diff options
Diffstat (limited to 'src/account-server/accounthandler.cpp')
-rw-r--r-- | src/account-server/accounthandler.cpp | 55 |
1 files changed, 46 insertions, 9 deletions
diff --git a/src/account-server/accounthandler.cpp b/src/account-server/accounthandler.cpp index 39539941..9a3674db 100644 --- a/src/account-server/accounthandler.cpp +++ b/src/account-server/accounthandler.cpp @@ -88,6 +88,7 @@ private: void handleReconnectMessage(AccountClient &client, MessageIn &msg); void handleRegisterMessage(AccountClient &client, MessageIn &msg); void handleUnregisterMessage(AccountClient &client, MessageIn &msg); + void handleRequestRegisterInfoMessage(AccountClient &client, MessageIn &msg); void handleEmailChangeMessage(AccountClient &client, MessageIn &msg); void handlePasswordChangeMessage(AccountClient &client, MessageIn &msg); void handleCharacterCreateMessage(AccountClient &client, MessageIn &msg); @@ -305,17 +306,23 @@ void AccountHandler::handleReconnectMessage(AccountClient &client, MessageIn &ms mTokenCollector.addPendingClient(magic_token, &client); } +bool checkCaptcha(AccountClient &client, std::string captcha) +{ + // TODO + return true; +} + void AccountHandler::handleRegisterMessage(AccountClient &client, MessageIn &msg) { int clientVersion = msg.readLong(); std::string username = msg.readString(); std::string password = msg.readString(); std::string email = msg.readString(); + std::string captcha = msg.readString(); + std::string allowed = Configuration::getValue("account_allowRegister", "1"); int minClientVersion = Configuration::getValue("clientVersion", 0); unsigned minNameLength = Configuration::getValue("account_minNameLength", 4); unsigned maxNameLength = Configuration::getValue("account_maxNameLength", 15); - unsigned minPasswordLength = Configuration::getValue("account_minPasswordLength", 6); - unsigned maxPasswordLength = Configuration::getValue("account_maxPasswordLength", 25); MessageOut reply(APMSG_REGISTER_RESPONSE); @@ -323,6 +330,10 @@ void AccountHandler::handleRegisterMessage(AccountClient &client, MessageIn &msg { reply.writeByte(ERRMSG_FAILURE); } + else if (allowed == "0" or allowed == "false") + { + reply.writeByte(ERRMSG_FAILURE); + } else if (clientVersion < minClientVersion) { reply.writeByte(REGISTER_INVALID_VERSION); @@ -340,11 +351,6 @@ void AccountHandler::handleRegisterMessage(AccountClient &client, MessageIn &msg { reply.writeByte(ERRMSG_INVALID_ARGUMENT); } - else if (password.length() < minPasswordLength || - password.length() > maxPasswordLength) - { - reply.writeByte(ERRMSG_INVALID_ARGUMENT); - } else if (stringFilter->findDoubleQuotes(password)) { reply.writeByte(ERRMSG_INVALID_ARGUMENT); @@ -368,12 +374,17 @@ void AccountHandler::handleRegisterMessage(AccountClient &client, MessageIn &msg { reply.writeByte(REGISTER_EXISTS_EMAIL); } + else if (!checkCaptcha(client, captcha)) + { + reply.writeByte(REGISTER_CAPTCHA_WRONG); + } else { Account *acc = new Account; acc->setName(username); - // We hash the password using the username as salt. - acc->setPassword(sha256(username + password)); + // We set the password + // TODO: apply hashing here and during login + acc->setPassword(password); // We hash email server-side without using a salt. acc->setEmail(sha256(email)); acc->setLevel(AL_PLAYER); @@ -437,6 +448,26 @@ void AccountHandler::handleUnregisterMessage(AccountClient &client, MessageIn &m client.send(reply); } +void AccountHandler::handleRequestRegisterInfoMessage(AccountClient &client, MessageIn &msg) +{ + LOG_INFO("AccountHandler::handleRequestRegisterInfoMessage"); + MessageOut reply(APMSG_REGISTER_INFO_RESPONSE); + std::string allowed = Configuration::getValue("account_allowRegister", "1"); + if (allowed == "0" or allowed == "false") + { + reply.writeByte(false); + reply.writeString(Configuration::getValue( + "account_denyRegisterReason", "")); + } else { + reply.writeByte(true); + reply.writeByte(Configuration::getValue("account_minNameLength", 4)); + reply.writeByte(Configuration::getValue("account_maxNameLength", 16)); + reply.writeString("http://www.server.example/captcha.png"); + reply.writeString("<instructions for solving captcha>"); + } + client.send(reply); +} + void AccountHandler::handleEmailChangeMessage(AccountClient &client, MessageIn &msg) { MessageOut reply(APMSG_EMAIL_CHANGE_RESPONSE); @@ -815,6 +846,12 @@ void AccountHandler::processMessage(NetComputer *comp, MessageIn &message) handleUnregisterMessage(client, message); break; + case PAMSG_REQUEST_REGISTER_INFO : + LOG_DEBUG("Received msg ... REQUEST_REGISTER_INFO"); + handleRequestRegisterInfoMessage(client, message); + break; + + case PAMSG_EMAIL_CHANGE: LOG_DEBUG("Received msg ... PAMSG_EMAIL_CHANGE"); handleEmailChangeMessage(client, message); |