ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/deliantra/server/ext/login.ext
(Generate patch)

Comparing deliantra/server/ext/login.ext (file contents):
Revision 1.127 by root, Sat Nov 17 12:00:31 2012 UTC vs.
Revision 1.136 by root, Sun Nov 18 15:19:48 2018 UTC

7use Deliantra::Util (); 7use Deliantra::Util ();
8 8
9CONF MAX_DISCONNECT_TIME = 3600; 9CONF MAX_DISCONNECT_TIME = 3600;
10 10
11our $VALID_LOGIN = qr<^[a-zA-Z0-9][a-zA-Z0-9\-_]{2,19}\z>; 11our $VALID_LOGIN = qr<^[a-zA-Z0-9][a-zA-Z0-9\-_]{2,19}\z>;
12our %LOGIN_LOCK;
13
14# utility function to send messages to the client before
15# we have a player object to format them for. does not
16# escape anything.
17sub send_log ($$$) {
18 $_[0]->send_packet ("msg $_[2] log $_[1]");
19}
12 20
13sub query { 21sub query {
14 my ($ns, $flags, $text) = @_; 22 my ($ns, $flags, $text) = @_;
15 23
16 $ns->query ($flags, $text, Coro::rouse_cb); 24 $ns->query ($flags, $text, Coro::rouse_cb);
17 Coro::rouse_wait 25 Coro::rouse_wait
18} 26}
19 27
20sub can_cleanup { 28sub can_cleanup {
29 # highscore list is not cleared out, rethink
30 # also, admin accounts can be hacked this way, if unused for long.
31 return 0;
32
21 my ($pl, $mtime) = @_; 33 my ($pl, $mtime) = @_;
22 34
23 my $age = time - $mtime; 35 my $age = time - $mtime;
24 my $level = $pl->ob->level; 36 my $level = $pl->ob->level;
25 37
27 || ($level <= 9 && $age > 90 * 86400) # 3 months for level 4..9 39 || ($level <= 9 && $age > 90 * 86400) # 3 months for level 4..9
28 || ($level <= 20 && $age > 180 * 86400) # 6 months for level 10..20 40 || ($level <= 20 && $age > 180 * 86400) # 6 months for level 10..20
29 || $age > 700 * 86400 # 2 years for everybody else 41 || $age > 700 * 86400 # 2 years for everybody else
30} 42}
31 43
32sub check_playing { 44# return a guard object for a lock on the given username, if available
45sub login_guard {
33 my ($ns, $user) = @_; 46 my ($user) = @_;
34 47
48 exists $LOGIN_LOCK{$user}
49 and return undef;
50
35 return unless cf::player::find_active $user; 51 cf::player::find_active $user
52 and return undef;
36 53
37 $ns->send_drawinfo ( 54 undef $LOGIN_LOCK{$user};
38 "That player is already logged in on this server. " 55 Guard::guard { delete $LOGIN_LOCK{$user} }
39 . "If you want to create a new player, choose another name. "
40 . "If you have already a registered, make sure nobody "
41 . "else is using your account at this time. If you lost your connection "
42 . "then the server will likely timeout within a minute. If you still "
43 . "cannot log-in after a minute, you are still logged in. Make sure "
44 . "you do not have another client running. If you use windows, reboot, "
45 . "this will fix anything.",
46 cf::NDI_RED
47 );
48
49 1
50} 56}
51 57
52sub safe_spot($) { 58sub safe_spot($) {
53 my ($pl) = @_; 59 my ($pl) = @_;
54 60
92 $ob->message ( 98 $ob->message (
93 "You didn't use a bed to reality to leave this realm, leaving your body in great danger. " 99 "You didn't use a bed to reality to leave this realm, leaving your body in great danger. "
94 . "Unfortunately, nobody was near to help you when the monsters arrived to eat you. " 100 . "Unfortunately, nobody was near to help you when the monsters arrived to eat you. "
95 . "Maybe you can find comfort in the thought that your body was quite satisfying in taste... " 101 . "Maybe you can find comfort in the thought that your body was quite satisfying in taste... "
96 . "H<You disconnected too long without having used a savebed.>", 102 . "H<You disconnected too long without having used a savebed.>",
97 cf::NDI_RED 103 cf::NDI_RED | cf::NDI_REPLY
98 ); 104 );
99 # kill them. 105 # kill them.
100 # reminds me of the famous badness 10000 syndrome... 106 # reminds me of the famous badness 10000 syndrome...
101 $ob->stats->hp (-10000); #] if they survive this they deserved to live 107 $ob->stats->hp (-10000); #] if they survive this they deserved to live
102 my $killer = cf::arch::get "killer_login"; $pl->killer ($killer); $killer->destroy; 108 my $killer = cf::arch::get "killer_login"; $pl->killer ($killer); $killer->destroy;
106 $ob->message ( 112 $ob->message (
107 "You didn't use a bed to reality to leave this realm, leaving your body in great danger. " 113 "You didn't use a bed to reality to leave this realm, leaving your body in great danger. "
108 . "Fortunately, some friendly dwellers found you, checked your passport, and brought you to safety. " 114 . "Fortunately, some friendly dwellers found you, checked your passport, and brought you to safety. "
109 . "Better use a savebed next time, much worse things could have happened... " 115 . "Better use a savebed next time, much worse things could have happened... "
110 . "H<You disconnected without having used a savebed. When you do that for too long, you might die.>", 116 . "H<You disconnected without having used a savebed. When you do that for too long, you might die.>",
111 cf::NDI_RED 117 cf::NDI_RED | cf::NDI_REPLY
112 ); 118 );
113 } 119 }
114 } else { 120 } else {
115 $ob->message ( 121 $ob->message (
116 "You didn't use a bed to reality to leave this realm. This is very dangerous, " 122 "You didn't use a bed to reality to leave this realm. This is very dangerous, "
117 . "as lots of things could happen when you leave by other means, such as cave-ins, " 123 . "as lots of things could happen when you leave by other means, such as cave-ins, "
118 . "or monsters suddenly snapping your body. Better use a savebed next time. " 124 . "or monsters suddenly snapping your body. Better use a savebed next time. "
119 . "H<Always apply a bed of reality to disconnect from the server.>", 125 . "H<Always apply a bed of reality to disconnect from the server.>",
120 cf::NDI_RED 126 cf::NDI_RED | cf::NDI_REPLY
121 ); 127 );
122 } 128 }
123 } 129 }
124 130
125 $ob->goto ($map, $x, $y); 131 $ob->goto ($map, $x, $y);
135 if ($token =~ /!!(.*)/) { 141 if ($token =~ /!!(.*)/) {
136 return +(substr $pass, 0, 8) eq pack "H*", $1; 142 return +(substr $pass, 0, 8) eq pack "H*", $1;
137 } elsif ($token =~ /!(.*)/) { 143 } elsif ($token =~ /!(.*)/) {
138 return $pass eq pack "H*", $1; 144 return $pass eq pack "H*", $1;
139 } else { 145 } else {
140 return $token eq crypt $pass, $token; 146 return $token eq encode_password $pass;
141 } 147 }
142} 148}
143 149
144# delete a player directory 150# delete a player directory
145sub nuke_playerdir { 151sub nuke_playerdir {
158 # handle character creation, if neccessary 164 # handle character creation, if neccessary
159 # the rest of this function is character creation 165 # the rest of this function is character creation
160 166
161 my $ns = $pl->ns; 167 my $ns = $pl->ns;
162 my $ob = $pl->ob; 168 my $ob = $pl->ob;
163
164 $Coro::current->{desc} = "addme(" . $ob->name . ") login";
165 169
166 if ($pl->{chargen} eq "init") { 170 if ($pl->{chargen} eq "init") {
167 $ob->goto ($pl->maplevel, $ob->x, $ob->y); 171 $ob->goto ($pl->maplevel, $ob->x, $ob->y);
168 172
169 # create the playerdir, if necessary, as chargen_race_done did it before 173 # create the playerdir, if necessary, as chargen_race_done did it before
196 } 200 }
197 201
198 Coro::Timer::sleep 0.05; 202 Coro::Timer::sleep 0.05;
199 } 203 }
200 204
201 $ob->set_animation (2); 205 $ob->set_anim_frame (2);
202 $ob->add_statbonus; 206 $ob->add_statbonus;
203 207
204 $pl->{chargen} = "race"; 208 $pl->{chargen} = "race";
205 } 209 }
206 210
248 $pl->esrv_new_player; 252 $pl->esrv_new_player;
249 253
250 $pl->{chargen} = "done"; 254 $pl->{chargen} = "done";
251 } 255 }
252 256
257 $ns->update_command_faces;
258
253 $ob->reply (undef, "Welcome to Deliantra!"); 259 $ob->reply (undef, "Welcome to Deliantra!");
254 260
255 if (0 < Coro::AIO::aio_load "$cf::CONFDIR/motd", my $motd) { 261 if (0 < Coro::AIO::aio_load "$cf::CONFDIR/motd", my $motd) {
256 $pl->ns->send_msg ("c/motd" => $motd, cf::NDI_CLEAR); 262 $pl->ns->send_msg ("c/motd" => $motd, cf::NDI_CLEAR);
257 } 263 }
258} 264}
259 265
260sub chargen { 266sub chargen {
261 my ($ns, $user, $hash) = @_; 267 my ($ns, $user, $hash) = @_;
262
263 # lock again, too lazy to make this nicer
264 local $cf::LOGIN_LOCK{$user} = 1;
265 268
266 # just to make sure nothing is left over 269 # just to make sure nothing is left over
267 # normally, nothing is there. 270 # normally, nothing is there.
268 nuke_playerdir $user; 271 nuke_playerdir $user;
269 272
287 my ($user, $pass); 290 my ($user, $pass);
288 291
289 $ns->send_packet ("addme_success"); 292 $ns->send_packet ("addme_success");
290 293
291 for (;;) { 294 for (;;) {
292 $ns->send_drawinfo ( 295 delete $ns->{login_guard};
296
297 send_log $ns,
293 "Please enter your username now. If you are a new user, " 298 "Please enter your username now. If you are a new user, "
294 . "make one up that describes your character best. " 299 . "make one up that describes your character best. "
295 . "Only letters and digits are allowed, though.", 300 . "Only letters and digits are allowed, though.",
296 cf::NDI_BLUE 301 cf::NDI_BLUE | cf::NDI_REPLY
297 ); 302 ;
298 303
299 # read username 304 # read username
300 while () { 305 while () {
301 $user = query $ns, 0, "What is your name? (login names are case-sensitive)\n:"; 306 $user = query $ns, 0, "What is your name? (login names are case-sensitive)\n:";
302 307
303 if ($cf::LOGIN_LOCK{$user}) {
304 $ns->send_drawinfo (
305 "That username is currently used in another login session. "
306 . "Chose another, or wait till the other session has ended.",
307 cf::NDI_RED
308 );
309 } elsif ($user =~ $VALID_LOGIN) { 308 if ($user =~ $VALID_LOGIN) {
310 last; 309 last;
311 } else { 310 } else {
312 $ns->send_drawinfo ( 311 send_log $ns,
313 "Your username contains illegal characters " 312 "Your username contains illegal characters "
314 . "(only a-z, A-Z and 0-9 are allowed), " 313 . "(only a-z, A-Z and 0-9 are allowed), "
315 . "or is not between 3 and 20 characters in length.", 314 . "or is not between 3 and 20 characters in length.",
316 cf::NDI_RED 315 cf::NDI_RED | cf::NDI_REPLY
317 ); 316 ;
318 } 317 }
319 Coro::Timer::sleep 0.4; 318 Coro::Timer::sleep 0.4;
320 } 319 }
321 320
322 check_playing $ns, $user and next;
323
324 $Coro::current->{desc} = "addme($user) pass"; 321 $Coro::current->{desc} = "addme($user)";
325 322
326 $ns->send_drawinfo ( 323 send_log $ns,
327 "Welcome $user, please enter your password now. " 324 "Welcome $user, please enter your password now. "
328 . "New users should now choose a password. " 325 . "New users should now choose a password. "
329 . "Anything your client lets you enter is fine.", 326 . "Anything your client lets you enter is fine.",
330 cf::NDI_BLUE 327 cf::NDI_BLUE | cf::NDI_REPLY
331 ); 328 ;
332 329
333 # read password 330 # read password
334 while () { 331 while () {
335 $pass = query $ns, cf::CS_QUERY_HIDEINPUT, "What is your password?\n:"; 332 $pass = query $ns, cf::CS_QUERY_HIDEINPUT, "What is your password?\n:";
336 last if $pass =~ /.../; 333 last if $pass =~ /.../;
337 $ns->send_drawinfo ( 334 send_log $ns,
338 "Try to use at least three characters as your password please, " 335 "Try to use at least three characters as your password please, "
339 . "that cannot be too much to ask for :)", 336 . "that cannot be too much to ask for :)",
340 cf::NDI_RED 337 cf::NDI_RED | cf::NDI_REPLY
341 ); 338 ;
342 Coro::Timer::sleep 0.4; 339 Coro::Timer::sleep 0.4;
343 } 340 }
344 341
345 # lock this username for the remainder of this login session 342 $ns->{login_guard} = login_guard $user
346 if ($cf::LOGIN_LOCK{$user}) { 343 or do {
347 $ns->send_drawinfo ( 344 send_log $ns,
348 "That username is currently used in another login session. " 345 "That user is already logged in (or is logging in)."
349 . "Chose another, or wait till the other session has ended.", 346 . "Chose another, or wait till the other session has ended.",
350 cf::NDI_RED 347 cf::NDI_RED | cf::NDI_REPLY
348 ;
349 next;
351 ); 350 };
352 next;
353 }
354 local $cf::LOGIN_LOCK{$user} = 1;
355
356 check_playing $ns, $user and next;
357
358 $Coro::current->{desc} = "addme($user) check";
359 351
360 # try to read the user file and check the password 352 # try to read the user file and check the password
361 if (my $pl = cf::player::find $user) { 353 if (my $pl = cf::player::find $user) {
362 aio_stat $pl->path and next; 354 aio_stat $pl->path and next;
363 my $mtime = (stat _)[9]; 355 my $mtime = (stat _)[9];
373 login $pl; 365 login $pl;
374 return; 366 return;
375 } elsif (can_cleanup $pl, $mtime) { 367 } elsif (can_cleanup $pl, $mtime) {
376 Coro::Timer::sleep 1; 368 Coro::Timer::sleep 1;
377 369
378 $ns->send_drawinfo ( 370 send_log $ns,
379 "Player exists, but password does not match. If this is your account, " 371 "Player exists, but password does not match. If this is your account, "
380 . "please try again. If not, you can now decide to take over this account " 372 . "please try again. If not, you can now decide to take over this account "
381 . "because it has not been in-use for some time.", 373 . "because it has not been in-use for some time.",
382 cf::NDI_RED 374 cf::NDI_RED | cf::NDI_REPLY
383 ); 375 ;
384 376
385 (query $ns, cf::CS_QUERY_SINGLECHAR, "Delete existing account and create a new one (Y/N)?") =~ /^[yY]/ 377 (query $ns, cf::CS_QUERY_SINGLECHAR, "Delete existing account and create a new one (Y/N)?") =~ /^[yY]/
386 or next; 378 or next;
387 379
388 # check if the file hasn't changed 380 # check if the file hasn't changed
393 385
394 # fall through to creation 386 # fall through to creation
395 } else { 387 } else {
396 Coro::Timer::sleep 1; 388 Coro::Timer::sleep 1;
397 389
398 $ns->send_drawinfo ( 390 send_log $ns,
399 "Wrong username or password. Please try again " 391 "Wrong username or password. Please try again "
400 . "(check for Numlock and other semi-obvious error sources).", 392 . "(check for Numlock and other semi-obvious error sources).",
401 cf::NDI_RED 393 cf::NDI_RED | cf::NDI_REPLY
402 ); 394 ;
403 next; 395 next;
404 } 396 }
405 } else { 397 } else {
406 # unable to load the playerfile: 398 # unable to load the playerfile:
407 # check whether the player dir exists, which means the file is corrupted or 399 # check whether the player dir exists, which means the file is corrupted or
408 # something very similar. 400 # something very similar.
409 if (!aio_stat cf::player::playerdir $user) { 401 if (!aio_stat cf::player::playerdir $user) {
410 $ns->send_drawinfo ( 402 send_log $ns,
411 "Unable to retrieve this player. It might be a locked or broken account. " 403 "Unable to retrieve this player. It might be a locked or broken account. "
412 . "If this is your account, ask a dungeon master for assistance. " 404 . "If this is your account, ask a dungeon master for assistance. "
413 . "Otherwise choose a different login name.", 405 . "Otherwise choose a different login name.",
414 cf::NDI_RED 406 cf::NDI_RED | cf::NDI_REPLY
415 ); 407 ;
416 next; 408 next;
417 } 409 }
418 } 410 }
419 411
420 my $pass2 = query $ns, cf::CS_QUERY_HIDEINPUT, "Please type your password again."; 412 my $pass2 = query $ns, cf::CS_QUERY_HIDEINPUT, "Please type your password again.";
421 413
422 if ($pass2 ne $pass) { 414 if ($pass2 ne $pass) {
423 $ns->send_drawinfo ( 415 send_log $ns,
424 "The passwords do not match, please try again.", 416 "The passwords do not match, please try again.",
425 cf::NDI_RED 417 cf::NDI_RED | cf::NDI_REPLY
426 ); 418 ;
427 Coro::Timer::sleep 0.5; 419 Coro::Timer::sleep 0.5;
428 next; 420 next;
429 } 421 }
430 422
431 last; 423 last;
467 or return $fail ( 459 or return $fail (
468 "Your username contains illegal characters (only a-z, A-Z and 0-9 are allowed), " 460 "Your username contains illegal characters (only a-z, A-Z and 0-9 are allowed), "
469 . "or is not between 3 and 20 characters in length." 461 . "or is not between 3 and 20 characters in length."
470 ); 462 );
471 463
464 $ns->{login_guard} = login_guard $user
465 or return $fail->("User name '$user' is in use - try another login name.");
466
472 cf::player::find $user 467 cf::player::find $user
473 and return $fail->("User '$user' already exists - choose another login name."); 468 and return $fail->("User name '$user' is already registered - choose another login name.");
469
470 $reply->(1, "Account Created");
474 471
475 chargen $ns, $user, $pass; 472 chargen $ns, $user, $pass;
476 }); 473 });
477}; 474};
478 475
480 my ($ns, $reply, $user, $hash) = @_; 477 my ($ns, $reply, $user, $hash) = @_;
481 478
482 $ns->{addme}++ and return $ns->destroy; 479 $ns->{addme}++ and return $ns->destroy;
483 480
484 $ns->async (sub { 481 $ns->async (sub {
485 local $cf::LOGIN_LOCK{$user} = 1;
486
487 $Coro::current->{desc} = "login($user) check"; 482 $Coro::current->{desc} = "login($user)";
488 483
489 my $fail = sub { 484 my $fail = sub {
490 $reply->(0, $_[0]); 485 $reply->(0, $_[0]);
491 $ns->flush; # does not ensure that the data reaches the client - TODO 486 $ns->flush; # does not ensure that the data reaches the client - TODO
492 # need to do this in another thread, as this one gets canceled 487 # need to do this in another thread, as this one gets canceled
494 Coro::AnyEvent::sleep 0.1; # TODO, see above, extra hack 489 Coro::AnyEvent::sleep 0.1; # TODO, see above, extra hack
495 $ns->destroy if $ns->valid; 490 $ns->destroy if $ns->valid;
496 }; 491 };
497 Coro::schedule; # do the destroy, should not return 492 Coro::schedule; # do the destroy, should not return
498 }; 493 };
494
495 $ns->{login_guard} = login_guard $user
496 or return $fail->("User '$user' is currently playing or logging in in another session. If that is your "
497 . "user name, make sure you are not running two clients. When in doubt, reboot.");
499 498
500 # try to read the user file and check the password 499 # try to read the user file and check the password
501 my $pl = cf::player::find $user 500 my $pl = cf::player::find $user
502 or return $fail->("User '$user' does not exist - wrong spelling?"); 501 or return $fail->("User '$user' does not exist - wrong spelling?");
503 502

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines