_handler then
return core.registered_auth_handler
2012-04-01 05:37:41 -04:00
end
2014-04-27 21:02:48 -04:00
return core.builtin_auth_handler
2012-04-01 05:37:41 -04:00
end
2014-04-27 21:02:48 -04:00
function core.set_player_password(name, password)
if core.get_auth_handler().set_password then
core.get_auth_handler().set_password(name, password)
2012-04-01 05:37:41 -04:00
end
end
2014-04-27 21:02:48 -04:00
function core.set_player_privs(name, privs)
if core.get_auth_handler().set_privileges then
core.get_auth_handler().set_privileges(name, privs)
2012-04-01 05:37:41 -04:00
end
end
2014-04-27 21:02:48 -04:00
function core.auth_reload()
if core.get_auth_handler().reload then
return core.get_auth_handler().reload()
2012-04-01 05:37:41 -04:00
end
return false
end