pa/eqemu-server
2
0
Fork 0
mirror of https://github.com/EQEmu/Server.git synced 2026-04-05 19:32:25 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Token verification

Browse Source
This commit is contained in:
KimLS 2014-08-18 20:27:15 -07:00
parent a602640188
commit ca86763c2b
6 changed files with 59 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
common/shareddb.cpp
View File

@ -2179,3 +2179,35 @@ void SharedDatabase::SetBotInspectMessage(uint32 botid, const InspectMessage_Str
safe_delete_array(query); safe_delete_array(query);
} }
bool SharedDatabase::VerifyToken(std::string token, int& status) {
char errbuf[MYSQL_ERRMSG_SIZE];
char *query = 0;
MYSQL_RES *result;
MYSQL_ROW row;
bool res = false;
status = 0;
if(token.length() > 64) {
token = token.substr(0, 64);
}
token = EscapeString(token);
if (RunQuery(query, MakeAnyLenString(&query, "SELECT status FROM tokens WHERE token='%s'", token.c_str()), errbuf, &result)) {
safe_delete_array(query);
row = mysql_fetch_row(result);
if(row) {
status = atoi(row[0]);
res = true;
}
mysql_free_result(result);
}
else {
std::cerr << "Error in SharedDatabase::VerifyToken query '" << query << "' " << errbuf << std::endl;
safe_delete_array(query);
}
return res;
}

3
common/shareddb.h
View File

@ -75,6 +75,9 @@ public:
ItemInst* CreateItem(const Item_Struct* item, int16 charges=0, uint32 aug1=0, uint32 aug2=0, uint32 aug3=0, uint32 aug4=0, uint32 aug5=0); ItemInst* CreateItem(const Item_Struct* item, int16 charges=0, uint32 aug1=0, uint32 aug2=0, uint32 aug3=0, uint32 aug4=0, uint32 aug5=0);
ItemInst* CreateBaseItem(const Item_Struct* item, int16 charges=0); ItemInst* CreateBaseItem(const Item_Struct* item, int16 charges=0);
// Web Token Verification
bool VerifyToken(std::string token, int& status);
/* /*
* Shared Memory crap * Shared Memory crap
*/ */

4
web_interface/method_handler.cpp
View File

@ -35,9 +35,9 @@ void handle_method_token_auth(per_session_data_eqemu *session, rapidjson::Docume
session->auth = document["params"][(rapidjson::SizeType)0].GetString(); session->auth = document["params"][(rapidjson::SizeType)0].GetString();
if (!CheckTokenAuthorization(session)) { if (!CheckTokenAuthorization(session)) {
WriteWebCallResponseBoolean(session, document, "false", false); WriteWebCallResponseBoolean(session, document, false, false);
} else { } else {
WriteWebCallResponseBoolean(session, document, "true", false); WriteWebCallResponseBoolean(session, document, true, false);
} }
} }

13
web_interface/remote_call.cpp
View File

@ -1,6 +1,8 @@
#include "web_interface.h" #include "web_interface.h"
#include "remote_call.h" #include "remote_call.h"
extern SharedDatabase *db;
void WriteWebCallResponseString(per_session_data_eqemu *session, rapidjson::Document &doc, std::string result, bool error, bool send_no_id) { void WriteWebCallResponseString(per_session_data_eqemu *session, rapidjson::Document &doc, std::string result, bool error, bool send_no_id) {
if (doc.HasMember("id") || send_no_id) { if (doc.HasMember("id") || send_no_id) {
rapidjson::StringBuffer s; rapidjson::StringBuffer s;
@ -95,10 +97,13 @@ void WriteWebCallResponseBoolean(per_session_data_eqemu *session, rapidjson::Doc
} }
int CheckTokenAuthorization(per_session_data_eqemu *session) { int CheckTokenAuthorization(per_session_data_eqemu *session) {
//todo: actually check this against a table of tokens that is updated periodically if(db) {
//right now i have just one entry harded coded for testing purposes int status;
if (session->auth.compare("c5b80ec8-4174-4c4c-d332-dbf3c3a551fc") == 0) { if(db->VerifyToken(session->auth, status)) {
return 255; return status;
} else {
return 0;
}
} }
return 0; return 0;

10
web_interface/web_interface.cpp
View File

@ -7,6 +7,7 @@ TimeoutManager timeout_manager;
const EQEmuConfig *config = nullptr; const EQEmuConfig *config = nullptr;
WorldServer *worldserver = nullptr; WorldServer *worldserver = nullptr;
libwebsocket_context *context = nullptr; libwebsocket_context *context = nullptr;
SharedDatabase *db = nullptr;
std::map<std::string, per_session_data_eqemu*> sessions; std::map<std::string, per_session_data_eqemu*> sessions;
std::map<std::string, std::pair<int, MethodHandler>> authorized_methods; std::map<std::string, std::pair<int, MethodHandler>> authorized_methods;
std::map<std::string, MethodHandler> unauthorized_methods; std::map<std::string, MethodHandler> unauthorized_methods;
@ -169,6 +170,14 @@ int main() {
return 1; return 1;
} }
db = new SharedDatabase();
_log(WEB_INTERFACE__TRACE, "Connecting to database...");
if(!db->Connect(config->DatabaseHost.c_str(), config->DatabaseUsername.c_str(),
config->DatabasePassword.c_str(), config->DatabaseDB.c_str(), config->DatabasePort)) {
_log(WEB_INTERFACE__TRACE, "Unable to connect to the database, cannot continue without a database connection");
return 1;
}
worldserver = new WorldServer(config->SharedKey); worldserver = new WorldServer(config->SharedKey);
worldserver->Connect(); worldserver->Connect();
writable_socket_timer.Start(10); writable_socket_timer.Start(10);
@ -193,6 +202,7 @@ int main() {
} }
safe_delete(worldserver); safe_delete(worldserver);
safe_delete(db);
libwebsocket_context_destroy(context); libwebsocket_context_destroy(context);
return 0; return 0;

1
web_interface/web_interface.h
View File

@ -29,6 +29,7 @@
#include "../common/web_interface_utils.h" #include "../common/web_interface_utils.h"
#include "../common/StringUtil.h" #include "../common/StringUtil.h"
#include "../common/uuid.h" #include "../common/uuid.h"
#include "../common/shareddb.h"
#include "worldserver.h" #include "worldserver.h"
#include "lib/libwebsockets.h" #include "lib/libwebsockets.h"
#include "rapidjson/document.h" #include "rapidjson/document.h"