Skip to content

Commit

Permalink
Fixed data masking
Browse files Browse the repository at this point in the history
  • Loading branch information
PEMapModder committed Jan 25, 2016
1 parent e783dfa commit 58b1615
Show file tree
Hide file tree
Showing 9 changed files with 23 additions and 14 deletions.
18 changes: 9 additions & 9 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@ HereAuth
* [Latest release candidate build](compile/HereAuth_RC.phar)

#### Latest Dev build number
`152`
`162`

#### Latest Beta build number
`136`
`163`

#### Latest RC build number
`nil`
Expand Down Expand Up @@ -47,15 +47,15 @@ the Free Software Foundation, either version 3 of the License, or
- [x] Time-based and attempts-based brute-force protection
- [ ] Customized automatic authentication methods
- [x] By "customized", I mean to customize _per player_! This basically refers to `/opt`
- [ ] Customized multi-factor authentication methods
- [x] Customized multi-factor authentication methods
- [ ] Customized data masking when player is not authenticated
- [ ] Don't let impostors see what is in your inventory!
- [ ] Don't let impostors see where you are!
- [ ] Don't let impostors see what messages other plugins want to send to you!
- [x] Don't let impostors see what is in your inventory!
- [x] Don't let impostors see where you are!
- [ ] Don't let impostors see what chat messages are sent to you!
- [ ] Account management commands
- [ ] `/chpw`: change password
- [ ] `/unreg`: unregister account
- [ ] `/opt`: change account options (things in `config.yml`:`DefaultSettings`)
- [x] `/opt`: change account options (things in `config.yml`:`DefaultSettings`)
- [x] `/lock`: temporarily logout (deauthenticate) without entirely leaving the server
- [ ] `/rename`: rename account
- [x] Server-customized events to block when not authenticated
Expand All @@ -81,6 +81,6 @@ Open this phar directly with PHP binaries to automatically extract the config fi

## Code Statistics
* 55 PHP source files
* 3969 lines of PHP code
* 3978 lines of PHP code
* minus 825 lines of license header
* Total: 3144
* Total: 3153
Binary file modified compile/HereAuth_Beta.phar
Binary file not shown.
Binary file modified compile/HereAuth_Dev.phar
Binary file not shown.
2 changes: 1 addition & 1 deletion compile/info.json
Original file line number Diff line number Diff line change
Expand Up @@ -9,5 +9,5 @@
"major": 1,
"minor": 0
},
"nextBuild": 153
"nextBuild": 164
}
2 changes: 1 addition & 1 deletion src/HereAuth/Command/OptCommand.php
Original file line number Diff line number Diff line change
Expand Up @@ -197,7 +197,7 @@ private function getHelpMessage(User $user){
$output .= TextFormat::GREEN . "Toggle " . TextFormat::YELLOW . "IP MFA\n";
$output .= "/opt mfat <timeout|forever> ";
$output .= TextFormat::GREEN . "Set " . TextFormat::YELLOW . "MFA timeout in days " . TextFormat::GREEN . "(or \"forever\")\n";
$output .= "If /opt doesn't work, try /auth instead"; // <-- how would people even be able to execute this command if it doesn't work?
// $output .= "If /opt doesn't work, try /auth instead"; // <-- how would people even be able to execute this command if it doesn't work?
return $output;
}
Expand Down
1 change: 0 additions & 1 deletion src/HereAuth/Database/Json/JsonDatabase.php
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,6 @@ public function __construct(HereAuth $main){

$this->sql = new SQLite3($this->path . "reg.db");
$this->sql->exec("CREATE TABLE IF NOT EXISTS reg (ip TEXT, name TEXT PRIMARY KEY, time INTEGER)");
var_dump($this->sql->busyTimeout(1)); // outputs bool(true)
}

public function loadFor($name, $identifier){
Expand Down
4 changes: 3 additions & 1 deletion src/HereAuth/EventRouter.php
Original file line number Diff line number Diff line change
Expand Up @@ -204,12 +204,14 @@ public function onDamage(EntityDamageEvent $event){

public function onMove(PlayerMoveEvent $event){
if($this->main->getConfig()->getNested("Blocking.Move.Locomotion", true)){
if($event->getFrom()->equals($event->getTo())){
if(!$event->getFrom()->equals($to = $event->getTo())){
$user = $this->main->getUserByPlayer($event->getPlayer());
// if(!($user !== null and $user->origPos !== null and $user->origPos->equals($to))){
if($user === null or !$user->isPlaying()){
$event->setCancelled();
return;
}
// }
}
}
if($this->main->getConfig()->getNested("Blocking.Move.Rotation", true)){
Expand Down
7 changes: 6 additions & 1 deletion src/HereAuth/HereAuth.php
Original file line number Diff line number Diff line change
Expand Up @@ -149,7 +149,12 @@ public function onUserStart($identifier, $info){
if(!isset($info->name)){
$info = AccountInfo::defaultInstance($player, $this);
}
$this->users[$player->getId()] = new User($this, $player, $info);
try{
$user = new User($this, $player, $info);
}catch(\Exception $e){
return;
}
$this->users[$player->getId()] = $user;
}

public function closeUser(Player $player){
Expand Down
3 changes: 3 additions & 0 deletions src/HereAuth/User/User.php
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,9 @@ public function __construct(HereAuth $main, Player $player, AccountInfo $info){

return;
}
if(!$this->checkMultiFactor()){
throw new \Exception("MFA failure");
}
if($info->opts->autoSecret and $player->getClientSecret() === $info->lastSecret and $this->callLogin(HereAuthLoginEvent::METHOD_CLIENT_SECRET)){
$this->main->getAuditLogger()->logLogin(strtolower($player->getName()), $player->getAddress(), "secret");
$this->onAuth();
Expand Down

0 comments on commit 58b1615

Please sign in to comment.