… | |
… | |
9 | CONF MAX_DISCONNECT_TIME = 3600; |
9 | CONF MAX_DISCONNECT_TIME = 3600; |
10 | |
10 | |
11 | our $VALID_LOGIN = qr<^[a-zA-Z0-9][a-zA-Z0-9\-_]{2,19}\z>; |
11 | our $VALID_LOGIN = qr<^[a-zA-Z0-9][a-zA-Z0-9\-_]{2,19}\z>; |
12 | our %LOGIN_LOCK; |
12 | our %LOGIN_LOCK; |
13 | |
13 | |
|
|
14 | # utility function to send messages to the client before |
|
|
15 | # we have a player object to format them for. does not |
|
|
16 | # escape anything. |
|
|
17 | sub send_log ($$$) { |
|
|
18 | $_[0]->send_packet ("msg $_[2] log $_[1]"); |
|
|
19 | } |
|
|
20 | |
14 | sub query { |
21 | sub query { |
15 | my ($ns, $flags, $text) = @_; |
22 | my ($ns, $flags, $text) = @_; |
16 | |
23 | |
17 | $ns->query ($flags, $text, Coro::rouse_cb); |
24 | $ns->query ($flags, $text, Coro::rouse_cb); |
18 | Coro::rouse_wait |
25 | Coro::rouse_wait |
19 | } |
26 | } |
20 | |
27 | |
21 | sub can_cleanup { |
28 | sub can_cleanup { |
|
|
29 | # highscore list is not cleared out, rethink |
|
|
30 | # also, admin accounts can be hacked this way, if unused for long. |
|
|
31 | return 0; |
|
|
32 | |
22 | my ($pl, $mtime) = @_; |
33 | my ($pl, $mtime) = @_; |
23 | |
34 | |
24 | my $age = time - $mtime; |
35 | my $age = time - $mtime; |
25 | my $level = $pl->ob->level; |
36 | my $level = $pl->ob->level; |
26 | |
37 | |
… | |
… | |
130 | if ($token =~ /!!(.*)/) { |
141 | if ($token =~ /!!(.*)/) { |
131 | return +(substr $pass, 0, 8) eq pack "H*", $1; |
142 | return +(substr $pass, 0, 8) eq pack "H*", $1; |
132 | } elsif ($token =~ /!(.*)/) { |
143 | } elsif ($token =~ /!(.*)/) { |
133 | return $pass eq pack "H*", $1; |
144 | return $pass eq pack "H*", $1; |
134 | } else { |
145 | } else { |
135 | return $token eq crypt $pass, $token; |
146 | return $token eq encode_password $pass; |
136 | } |
147 | } |
137 | } |
148 | } |
138 | |
149 | |
139 | # delete a player directory |
150 | # delete a player directory |
140 | sub nuke_playerdir { |
151 | sub nuke_playerdir { |
… | |
… | |
241 | $pl->esrv_new_player; |
252 | $pl->esrv_new_player; |
242 | |
253 | |
243 | $pl->{chargen} = "done"; |
254 | $pl->{chargen} = "done"; |
244 | } |
255 | } |
245 | |
256 | |
|
|
257 | $ns->update_command_faces; |
|
|
258 | |
246 | $ob->reply (undef, "Welcome to Deliantra!"); |
259 | $ob->reply (undef, "Welcome to Deliantra!"); |
247 | |
260 | |
248 | if (0 < Coro::AIO::aio_load "$cf::CONFDIR/motd", my $motd) { |
261 | if (0 < Coro::AIO::aio_load "$cf::CONFDIR/motd", my $motd) { |
249 | $pl->ns->send_msg ("c/motd" => $motd, cf::NDI_CLEAR); |
262 | $pl->ns->send_msg ("c/motd" => $motd, cf::NDI_CLEAR); |
250 | } |
263 | } |
… | |
… | |
279 | $ns->send_packet ("addme_success"); |
292 | $ns->send_packet ("addme_success"); |
280 | |
293 | |
281 | for (;;) { |
294 | for (;;) { |
282 | delete $ns->{login_guard}; |
295 | delete $ns->{login_guard}; |
283 | |
296 | |
284 | $ns->send_msg (log => |
297 | send_log $ns, |
285 | "Please enter your username now. If you are a new user, " |
298 | "Please enter your username now. If you are a new user, " |
286 | . "make one up that describes your character best. " |
299 | . "make one up that describes your character best. " |
287 | . "Only letters and digits are allowed, though.", |
300 | . "Only letters and digits are allowed, though.", |
288 | cf::NDI_BLUE | cf::NDI_REPLY |
301 | cf::NDI_BLUE | cf::NDI_REPLY |
289 | ); |
302 | ; |
290 | |
303 | |
291 | # read username |
304 | # read username |
292 | while () { |
305 | while () { |
293 | $user = query $ns, 0, "What is your name? (login names are case-sensitive)\n:"; |
306 | $user = query $ns, 0, "What is your name? (login names are case-sensitive)\n:"; |
294 | |
307 | |
295 | if ($user =~ $VALID_LOGIN) { |
308 | if ($user =~ $VALID_LOGIN) { |
296 | last; |
309 | last; |
297 | } else { |
310 | } else { |
298 | $ns->send_msg (log => |
311 | send_log $ns, |
299 | "Your username contains illegal characters " |
312 | "Your username contains illegal characters " |
300 | . "(only a-z, A-Z and 0-9 are allowed), " |
313 | . "(only a-z, A-Z and 0-9 are allowed), " |
301 | . "or is not between 3 and 20 characters in length.", |
314 | . "or is not between 3 and 20 characters in length.", |
302 | cf::NDI_RED | cf::NDI_REPLY |
315 | cf::NDI_RED | cf::NDI_REPLY |
303 | ); |
316 | ; |
304 | } |
317 | } |
305 | Coro::Timer::sleep 0.4; |
318 | Coro::Timer::sleep 0.4; |
306 | } |
319 | } |
307 | |
320 | |
308 | $Coro::current->{desc} = "addme($user)"; |
321 | $Coro::current->{desc} = "addme($user)"; |
309 | |
322 | |
310 | $ns->send_msg (log => |
323 | send_log $ns, |
311 | "Welcome $user, please enter your password now. " |
324 | "Welcome $user, please enter your password now. " |
312 | . "New users should now choose a password. " |
325 | . "New users should now choose a password. " |
313 | . "Anything your client lets you enter is fine.", |
326 | . "Anything your client lets you enter is fine.", |
314 | cf::NDI_BLUE | cf::NDI_REPLY |
327 | cf::NDI_BLUE | cf::NDI_REPLY |
315 | ); |
328 | ; |
316 | |
329 | |
317 | # read password |
330 | # read password |
318 | while () { |
331 | while () { |
319 | $pass = query $ns, cf::CS_QUERY_HIDEINPUT, "What is your password?\n:"; |
332 | $pass = query $ns, cf::CS_QUERY_HIDEINPUT, "What is your password?\n:"; |
320 | last if $pass =~ /.../; |
333 | last if $pass =~ /.../; |
321 | $ns->send_msg (log => |
334 | send_log $ns, |
322 | "Try to use at least three characters as your password please, " |
335 | "Try to use at least three characters as your password please, " |
323 | . "that cannot be too much to ask for :)", |
336 | . "that cannot be too much to ask for :)", |
324 | cf::NDI_RED | cf::NDI_REPLY |
337 | cf::NDI_RED | cf::NDI_REPLY |
325 | ); |
338 | ; |
326 | Coro::Timer::sleep 0.4; |
339 | Coro::Timer::sleep 0.4; |
327 | } |
340 | } |
328 | |
341 | |
329 | $ns->{login_guard} = login_guard $user |
342 | $ns->{login_guard} = login_guard $user |
330 | or do { |
343 | or do { |
331 | $ns->send_msg (log => |
344 | send_log $ns, |
332 | "That user is already logged in (or is logging in)." |
345 | "That user is already logged in (or is logging in)." |
333 | . "Chose another, or wait till the other session has ended.", |
346 | . "Chose another, or wait till the other session has ended.", |
334 | cf::NDI_RED | cf::NDI_REPLY |
347 | cf::NDI_RED | cf::NDI_REPLY |
335 | ); |
348 | ; |
336 | next; |
349 | next; |
337 | }; |
350 | }; |
338 | |
351 | |
339 | # try to read the user file and check the password |
352 | # try to read the user file and check the password |
340 | if (my $pl = cf::player::find $user) { |
353 | if (my $pl = cf::player::find $user) { |
… | |
… | |
352 | login $pl; |
365 | login $pl; |
353 | return; |
366 | return; |
354 | } elsif (can_cleanup $pl, $mtime) { |
367 | } elsif (can_cleanup $pl, $mtime) { |
355 | Coro::Timer::sleep 1; |
368 | Coro::Timer::sleep 1; |
356 | |
369 | |
357 | $ns->send_msg (log => |
370 | send_log $ns, |
358 | "Player exists, but password does not match. If this is your account, " |
371 | "Player exists, but password does not match. If this is your account, " |
359 | . "please try again. If not, you can now decide to take over this account " |
372 | . "please try again. If not, you can now decide to take over this account " |
360 | . "because it has not been in-use for some time.", |
373 | . "because it has not been in-use for some time.", |
361 | cf::NDI_RED | cf::NDI_REPLY |
374 | cf::NDI_RED | cf::NDI_REPLY |
362 | ); |
375 | ; |
363 | |
376 | |
364 | (query $ns, cf::CS_QUERY_SINGLECHAR, "Delete existing account and create a new one (Y/N)?") =~ /^[yY]/ |
377 | (query $ns, cf::CS_QUERY_SINGLECHAR, "Delete existing account and create a new one (Y/N)?") =~ /^[yY]/ |
365 | or next; |
378 | or next; |
366 | |
379 | |
367 | # check if the file hasn't changed |
380 | # check if the file hasn't changed |
… | |
… | |
372 | |
385 | |
373 | # fall through to creation |
386 | # fall through to creation |
374 | } else { |
387 | } else { |
375 | Coro::Timer::sleep 1; |
388 | Coro::Timer::sleep 1; |
376 | |
389 | |
377 | $ns->send_msg (log => |
390 | send_log $ns, |
378 | "Wrong username or password. Please try again " |
391 | "Wrong username or password. Please try again " |
379 | . "(check for Numlock and other semi-obvious error sources).", |
392 | . "(check for Numlock and other semi-obvious error sources).", |
380 | cf::NDI_RED | cf::NDI_REPLY |
393 | cf::NDI_RED | cf::NDI_REPLY |
381 | ); |
394 | ; |
382 | next; |
395 | next; |
383 | } |
396 | } |
384 | } else { |
397 | } else { |
385 | # unable to load the playerfile: |
398 | # unable to load the playerfile: |
386 | # check whether the player dir exists, which means the file is corrupted or |
399 | # check whether the player dir exists, which means the file is corrupted or |
387 | # something very similar. |
400 | # something very similar. |
388 | if (!aio_stat cf::player::playerdir $user) { |
401 | if (!aio_stat cf::player::playerdir $user) { |
389 | $ns->send_msg ( log => |
402 | send_log $ns, |
390 | "Unable to retrieve this player. It might be a locked or broken account. " |
403 | "Unable to retrieve this player. It might be a locked or broken account. " |
391 | . "If this is your account, ask a dungeon master for assistance. " |
404 | . "If this is your account, ask a dungeon master for assistance. " |
392 | . "Otherwise choose a different login name.", |
405 | . "Otherwise choose a different login name.", |
393 | cf::NDI_RED | cf::NDI_REPLY |
406 | cf::NDI_RED | cf::NDI_REPLY |
394 | ); |
407 | ; |
395 | next; |
408 | next; |
396 | } |
409 | } |
397 | } |
410 | } |
398 | |
411 | |
399 | my $pass2 = query $ns, cf::CS_QUERY_HIDEINPUT, "Please type your password again."; |
412 | my $pass2 = query $ns, cf::CS_QUERY_HIDEINPUT, "Please type your password again."; |
400 | |
413 | |
401 | if ($pass2 ne $pass) { |
414 | if ($pass2 ne $pass) { |
402 | $ns->send_msg (log => |
415 | send_log $ns, |
403 | "The passwords do not match, please try again.", |
416 | "The passwords do not match, please try again.", |
404 | cf::NDI_RED | cf::NDI_REPLY |
417 | cf::NDI_RED | cf::NDI_REPLY |
405 | ); |
418 | ; |
406 | Coro::Timer::sleep 0.5; |
419 | Coro::Timer::sleep 0.5; |
407 | next; |
420 | next; |
408 | } |
421 | } |
409 | |
422 | |
410 | last; |
423 | last; |