summaryrefslogtreecommitdiff
path: root/src/account-server/accounthandler.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/account-server/accounthandler.cpp')
-rw-r--r--src/account-server/accounthandler.cpp55
1 files changed, 46 insertions, 9 deletions
diff --git a/src/account-server/accounthandler.cpp b/src/account-server/accounthandler.cpp
index 39539941..9a3674db 100644
--- a/src/account-server/accounthandler.cpp
+++ b/src/account-server/accounthandler.cpp
@@ -88,6 +88,7 @@ private:
void handleReconnectMessage(AccountClient &client, MessageIn &msg);
void handleRegisterMessage(AccountClient &client, MessageIn &msg);
void handleUnregisterMessage(AccountClient &client, MessageIn &msg);
+ void handleRequestRegisterInfoMessage(AccountClient &client, MessageIn &msg);
void handleEmailChangeMessage(AccountClient &client, MessageIn &msg);
void handlePasswordChangeMessage(AccountClient &client, MessageIn &msg);
void handleCharacterCreateMessage(AccountClient &client, MessageIn &msg);
@@ -305,17 +306,23 @@ void AccountHandler::handleReconnectMessage(AccountClient &client, MessageIn &ms
mTokenCollector.addPendingClient(magic_token, &client);
}
+bool checkCaptcha(AccountClient &client, std::string captcha)
+{
+ // TODO
+ return true;
+}
+
void AccountHandler::handleRegisterMessage(AccountClient &client, MessageIn &msg)
{
int clientVersion = msg.readLong();
std::string username = msg.readString();
std::string password = msg.readString();
std::string email = msg.readString();
+ std::string captcha = msg.readString();
+ std::string allowed = Configuration::getValue("account_allowRegister", "1");
int minClientVersion = Configuration::getValue("clientVersion", 0);
unsigned minNameLength = Configuration::getValue("account_minNameLength", 4);
unsigned maxNameLength = Configuration::getValue("account_maxNameLength", 15);
- unsigned minPasswordLength = Configuration::getValue("account_minPasswordLength", 6);
- unsigned maxPasswordLength = Configuration::getValue("account_maxPasswordLength", 25);
MessageOut reply(APMSG_REGISTER_RESPONSE);
@@ -323,6 +330,10 @@ void AccountHandler::handleRegisterMessage(AccountClient &client, MessageIn &msg
{
reply.writeByte(ERRMSG_FAILURE);
}
+ else if (allowed == "0" or allowed == "false")
+ {
+ reply.writeByte(ERRMSG_FAILURE);
+ }
else if (clientVersion < minClientVersion)
{
reply.writeByte(REGISTER_INVALID_VERSION);
@@ -340,11 +351,6 @@ void AccountHandler::handleRegisterMessage(AccountClient &client, MessageIn &msg
{
reply.writeByte(ERRMSG_INVALID_ARGUMENT);
}
- else if (password.length() < minPasswordLength ||
- password.length() > maxPasswordLength)
- {
- reply.writeByte(ERRMSG_INVALID_ARGUMENT);
- }
else if (stringFilter->findDoubleQuotes(password))
{
reply.writeByte(ERRMSG_INVALID_ARGUMENT);
@@ -368,12 +374,17 @@ void AccountHandler::handleRegisterMessage(AccountClient &client, MessageIn &msg
{
reply.writeByte(REGISTER_EXISTS_EMAIL);
}
+ else if (!checkCaptcha(client, captcha))
+ {
+ reply.writeByte(REGISTER_CAPTCHA_WRONG);
+ }
else
{
Account *acc = new Account;
acc->setName(username);
- // We hash the password using the username as salt.
- acc->setPassword(sha256(username + password));
+ // We set the password
+ // TODO: apply hashing here and during login
+ acc->setPassword(password);
// We hash email server-side without using a salt.
acc->setEmail(sha256(email));
acc->setLevel(AL_PLAYER);
@@ -437,6 +448,26 @@ void AccountHandler::handleUnregisterMessage(AccountClient &client, MessageIn &m
client.send(reply);
}
+void AccountHandler::handleRequestRegisterInfoMessage(AccountClient &client, MessageIn &msg)
+{
+ LOG_INFO("AccountHandler::handleRequestRegisterInfoMessage");
+ MessageOut reply(APMSG_REGISTER_INFO_RESPONSE);
+ std::string allowed = Configuration::getValue("account_allowRegister", "1");
+ if (allowed == "0" or allowed == "false")
+ {
+ reply.writeByte(false);
+ reply.writeString(Configuration::getValue(
+ "account_denyRegisterReason", ""));
+ } else {
+ reply.writeByte(true);
+ reply.writeByte(Configuration::getValue("account_minNameLength", 4));
+ reply.writeByte(Configuration::getValue("account_maxNameLength", 16));
+ reply.writeString("http://www.server.example/captcha.png");
+ reply.writeString("<instructions for solving captcha>");
+ }
+ client.send(reply);
+}
+
void AccountHandler::handleEmailChangeMessage(AccountClient &client, MessageIn &msg)
{
MessageOut reply(APMSG_EMAIL_CHANGE_RESPONSE);
@@ -815,6 +846,12 @@ void AccountHandler::processMessage(NetComputer *comp, MessageIn &message)
handleUnregisterMessage(client, message);
break;
+ case PAMSG_REQUEST_REGISTER_INFO :
+ LOG_DEBUG("Received msg ... REQUEST_REGISTER_INFO");
+ handleRequestRegisterInfoMessage(client, message);
+ break;
+
+
case PAMSG_EMAIL_CHANGE:
LOG_DEBUG("Received msg ... PAMSG_EMAIL_CHANGE");
handleEmailChangeMessage(client, message);