| … | |
… | |
| 9 | CONF MAX_DISCONNECT_TIME = 3600; |
9 | CONF MAX_DISCONNECT_TIME = 3600; |
| 10 | |
10 | |
| 11 | our $VALID_LOGIN = qr<^[a-zA-Z0-9][a-zA-Z0-9\-_]{2,19}\z>; |
11 | our $VALID_LOGIN = qr<^[a-zA-Z0-9][a-zA-Z0-9\-_]{2,19}\z>; |
| 12 | our %LOGIN_LOCK; |
12 | our %LOGIN_LOCK; |
| 13 | |
13 | |
|
|
14 | # utility function to send messages to the client before |
|
|
15 | # we have a player object to format them for. does not |
|
|
16 | # escape anything. |
|
|
17 | sub send_log ($$$) { |
|
|
18 | $_[0]->send_packet ("msg $_[2] log $_[1]"); |
|
|
19 | } |
|
|
20 | |
| 14 | sub query { |
21 | sub query { |
| 15 | my ($ns, $flags, $text) = @_; |
22 | my ($ns, $flags, $text) = @_; |
| 16 | |
23 | |
| 17 | $ns->query ($flags, $text, Coro::rouse_cb); |
24 | $ns->query ($flags, $text, Coro::rouse_cb); |
| 18 | Coro::rouse_wait |
25 | Coro::rouse_wait |
| 19 | } |
26 | } |
| 20 | |
27 | |
| 21 | sub can_cleanup { |
28 | sub can_cleanup { |
|
|
29 | # highscore list is not cleared out, rethink |
|
|
30 | # also, admin accounts can be hacked this way, if unused for long. |
|
|
31 | return 0; |
|
|
32 | |
| 22 | my ($pl, $mtime) = @_; |
33 | my ($pl, $mtime) = @_; |
| 23 | |
34 | |
| 24 | my $age = time - $mtime; |
35 | my $age = time - $mtime; |
| 25 | my $level = $pl->ob->level; |
36 | my $level = $pl->ob->level; |
| 26 | |
37 | |
| … | |
… | |
| 130 | if ($token =~ /!!(.*)/) { |
141 | if ($token =~ /!!(.*)/) { |
| 131 | return +(substr $pass, 0, 8) eq pack "H*", $1; |
142 | return +(substr $pass, 0, 8) eq pack "H*", $1; |
| 132 | } elsif ($token =~ /!(.*)/) { |
143 | } elsif ($token =~ /!(.*)/) { |
| 133 | return $pass eq pack "H*", $1; |
144 | return $pass eq pack "H*", $1; |
| 134 | } else { |
145 | } else { |
| 135 | return $token eq crypt $pass, $token; |
146 | return $token eq encode_password $pass; |
| 136 | } |
147 | } |
| 137 | } |
148 | } |
| 138 | |
149 | |
| 139 | # delete a player directory |
150 | # delete a player directory |
| 140 | sub nuke_playerdir { |
151 | sub nuke_playerdir { |
| … | |
… | |
| 241 | $pl->esrv_new_player; |
252 | $pl->esrv_new_player; |
| 242 | |
253 | |
| 243 | $pl->{chargen} = "done"; |
254 | $pl->{chargen} = "done"; |
| 244 | } |
255 | } |
| 245 | |
256 | |
|
|
257 | $ns->update_command_faces; |
|
|
258 | |
| 246 | $ob->reply (undef, "Welcome to Deliantra!"); |
259 | $ob->reply (undef, "Welcome to Deliantra!"); |
| 247 | |
260 | |
| 248 | if (0 < Coro::AIO::aio_load "$cf::CONFDIR/motd", my $motd) { |
261 | if (0 < Coro::AIO::aio_load "$cf::CONFDIR/motd", my $motd) { |
| 249 | $pl->ns->send_msg ("c/motd" => $motd, cf::NDI_CLEAR); |
262 | $pl->ns->send_msg ("c/motd" => $motd, cf::NDI_CLEAR); |
| 250 | } |
263 | } |
| … | |
… | |
| 279 | $ns->send_packet ("addme_success"); |
292 | $ns->send_packet ("addme_success"); |
| 280 | |
293 | |
| 281 | for (;;) { |
294 | for (;;) { |
| 282 | delete $ns->{login_guard}; |
295 | delete $ns->{login_guard}; |
| 283 | |
296 | |
| 284 | $ns->send_msg (log => |
297 | send_log $ns, |
| 285 | "Please enter your username now. If you are a new user, " |
298 | "Please enter your username now. If you are a new user, " |
| 286 | . "make one up that describes your character best. " |
299 | . "make one up that describes your character best. " |
| 287 | . "Only letters and digits are allowed, though.", |
300 | . "Only letters and digits are allowed, though.", |
| 288 | cf::NDI_BLUE | cf::NDI_REPLY |
301 | cf::NDI_BLUE | cf::NDI_REPLY |
| 289 | ); |
302 | ; |
| 290 | |
303 | |
| 291 | # read username |
304 | # read username |
| 292 | while () { |
305 | while () { |
| 293 | $user = query $ns, 0, "What is your name? (login names are case-sensitive)\n:"; |
306 | $user = query $ns, 0, "What is your name? (login names are case-sensitive)\n:"; |
| 294 | |
307 | |
| 295 | if ($user =~ $VALID_LOGIN) { |
308 | if ($user =~ $VALID_LOGIN) { |
| 296 | last; |
309 | last; |
| 297 | } else { |
310 | } else { |
| 298 | $ns->send_msg (log => |
311 | send_log $ns, |
| 299 | "Your username contains illegal characters " |
312 | "Your username contains illegal characters " |
| 300 | . "(only a-z, A-Z and 0-9 are allowed), " |
313 | . "(only a-z, A-Z and 0-9 are allowed), " |
| 301 | . "or is not between 3 and 20 characters in length.", |
314 | . "or is not between 3 and 20 characters in length.", |
| 302 | cf::NDI_RED | cf::NDI_REPLY |
315 | cf::NDI_RED | cf::NDI_REPLY |
| 303 | ); |
316 | ; |
| 304 | } |
317 | } |
| 305 | Coro::Timer::sleep 0.4; |
318 | Coro::Timer::sleep 0.4; |
| 306 | } |
319 | } |
| 307 | |
320 | |
| 308 | $Coro::current->{desc} = "addme($user)"; |
321 | $Coro::current->{desc} = "addme($user)"; |
| 309 | |
322 | |
| 310 | $ns->send_msg (log => |
323 | send_log $ns, |
| 311 | "Welcome $user, please enter your password now. " |
324 | "Welcome $user, please enter your password now. " |
| 312 | . "New users should now choose a password. " |
325 | . "New users should now choose a password. " |
| 313 | . "Anything your client lets you enter is fine.", |
326 | . "Anything your client lets you enter is fine.", |
| 314 | cf::NDI_BLUE | cf::NDI_REPLY |
327 | cf::NDI_BLUE | cf::NDI_REPLY |
| 315 | ); |
328 | ; |
| 316 | |
329 | |
| 317 | # read password |
330 | # read password |
| 318 | while () { |
331 | while () { |
| 319 | $pass = query $ns, cf::CS_QUERY_HIDEINPUT, "What is your password?\n:"; |
332 | $pass = query $ns, cf::CS_QUERY_HIDEINPUT, "What is your password?\n:"; |
| 320 | last if $pass =~ /.../; |
333 | last if $pass =~ /.../; |
| 321 | $ns->send_msg (log => |
334 | send_log $ns, |
| 322 | "Try to use at least three characters as your password please, " |
335 | "Try to use at least three characters as your password please, " |
| 323 | . "that cannot be too much to ask for :)", |
336 | . "that cannot be too much to ask for :)", |
| 324 | cf::NDI_RED | cf::NDI_REPLY |
337 | cf::NDI_RED | cf::NDI_REPLY |
| 325 | ); |
338 | ; |
| 326 | Coro::Timer::sleep 0.4; |
339 | Coro::Timer::sleep 0.4; |
| 327 | } |
340 | } |
| 328 | |
341 | |
| 329 | $ns->{login_guard} = login_guard $user |
342 | $ns->{login_guard} = login_guard $user |
| 330 | or do { |
343 | or do { |
| 331 | $ns->send_msg (log => |
344 | send_log $ns, |
| 332 | "That user is already logged in (or is logging in)." |
345 | "That user is already logged in (or is logging in)." |
| 333 | . "Chose another, or wait till the other session has ended.", |
346 | . "Chose another, or wait till the other session has ended.", |
| 334 | cf::NDI_RED | cf::NDI_REPLY |
347 | cf::NDI_RED | cf::NDI_REPLY |
| 335 | ); |
348 | ; |
| 336 | next; |
349 | next; |
| 337 | }; |
350 | }; |
| 338 | |
351 | |
| 339 | # try to read the user file and check the password |
352 | # try to read the user file and check the password |
| 340 | if (my $pl = cf::player::find $user) { |
353 | if (my $pl = cf::player::find $user) { |
| … | |
… | |
| 352 | login $pl; |
365 | login $pl; |
| 353 | return; |
366 | return; |
| 354 | } elsif (can_cleanup $pl, $mtime) { |
367 | } elsif (can_cleanup $pl, $mtime) { |
| 355 | Coro::Timer::sleep 1; |
368 | Coro::Timer::sleep 1; |
| 356 | |
369 | |
| 357 | $ns->send_msg (log => |
370 | send_log $ns, |
| 358 | "Player exists, but password does not match. If this is your account, " |
371 | "Player exists, but password does not match. If this is your account, " |
| 359 | . "please try again. If not, you can now decide to take over this account " |
372 | . "please try again. If not, you can now decide to take over this account " |
| 360 | . "because it has not been in-use for some time.", |
373 | . "because it has not been in-use for some time.", |
| 361 | cf::NDI_RED | cf::NDI_REPLY |
374 | cf::NDI_RED | cf::NDI_REPLY |
| 362 | ); |
375 | ; |
| 363 | |
376 | |
| 364 | (query $ns, cf::CS_QUERY_SINGLECHAR, "Delete existing account and create a new one (Y/N)?") =~ /^[yY]/ |
377 | (query $ns, cf::CS_QUERY_SINGLECHAR, "Delete existing account and create a new one (Y/N)?") =~ /^[yY]/ |
| 365 | or next; |
378 | or next; |
| 366 | |
379 | |
| 367 | # check if the file hasn't changed |
380 | # check if the file hasn't changed |
| … | |
… | |
| 372 | |
385 | |
| 373 | # fall through to creation |
386 | # fall through to creation |
| 374 | } else { |
387 | } else { |
| 375 | Coro::Timer::sleep 1; |
388 | Coro::Timer::sleep 1; |
| 376 | |
389 | |
| 377 | $ns->send_msg (log => |
390 | send_log $ns, |
| 378 | "Wrong username or password. Please try again " |
391 | "Wrong username or password. Please try again " |
| 379 | . "(check for Numlock and other semi-obvious error sources).", |
392 | . "(check for Numlock and other semi-obvious error sources).", |
| 380 | cf::NDI_RED | cf::NDI_REPLY |
393 | cf::NDI_RED | cf::NDI_REPLY |
| 381 | ); |
394 | ; |
| 382 | next; |
395 | next; |
| 383 | } |
396 | } |
| 384 | } else { |
397 | } else { |
| 385 | # unable to load the playerfile: |
398 | # unable to load the playerfile: |
| 386 | # check whether the player dir exists, which means the file is corrupted or |
399 | # check whether the player dir exists, which means the file is corrupted or |
| 387 | # something very similar. |
400 | # something very similar. |
| 388 | if (!aio_stat cf::player::playerdir $user) { |
401 | if (!aio_stat cf::player::playerdir $user) { |
| 389 | $ns->send_msg ( log => |
402 | send_log $ns, |
| 390 | "Unable to retrieve this player. It might be a locked or broken account. " |
403 | "Unable to retrieve this player. It might be a locked or broken account. " |
| 391 | . "If this is your account, ask a dungeon master for assistance. " |
404 | . "If this is your account, ask a dungeon master for assistance. " |
| 392 | . "Otherwise choose a different login name.", |
405 | . "Otherwise choose a different login name.", |
| 393 | cf::NDI_RED | cf::NDI_REPLY |
406 | cf::NDI_RED | cf::NDI_REPLY |
| 394 | ); |
407 | ; |
| 395 | next; |
408 | next; |
| 396 | } |
409 | } |
| 397 | } |
410 | } |
| 398 | |
411 | |
| 399 | my $pass2 = query $ns, cf::CS_QUERY_HIDEINPUT, "Please type your password again."; |
412 | my $pass2 = query $ns, cf::CS_QUERY_HIDEINPUT, "Please type your password again."; |
| 400 | |
413 | |
| 401 | if ($pass2 ne $pass) { |
414 | if ($pass2 ne $pass) { |
| 402 | $ns->send_msg (log => |
415 | send_log $ns, |
| 403 | "The passwords do not match, please try again.", |
416 | "The passwords do not match, please try again.", |
| 404 | cf::NDI_RED | cf::NDI_REPLY |
417 | cf::NDI_RED | cf::NDI_REPLY |
| 405 | ); |
418 | ; |
| 406 | Coro::Timer::sleep 0.5; |
419 | Coro::Timer::sleep 0.5; |
| 407 | next; |
420 | next; |
| 408 | } |
421 | } |
| 409 | |
422 | |
| 410 | last; |
423 | last; |
