ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/deliantra/server/ext/login.ext
(Generate patch)

Comparing deliantra/server/ext/login.ext (file contents):
Revision 1.130 by root, Sun Nov 18 10:00:55 2012 UTC vs.
Revision 1.135 by root, Wed Apr 25 04:58:46 2018 UTC

9CONF MAX_DISCONNECT_TIME = 3600; 9CONF MAX_DISCONNECT_TIME = 3600;
10 10
11our $VALID_LOGIN = qr<^[a-zA-Z0-9][a-zA-Z0-9\-_]{2,19}\z>; 11our $VALID_LOGIN = qr<^[a-zA-Z0-9][a-zA-Z0-9\-_]{2,19}\z>;
12our %LOGIN_LOCK; 12our %LOGIN_LOCK;
13 13
14# utility function to send messages to the client before
15# we have a player object to format them for. does not
16# escape anything.
17sub send_log ($$$) {
18 $_[0]->send_packet ("msg $_[2] log $_[1]");
19}
20
14sub query { 21sub query {
15 my ($ns, $flags, $text) = @_; 22 my ($ns, $flags, $text) = @_;
16 23
17 $ns->query ($flags, $text, Coro::rouse_cb); 24 $ns->query ($flags, $text, Coro::rouse_cb);
18 Coro::rouse_wait 25 Coro::rouse_wait
19} 26}
20 27
21sub can_cleanup { 28sub can_cleanup {
29 # highscore list is not cleared out, rethink
30 # also, admin accounts can be hacked this way, if unused for long.
31 return 0;
32
22 my ($pl, $mtime) = @_; 33 my ($pl, $mtime) = @_;
23 34
24 my $age = time - $mtime; 35 my $age = time - $mtime;
25 my $level = $pl->ob->level; 36 my $level = $pl->ob->level;
26 37
130 if ($token =~ /!!(.*)/) { 141 if ($token =~ /!!(.*)/) {
131 return +(substr $pass, 0, 8) eq pack "H*", $1; 142 return +(substr $pass, 0, 8) eq pack "H*", $1;
132 } elsif ($token =~ /!(.*)/) { 143 } elsif ($token =~ /!(.*)/) {
133 return $pass eq pack "H*", $1; 144 return $pass eq pack "H*", $1;
134 } else { 145 } else {
135 return $token eq crypt $pass, $token; 146 return $token eq encode_password $pass;
136 } 147 }
137} 148}
138 149
139# delete a player directory 150# delete a player directory
140sub nuke_playerdir { 151sub nuke_playerdir {
241 $pl->esrv_new_player; 252 $pl->esrv_new_player;
242 253
243 $pl->{chargen} = "done"; 254 $pl->{chargen} = "done";
244 } 255 }
245 256
257 $ns->update_command_faces;
258
246 $ob->reply (undef, "Welcome to Deliantra!"); 259 $ob->reply (undef, "Welcome to Deliantra!");
247 260
248 if (0 < Coro::AIO::aio_load "$cf::CONFDIR/motd", my $motd) { 261 if (0 < Coro::AIO::aio_load "$cf::CONFDIR/motd", my $motd) {
249 $pl->ns->send_msg ("c/motd" => $motd, cf::NDI_CLEAR); 262 $pl->ns->send_msg ("c/motd" => $motd, cf::NDI_CLEAR);
250 } 263 }
279 $ns->send_packet ("addme_success"); 292 $ns->send_packet ("addme_success");
280 293
281 for (;;) { 294 for (;;) {
282 delete $ns->{login_guard}; 295 delete $ns->{login_guard};
283 296
284 $ns->send_msg (log => 297 send_log $ns,
285 "Please enter your username now. If you are a new user, " 298 "Please enter your username now. If you are a new user, "
286 . "make one up that describes your character best. " 299 . "make one up that describes your character best. "
287 . "Only letters and digits are allowed, though.", 300 . "Only letters and digits are allowed, though.",
288 cf::NDI_BLUE | cf::NDI_REPLY 301 cf::NDI_BLUE | cf::NDI_REPLY
289 ); 302 ;
290 303
291 # read username 304 # read username
292 while () { 305 while () {
293 $user = query $ns, 0, "What is your name? (login names are case-sensitive)\n:"; 306 $user = query $ns, 0, "What is your name? (login names are case-sensitive)\n:";
294 307
295 if ($user =~ $VALID_LOGIN) { 308 if ($user =~ $VALID_LOGIN) {
296 last; 309 last;
297 } else { 310 } else {
298 $ns->send_msg (log => 311 send_log $ns,
299 "Your username contains illegal characters " 312 "Your username contains illegal characters "
300 . "(only a-z, A-Z and 0-9 are allowed), " 313 . "(only a-z, A-Z and 0-9 are allowed), "
301 . "or is not between 3 and 20 characters in length.", 314 . "or is not between 3 and 20 characters in length.",
302 cf::NDI_RED | cf::NDI_REPLY 315 cf::NDI_RED | cf::NDI_REPLY
303 ); 316 ;
304 } 317 }
305 Coro::Timer::sleep 0.4; 318 Coro::Timer::sleep 0.4;
306 } 319 }
307 320
308 $Coro::current->{desc} = "addme($user)"; 321 $Coro::current->{desc} = "addme($user)";
309 322
310 $ns->send_msg (log => 323 send_log $ns,
311 "Welcome $user, please enter your password now. " 324 "Welcome $user, please enter your password now. "
312 . "New users should now choose a password. " 325 . "New users should now choose a password. "
313 . "Anything your client lets you enter is fine.", 326 . "Anything your client lets you enter is fine.",
314 cf::NDI_BLUE | cf::NDI_REPLY 327 cf::NDI_BLUE | cf::NDI_REPLY
315 ); 328 ;
316 329
317 # read password 330 # read password
318 while () { 331 while () {
319 $pass = query $ns, cf::CS_QUERY_HIDEINPUT, "What is your password?\n:"; 332 $pass = query $ns, cf::CS_QUERY_HIDEINPUT, "What is your password?\n:";
320 last if $pass =~ /.../; 333 last if $pass =~ /.../;
321 $ns->send_msg (log => 334 send_log $ns,
322 "Try to use at least three characters as your password please, " 335 "Try to use at least three characters as your password please, "
323 . "that cannot be too much to ask for :)", 336 . "that cannot be too much to ask for :)",
324 cf::NDI_RED | cf::NDI_REPLY 337 cf::NDI_RED | cf::NDI_REPLY
325 ); 338 ;
326 Coro::Timer::sleep 0.4; 339 Coro::Timer::sleep 0.4;
327 } 340 }
328 341
329 $ns->{login_guard} = login_guard $user 342 $ns->{login_guard} = login_guard $user
330 or do { 343 or do {
331 $ns->send_msg (log => 344 send_log $ns,
332 "That user is already logged in (or is logging in)." 345 "That user is already logged in (or is logging in)."
333 . "Chose another, or wait till the other session has ended.", 346 . "Chose another, or wait till the other session has ended.",
334 cf::NDI_RED | cf::NDI_REPLY 347 cf::NDI_RED | cf::NDI_REPLY
335 ); 348 ;
336 next; 349 next;
337 }; 350 };
338 351
339 # try to read the user file and check the password 352 # try to read the user file and check the password
340 if (my $pl = cf::player::find $user) { 353 if (my $pl = cf::player::find $user) {
352 login $pl; 365 login $pl;
353 return; 366 return;
354 } elsif (can_cleanup $pl, $mtime) { 367 } elsif (can_cleanup $pl, $mtime) {
355 Coro::Timer::sleep 1; 368 Coro::Timer::sleep 1;
356 369
357 $ns->send_msg (log => 370 send_log $ns,
358 "Player exists, but password does not match. If this is your account, " 371 "Player exists, but password does not match. If this is your account, "
359 . "please try again. If not, you can now decide to take over this account " 372 . "please try again. If not, you can now decide to take over this account "
360 . "because it has not been in-use for some time.", 373 . "because it has not been in-use for some time.",
361 cf::NDI_RED | cf::NDI_REPLY 374 cf::NDI_RED | cf::NDI_REPLY
362 ); 375 ;
363 376
364 (query $ns, cf::CS_QUERY_SINGLECHAR, "Delete existing account and create a new one (Y/N)?") =~ /^[yY]/ 377 (query $ns, cf::CS_QUERY_SINGLECHAR, "Delete existing account and create a new one (Y/N)?") =~ /^[yY]/
365 or next; 378 or next;
366 379
367 # check if the file hasn't changed 380 # check if the file hasn't changed
372 385
373 # fall through to creation 386 # fall through to creation
374 } else { 387 } else {
375 Coro::Timer::sleep 1; 388 Coro::Timer::sleep 1;
376 389
377 $ns->send_msg (log => 390 send_log $ns,
378 "Wrong username or password. Please try again " 391 "Wrong username or password. Please try again "
379 . "(check for Numlock and other semi-obvious error sources).", 392 . "(check for Numlock and other semi-obvious error sources).",
380 cf::NDI_RED | cf::NDI_REPLY 393 cf::NDI_RED | cf::NDI_REPLY
381 ); 394 ;
382 next; 395 next;
383 } 396 }
384 } else { 397 } else {
385 # unable to load the playerfile: 398 # unable to load the playerfile:
386 # check whether the player dir exists, which means the file is corrupted or 399 # check whether the player dir exists, which means the file is corrupted or
387 # something very similar. 400 # something very similar.
388 if (!aio_stat cf::player::playerdir $user) { 401 if (!aio_stat cf::player::playerdir $user) {
389 $ns->send_msg ( log => 402 send_log $ns,
390 "Unable to retrieve this player. It might be a locked or broken account. " 403 "Unable to retrieve this player. It might be a locked or broken account. "
391 . "If this is your account, ask a dungeon master for assistance. " 404 . "If this is your account, ask a dungeon master for assistance. "
392 . "Otherwise choose a different login name.", 405 . "Otherwise choose a different login name.",
393 cf::NDI_RED | cf::NDI_REPLY 406 cf::NDI_RED | cf::NDI_REPLY
394 ); 407 ;
395 next; 408 next;
396 } 409 }
397 } 410 }
398 411
399 my $pass2 = query $ns, cf::CS_QUERY_HIDEINPUT, "Please type your password again."; 412 my $pass2 = query $ns, cf::CS_QUERY_HIDEINPUT, "Please type your password again.";
400 413
401 if ($pass2 ne $pass) { 414 if ($pass2 ne $pass) {
402 $ns->send_msg (log => 415 send_log $ns,
403 "The passwords do not match, please try again.", 416 "The passwords do not match, please try again.",
404 cf::NDI_RED | cf::NDI_REPLY 417 cf::NDI_RED | cf::NDI_REPLY
405 ); 418 ;
406 Coro::Timer::sleep 0.5; 419 Coro::Timer::sleep 0.5;
407 next; 420 next;
408 } 421 }
409 422
410 last; 423 last;

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines