Token verification

2026-06-11 03:31:08 +00:00 · 2014-08-18 20:27:15 -07:00
parent a602640188
commit ca86763c2b
6 changed files with 59 additions and 8 deletions
@@ -35,9 +35,9 @@ void handle_method_token_auth(per_session_data_eqemu *session, rapidjson::Docume
 	
 	session->auth = document["params"][(rapidjson::SizeType)0].GetString();
 	if (!CheckTokenAuthorization(session)) {
-		WriteWebCallResponseBoolean(session, document, "false", false);
+		WriteWebCallResponseBoolean(session, document, false, false);
 	} else {
-		WriteWebCallResponseBoolean(session, document, "true", false);
+		WriteWebCallResponseBoolean(session, document, true, false);
 	}
 }

@@ -1,6 +1,8 @@
 #include "web_interface.h"
 #include "remote_call.h"

+extern SharedDatabase *db;
+
 void WriteWebCallResponseString(per_session_data_eqemu *session, rapidjson::Document &doc, std::string result, bool error, bool send_no_id) {
 	if (doc.HasMember("id") || send_no_id) {
 		rapidjson::StringBuffer s;
@@ -95,10 +97,13 @@ void WriteWebCallResponseBoolean(per_session_data_eqemu *session, rapidjson::Doc
 }

 int CheckTokenAuthorization(per_session_data_eqemu *session) {
-	//todo: actually check this against a table of tokens that is updated periodically
-	//right now i have just one entry harded coded for testing purposes
-	if (session->auth.compare("c5b80ec8-4174-4c4c-d332-dbf3c3a551fc") == 0) {
-		return 255;
+	if(db) {
+		int status;
+		if(db->VerifyToken(session->auth, status)) {
+			return status;
+		} else {
+			return 0;
+		}
 	}

 	return 0;
@@ -7,6 +7,7 @@ TimeoutManager timeout_manager;
 const EQEmuConfig *config = nullptr;
 WorldServer *worldserver = nullptr;
 libwebsocket_context *context = nullptr;
+SharedDatabase *db = nullptr;
 std::map<std::string, per_session_data_eqemu*> sessions;
 std::map<std::string, std::pair<int, MethodHandler>> authorized_methods;
 std::map<std::string, MethodHandler> unauthorized_methods;
@@ -15,7 +16,7 @@ void CatchSignal(int sig_num) {
 	run = false;
 	if(worldserver)
 		worldserver->Disconnect();
-		
+	
 	if(context)
 		libwebsocket_cancel_service(context);
 }
@@ -169,7 +170,15 @@ int main() {
 		return 1;
 	}

-	worldserver = new WorldServer(config->SharedKey); 
+	db = new SharedDatabase();
+	_log(WEB_INTERFACE__TRACE, "Connecting to database...");
+	if(!db->Connect(config->DatabaseHost.c_str(), config->DatabaseUsername.c_str(),
+		config->DatabasePassword.c_str(), config->DatabaseDB.c_str(), config->DatabasePort)) {
+		_log(WEB_INTERFACE__TRACE, "Unable to connect to the database, cannot continue without a database connection");
+		return 1;
+	}
+
+	worldserver = new WorldServer(config->SharedKey);
 	worldserver->Connect();
 	writable_socket_timer.Start(10);

@@ -193,6 +202,7 @@ int main() {
 	}

 	safe_delete(worldserver);
+	safe_delete(db);
 	libwebsocket_context_destroy(context);

 	return 0;
@@ -29,6 +29,7 @@
 #include "../common/web_interface_utils.h"
 #include "../common/StringUtil.h"
 #include "../common/uuid.h"
+#include "../common/shareddb.h"
 #include "worldserver.h"
 #include "lib/libwebsockets.h"
 #include "rapidjson/document.h"