diff options
author | Stefan Beller <stefanbeller@googlemail.com> | 2011-08-06 03:24:45 +0200 |
---|---|---|
committer | Stefan Beller <stefanbeller@googlemail.com> | 2011-08-10 21:37:24 +0200 |
commit | 0820d6632b0ce5887c49d16929ac7903aa185fe4 (patch) | |
tree | 9e1d0b608b115371b6911a1a5b239a61c1ef7f50 /src/account-server/account.h | |
parent | e10c05a77923093aa2be00b9ca6e5976ca9951e6 (diff) | |
download | manaserv-0820d6632b0ce5887c49d16929ac7903aa185fe4.tar.gz manaserv-0820d6632b0ce5887c49d16929ac7903aa185fe4.tar.bz2 manaserv-0820d6632b0ce5887c49d16929ac7903aa185fe4.tar.xz manaserv-0820d6632b0ce5887c49d16929ac7903aa185fe4.zip |
login with random hash
The account server sends out a random number, which is
additionally used for hashing the password.
Reviewed by Bertram
Diffstat (limited to 'src/account-server/account.h')
-rw-r--r-- | src/account-server/account.h | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/src/account-server/account.h b/src/account-server/account.h index 189e3b59..98794fbf 100644 --- a/src/account-server/account.h +++ b/src/account-server/account.h @@ -78,6 +78,24 @@ class Account const std::string &getPassword() const { return mPassword; } + /** + * Set the random salt. This salt is sent to the client, so the client + * can hash its password with this random salt. + * This will help to protect against replay attacks. + * + * @param the new random salt to be sent out next login + */ + void setRandomSalt(const std::string &salt) + { mRandomSalt = salt; } + + + /** + * Get the user random salt. + * + * @return the random salt used for next login. + */ + const std::string &getRandomSalt() const + { return mRandomSalt; } /** * Set the user email address. The email address is expected to be @@ -204,6 +222,8 @@ class Account std::string mName; /**< User name */ std::string mPassword; /**< User password (hashed with salt) */ + std::string mRandomSalt; /**< A random sequence sent to client to + protect against replay attacks.*/ std::string mEmail; /**< User email address (hashed) */ Characters mCharacters; /**< Character data */ int mID; /**< Unique id */ |