Passwords are now stored as Whirlpool hashes and are converted to such when a player logs in. New /toggle options
This commit is contained in:
parent
714bcd1e29
commit
662794d69d
|
@ -70,7 +70,6 @@ public class CommandHandler
|
|||
String addr = player.getAddress().getAddress().getHostAddress();
|
||||
Server server = plugin.getServer();
|
||||
server.dispatchCommand(((CraftServer)server).getServer().console, "ban-ip " + addr);
|
||||
//server.dispatchCommand(((CraftServer)server).getServer().console, "kick " + player.getName());
|
||||
player.kickPlayer(xAuth.strings.getString("login.err.kick"));
|
||||
plugin.clearStrikes(player);
|
||||
System.out.println("[" + pdfFile.getName() + "] " + addr + " banned by Strike system");
|
||||
|
@ -165,56 +164,42 @@ public class CommandHandler
|
|||
}
|
||||
else if (cmd.getName().equalsIgnoreCase("toggle"))
|
||||
{
|
||||
Boolean canToggleReg = plugin.canUseCommand(player, "xauth.admin.toggle.reg");
|
||||
Boolean canTogglePw = plugin.canUseCommand(player, "xauth.admin.toggle.changepw");
|
||||
Boolean canToggleSave = plugin.canUseCommand(player, "xauth.admin.toggle.autosave");
|
||||
|
||||
if (canToggleReg || canTogglePw || canToggleSave)
|
||||
if (plugin.canUseCommand(player, "xauth.admin.toggle"))
|
||||
{
|
||||
if (args.length != 1)
|
||||
player.sendMessage(xAuth.strings.getString("toggle.usage"));
|
||||
else if (args[0].equalsIgnoreCase("reg"))
|
||||
String node = null;
|
||||
|
||||
if (args.length < 1)
|
||||
{
|
||||
if (!canToggleReg)
|
||||
player.sendMessage(xAuth.strings.getString("toggle.err.permission"));
|
||||
else
|
||||
{
|
||||
Boolean b = xAuth.settings.getBool("registration.enabled");
|
||||
xAuth.settings.updateValue("registration.enabled", (b ? false : true));
|
||||
player.sendMessage(xAuth.strings.getString("toggle.success.reg",
|
||||
(b ? xAuth.strings.getString("misc.disabled") : xAuth.strings.getString("misc.enabled"))));
|
||||
System.out.println("[" + pdfFile.getName() + "] " + player.getName() + " has " + (b ? "disabled" : "enabled") + " registrations");
|
||||
}
|
||||
|
||||
player.sendMessage(xAuth.strings.getString("toggle.usage"));
|
||||
return;
|
||||
}
|
||||
|
||||
if (args[0].equalsIgnoreCase("reg"))
|
||||
node = "registration.enabled";
|
||||
else if (args[0].equalsIgnoreCase("changepw"))
|
||||
{
|
||||
if (!canTogglePw)
|
||||
player.sendMessage(xAuth.strings.getString("toggle.err.permission"));
|
||||
else
|
||||
{
|
||||
Boolean b = xAuth.settings.getBool("misc.allow-changepw");
|
||||
xAuth.settings.updateValue("misc.allow-changepw", (b ? false : true));
|
||||
player.sendMessage(xAuth.strings.getString("toggle.success.pw",
|
||||
(b ? xAuth.strings.getString("misc.disabled") : xAuth.strings.getString("misc.enabled"))));
|
||||
System.out.println("[" + pdfFile.getName() + "] " + player.getName() + " has " + (b ? "disabled" : "enabled") + " password changes");
|
||||
}
|
||||
}
|
||||
node = "misc.allow-changepw";
|
||||
else if (args[0].equalsIgnoreCase("autosave"))
|
||||
{
|
||||
if (!canToggleSave)
|
||||
player.sendMessage(xAuth.strings.getString("toggle.err.permission"));
|
||||
else
|
||||
{
|
||||
Boolean b = xAuth.settings.getBool("misc.autosave");
|
||||
xAuth.settings.updateValue("misc.autosave", (b ? false : true));
|
||||
player.sendMessage(xAuth.strings.getString("toggle.success.save",
|
||||
(b ? xAuth.strings.getString("misc.disabled") : xAuth.strings.getString("misc.enabled"))));
|
||||
System.out.println("[" + pdfFile.getName() + "] " + player.getName() + " has " + (b ? "disabled" : "enabled") + " autosave");
|
||||
}
|
||||
}
|
||||
node = "misc.autosave";
|
||||
else if (args[0].equalsIgnoreCase("filter"))
|
||||
node = "security.filter.enabled";
|
||||
else if (args[0].equalsIgnoreCase("blankname"))
|
||||
node = "security.filter.blankname";
|
||||
else if (args[0].equalsIgnoreCase("verifyip"))
|
||||
node = "session.verifyip";
|
||||
else if (args[0].equalsIgnoreCase("strike"))
|
||||
node = "login.strikes.enabled";
|
||||
else if (args[0].equalsIgnoreCase("forcereg"))
|
||||
node = "registration.forced";
|
||||
else
|
||||
{
|
||||
player.sendMessage(xAuth.strings.getString("toggle.usage"));
|
||||
return;
|
||||
}
|
||||
|
||||
Boolean b = xAuth.settings.getBool(node);
|
||||
xAuth.settings.updateValue(node, (b ? false : true));
|
||||
player.sendMessage(xAuth.strings.getString("toggle.success",
|
||||
(b ? xAuth.strings.getString("misc.disabled") : xAuth.strings.getString("misc.enabled"))));
|
||||
}
|
||||
}
|
||||
else if (cmd.getName().equalsIgnoreCase("logout"))
|
||||
|
@ -299,28 +284,39 @@ public class CommandHandler
|
|||
plugin.reload();
|
||||
else if (cmd.getName().equalsIgnoreCase("toggle"))
|
||||
{
|
||||
if (args.length != 1)
|
||||
System.out.println("Correct Usage: /toggle <reg|changepw|autosave>");
|
||||
else if (args[0].equalsIgnoreCase("reg"))
|
||||
String node = null;
|
||||
|
||||
if (args.length < 1)
|
||||
{
|
||||
Boolean b = xAuth.settings.getBool("registration.enabled");
|
||||
xAuth.settings.updateValue("registration.enabled", (b ? false : true));
|
||||
System.out.println("[" + pdfFile.getName() + "] Registrations are now " + (b ? "disabled" : "enabled"));
|
||||
System.out.println("[" + pdfFile.getName() + "] Correct Usage: /toggle <reg|changepw|autosave|filter|blankname|verifyip|strike|forcereg>");
|
||||
return;
|
||||
}
|
||||
|
||||
if (args[0].equalsIgnoreCase("reg"))
|
||||
node = "registration.enabled";
|
||||
else if (args[0].equalsIgnoreCase("changepw"))
|
||||
{
|
||||
Boolean b = xAuth.settings.getBool("misc.allow-changepw");
|
||||
xAuth.settings.updateValue("misc.allow-changepw", (b ? false : true));
|
||||
System.out.println("[" + pdfFile.getName() + "] Password changes are now " + (b ? "disabled" : "enabled"));
|
||||
}
|
||||
node = "misc.allow-changepw";
|
||||
else if (args[0].equalsIgnoreCase("autosave"))
|
||||
{
|
||||
Boolean b = xAuth.settings.getBool("misc.autosave");
|
||||
xAuth.settings.updateValue("misc.autosave", (b ? false : true));
|
||||
System.out.println("[" + pdfFile.getName() + "] Autosaving of account modifications is now " + (b ? "disabled" : "enabled"));
|
||||
}
|
||||
node = "misc.autosave";
|
||||
else if (args[0].equalsIgnoreCase("filter"))
|
||||
node = "security.filter.enabled";
|
||||
else if (args[0].equalsIgnoreCase("blankname"))
|
||||
node = "security.filter.blankname";
|
||||
else if (args[0].equalsIgnoreCase("verifyip"))
|
||||
node = "session.verifyip";
|
||||
else if (args[0].equalsIgnoreCase("strike"))
|
||||
node = "login.strikes.enabled";
|
||||
else if (args[0].equalsIgnoreCase("forcereg"))
|
||||
node = "registration.forced";
|
||||
else
|
||||
System.out.println("Correct Usage: /toggle <reg|changepw|autosave>");
|
||||
{
|
||||
System.out.println("[" + pdfFile.getName() + "] Correct Usage: /toggle <reg|changepw|autosave|filter|blankname|verifyip|strike|forcereg>");
|
||||
return;
|
||||
}
|
||||
|
||||
Boolean b = xAuth.settings.getBool(node);
|
||||
xAuth.settings.updateValue(node, (b ? false : true));
|
||||
System.out.println("[" + pdfFile.getName() + "] Node " + (b ? "disabled" : "enabled"));
|
||||
}
|
||||
else if (cmd.getName().equalsIgnoreCase("logout"))
|
||||
{
|
||||
|
|
|
@ -12,15 +12,20 @@ public class Strings
|
|||
"register.login", "register.usage", "register.err.disabled", "register.err.registered", "register.err.password",
|
||||
"register.success1", "register.success2", "login.login", "login.usage", "login.err.registered", "login.err.logged",
|
||||
"login.err.password", "login.err.kick", "login.success", "changepw.usage1", "changepw.usage2", "changepw.err.login",
|
||||
"changepw.err.disabled", "changepw.err.registered", "changepw.success.self", "changepw.success.other",
|
||||
"unregister.usage", "unregister.target", "unregister.success", "reload.success", "toggle.usage", "toggle.err.permission",
|
||||
"toggle.success.reg", "toggle.success.pw", "toggle.success.save", "logout.err.session", "logout.success.ended",
|
||||
"logout.success.other", "misc.illegal", "misc.reloaded", "misc.enabled", "misc.disabled", "misc.filterkickmsg",
|
||||
"misc.blankkickmsg"
|
||||
"changepw.err.disabled", "changepw.err.registered", "changepw.success.self", "changepw.success.other",
|
||||
"unregister.usage", "unregister.target", "unregister.success", "reload.success", "toggle.usage", "toggle.success",
|
||||
"logout.err.session", "logout.success.ended", "logout.success.other", "misc.illegal", "misc.reloaded",
|
||||
"misc.enabled", "misc.disabled", "misc.filterkickmsg", "misc.blankkickmsg"
|
||||
};
|
||||
|
||||
private static final String[][] keyUpdates = {};
|
||||
|
||||
private static final String[] keyRemovals =
|
||||
{
|
||||
"toggle.err",
|
||||
"toggle.success",
|
||||
};
|
||||
|
||||
private static Configuration config;
|
||||
private static final ConcurrentHashMap<String, String> defaults = new ConcurrentHashMap<String, String>();
|
||||
private static final ConcurrentHashMap<String, String> strings = new ConcurrentHashMap<String, String>();
|
||||
|
@ -30,9 +35,12 @@ public class Strings
|
|||
config = new Configuration(file);
|
||||
config.load();
|
||||
fillDefaults();
|
||||
|
||||
if (file.exists() && keyUpdates.length > 0)
|
||||
|
||||
if (file.exists())
|
||||
{
|
||||
updateKeys();
|
||||
removeKeys();
|
||||
}
|
||||
|
||||
load();
|
||||
config.save();
|
||||
|
@ -70,11 +78,8 @@ public class Strings
|
|||
|
||||
defaults.put("reload.success", "&e[xAuth] Configuration and Accounts reloaded");
|
||||
|
||||
defaults.put("toggle.usage", "&cCorrect Usage: /toggle <reg|changepw|autosave>");
|
||||
defaults.put("toggle.err.permission", "&cYou aren't allow to toggle that!");
|
||||
defaults.put("toggle.success.reg", "&e[xAuth] Registrations are now %1.");
|
||||
defaults.put("toggle.success.pw", "&e[xAuth] Password changes are now %1.");
|
||||
defaults.put("toggle.success.save", "&e[xAuth] Autosaving of account modifications is now %1.");
|
||||
defaults.put("toggle.usage", "&cCorrect Usage: /toggle <reg|changepw|autosave|filter|blankname|verifyip|strike|forcereg>");
|
||||
defaults.put("toggle.success", "&e[xAuth] Node %1.");
|
||||
|
||||
defaults.put("logout.err.session", "&cThis player does not have an active session.");
|
||||
defaults.put("logout.success.ended", "&cYour session has been terminated. You must log in again.");
|
||||
|
@ -88,6 +93,15 @@ public class Strings
|
|||
defaults.put("misc.blankkickmsg", "Blank names are not allowed.");
|
||||
}
|
||||
|
||||
private void removeKeys()
|
||||
{
|
||||
for (String key : keyRemovals)
|
||||
{
|
||||
if (config.getProperty(key) != null)
|
||||
config.removeProperty(key);
|
||||
}
|
||||
}
|
||||
|
||||
private void updateKeys()
|
||||
{
|
||||
String fromKey, toKey, holder;
|
||||
|
@ -99,7 +113,8 @@ public class Strings
|
|||
toKey = update[1];
|
||||
holder = config.getString(fromKey);
|
||||
config.removeProperty(fromKey);
|
||||
config.setProperty(toKey, holder);
|
||||
if (!toKey.equals(""))
|
||||
config.setProperty(toKey, holder);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -427,7 +427,7 @@ class Whirlpool {
|
|||
}
|
||||
}
|
||||
|
||||
private static String display(byte[] array) {
|
||||
static String display(byte[] array) {
|
||||
char[] val = new char[2*array.length];
|
||||
String hex = "0123456789ABCDEF";
|
||||
for (int i = 0; i < array.length; i++) {
|
||||
|
|
|
@ -206,7 +206,7 @@ public class xAuth extends JavaPlugin
|
|||
//AUTH / REGISTER FUNCTIONS
|
||||
public void addAuth(String pName, String pass)
|
||||
{
|
||||
String hash = md5(pass);
|
||||
String hash = whirlpool(pass);
|
||||
auths.put(pName.toLowerCase(), pName.toLowerCase() + ":" + hash);
|
||||
|
||||
if (settings.getBool("misc.autosave"))
|
||||
|
@ -223,7 +223,7 @@ public class xAuth extends JavaPlugin
|
|||
|
||||
public void changePass(String pName, String pass)
|
||||
{
|
||||
String hash = md5(pass);
|
||||
String hash = whirlpool(pass);
|
||||
|
||||
auths.remove(pName.toLowerCase());
|
||||
auths.put(pName.toLowerCase(), pName.toLowerCase() + ":" + hash);
|
||||
|
@ -271,9 +271,23 @@ public class xAuth extends JavaPlugin
|
|||
|
||||
public Boolean checkPass(Player player, String pass)
|
||||
{
|
||||
String hash = md5(pass);
|
||||
if (auths.get(player.getName().toLowerCase()).equals(player.getName().toLowerCase() + ":" + hash))
|
||||
String account = auths.get(player.getName().toLowerCase());
|
||||
int md5Length = player.getName().length() + 33;
|
||||
String hash;
|
||||
|
||||
if (account.length() == md5Length)
|
||||
hash = md5(pass);
|
||||
else
|
||||
hash = whirlpool(pass);
|
||||
|
||||
if (account.equals(player.getName().toLowerCase() + ":" + hash))
|
||||
{
|
||||
//change pass to whirlpool if md5
|
||||
if (hash.length() == 32)
|
||||
changePass(player.getName(), pass);
|
||||
|
||||
return true;
|
||||
}
|
||||
else
|
||||
return false;
|
||||
}
|
||||
|
@ -281,11 +295,11 @@ public class xAuth extends JavaPlugin
|
|||
public void logout(Player player)
|
||||
{
|
||||
String pName = player.getName();
|
||||
|
||||
|
||||
if (sessionExists(pName))
|
||||
{
|
||||
Session session = sessions.get(pName.toLowerCase());
|
||||
|
||||
|
||||
if (session.isExpired(new Date(session.getLoginTime() + (settings.getInt("session.timeout") * 1000))))
|
||||
removeSession(pName);
|
||||
}
|
||||
|
@ -420,7 +434,7 @@ public class xAuth extends JavaPlugin
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
public Boolean isLoggedIn(Player player)
|
||||
{
|
||||
if (sessionExists(player.getName()))
|
||||
|
@ -433,7 +447,7 @@ public class xAuth extends JavaPlugin
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
public Boolean isSessionValid(Player player)
|
||||
{
|
||||
Session session = sessions.get(player.getName().toLowerCase());
|
||||
|
@ -445,7 +459,7 @@ public class xAuth extends JavaPlugin
|
|||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
public void removeSession(String pName)
|
||||
{
|
||||
pName = pName.toLowerCase();
|
||||
|
@ -499,6 +513,16 @@ public class xAuth extends JavaPlugin
|
|||
|
||||
return null;
|
||||
}
|
||||
|
||||
public String whirlpool(String str)
|
||||
{
|
||||
Whirlpool w = new Whirlpool();
|
||||
byte[] digest = new byte[Whirlpool.DIGESTBYTES];
|
||||
w.NESSIEinit();
|
||||
w.NESSIEadd(str);
|
||||
w.NESSIEfinalize(digest);
|
||||
return Whirlpool.display(digest);
|
||||
}
|
||||
|
||||
public boolean canUseCommand(Player player, String node)
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue