author | alfadur <mail@none> |
Fri, 27 Dec 2019 22:36:19 +0300 | |
changeset 15554 | f1205f33bf5b |
parent 15553 | ede5f4ec48f3 |
child 15817 | 40929af15167 |
permissions | -rw-r--r-- |
14477 | 1 |
use mysql; |
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
2 |
use mysql::{error::DriverError, error::Error, from_row_opt, params}; |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
3 |
use openssl::sha::sha1; |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
4 |
|
15096 | 5 |
use crate::handlers::{AccountInfo, Sha1Digest}; |
14477 | 6 |
|
15124
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
7 |
const CHECK_ACCOUNT_EXISTS_QUERY: &str = |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
8 |
r"SELECT 1 FROM users WHERE users.name = :username LIMIT 1"; |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
9 |
|
15539 | 10 |
const GET_ACCOUNT_QUERY: &str = r"SELECT CASE WHEN users.status = 1 THEN users.pass ELSE '' END, |
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
11 |
(SELECT COUNT(users_roles.rid) FROM users_roles WHERE users.uid = users_roles.uid AND users_roles.rid = 3), |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
12 |
(SELECT COUNT(users_roles.rid) FROM users_roles WHERE users.uid = users_roles.uid AND users_roles.rid = 13) |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
13 |
FROM users WHERE users.name = :username"; |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
14 |
|
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
15 |
const STORE_STATS_QUERY: &str = r"INSERT INTO gameserver_stats |
15124
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
16 |
(players, rooms, last_update) |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
17 |
VALUES |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
18 |
(:players, :rooms, UNIX_TIMESTAMP())"; |
14477 | 19 |
|
14806
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
20 |
const GET_REPLAY_NAME_QUERY: &str = r"SELECT filename FROM achievements WHERE id = :id"; |
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
21 |
|
15142 | 22 |
pub struct ServerStatistics { |
14477 | 23 |
rooms: u32, |
24 |
players: u32, |
|
25 |
} |
|
26 |
||
15142 | 27 |
pub struct Achievements {} |
14477 | 28 |
|
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
29 |
pub struct Database { |
14477 | 30 |
pool: Option<mysql::Pool>, |
31 |
} |
|
32 |
||
33 |
impl Database { |
|
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
34 |
pub fn new() -> Self { |
14477 | 35 |
Self { pool: None } |
36 |
} |
|
37 |
||
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
38 |
pub fn connect(&mut self, url: &str) -> Result<(), Error> { |
14477 | 39 |
self.pool = Some(mysql::Pool::new(url)?); |
40 |
||
41 |
Ok(()) |
|
42 |
} |
|
43 |
||
15124
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
44 |
pub fn is_registered(&mut self, nick: &str) -> Result<bool, Error> { |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
45 |
if let Some(pool) = &self.pool { |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
46 |
let is_registered = pool |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
47 |
.first_exec(CHECK_ACCOUNT_EXISTS_QUERY, params! { "username" => nick })? |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
48 |
.is_some(); |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
49 |
Ok(is_registered) |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
50 |
} else { |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
51 |
Err(DriverError::SetupError.into()) |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
52 |
} |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
53 |
} |
823052e66611
check for account existence before asking passwords
alfadur
parents:
15096
diff
changeset
|
54 |
|
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
55 |
pub fn get_account( |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
56 |
&mut self, |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
57 |
nick: &str, |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
58 |
protocol: u16, |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
59 |
password_hash: &str, |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
60 |
client_salt: &str, |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
61 |
server_salt: &str, |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
62 |
) -> Result<Option<AccountInfo>, Error> { |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
63 |
if let Some(pool) = &self.pool { |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
64 |
if let Some(row) = pool.first_exec(GET_ACCOUNT_QUERY, params! { "username" => nick })? { |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
65 |
let (mut password, is_admin, is_contributor) = |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
66 |
from_row_opt::<(String, i32, i32)>(row)?; |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
67 |
let client_hash = get_hash(protocol, &password, &client_salt, &server_salt); |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
68 |
let server_hash = get_hash(protocol, &password, &server_salt, &client_salt); |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
69 |
password.replace_range(.., "🦔🦔🦔🦔🦔🦔🦔🦔"); |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
70 |
|
15184 | 71 |
if client_hash == password_hash { |
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
72 |
Ok(Some(AccountInfo { |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
73 |
is_registered: true, |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
74 |
is_admin: is_admin == 1, |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
75 |
is_contributor: is_contributor == 1, |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
76 |
server_hash, |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
77 |
})) |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
78 |
} else { |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
79 |
Ok(None) |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
80 |
} |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
81 |
} else { |
15131 | 82 |
Ok(None) |
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
83 |
} |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
84 |
} else { |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
85 |
Err(DriverError::SetupError.into()) |
14477 | 86 |
} |
87 |
} |
|
88 |
||
15554 | 89 |
pub fn get_checker_account( |
90 |
&mut self, |
|
91 |
nick: &str, |
|
92 |
checker_password: &str, |
|
93 |
) -> Result<bool, Error> { |
|
94 |
if let Some(pool) = &self.pool { |
|
95 |
if let Some(row) = pool.first_exec(GET_ACCOUNT_QUERY, params! { "username" => nick })? { |
|
96 |
let (mut password, _, _) = from_row_opt::<(String, i32, i32)>(row)?; |
|
97 |
Ok(checker_password == password) |
|
98 |
} else { |
|
99 |
Ok(false) |
|
100 |
} |
|
101 |
} else { |
|
102 |
Err(DriverError::SetupError.into()) |
|
103 |
} |
|
104 |
} |
|
105 |
||
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
106 |
pub fn store_stats(&mut self, stats: &ServerStatistics) -> Result<(), Error> { |
14477 | 107 |
if let Some(pool) = &self.pool { |
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
108 |
for mut stmt in pool.prepare(STORE_STATS_QUERY).into_iter() { |
14478 | 109 |
stmt.execute(params! { |
110 |
"players" => stats.players, |
|
111 |
"rooms" => stats.rooms, |
|
112 |
})?; |
|
113 |
} |
|
14477 | 114 |
Ok(()) |
115 |
} else { |
|
116 |
Err(DriverError::SetupError.into()) |
|
117 |
} |
|
118 |
} |
|
119 |
||
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
120 |
pub fn store_achievements(&mut self, achievements: &Achievements) -> Result<(), ()> { |
14477 | 121 |
Ok(()) |
122 |
} |
|
123 |
||
14806
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
124 |
pub fn get_replay_name(&mut self, replay_id: u32) -> Result<Option<String>, Error> { |
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
125 |
if let Some(pool) = &self.pool { |
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
126 |
if let Some(row) = |
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
127 |
pool.first_exec(GET_REPLAY_NAME_QUERY, params! { "id" => replay_id })? |
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
128 |
{ |
15553 | 129 |
let filename = from_row_opt::<String>(row)?; |
14806
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
130 |
Ok(Some(filename)) |
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
131 |
} else { |
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
132 |
Ok(None) |
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
133 |
} |
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
134 |
} else { |
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
135 |
Err(DriverError::SetupError.into()) |
a1077e8d26f4
implement watch message apart from replay deserializing
alfadur
parents:
14800
diff
changeset
|
136 |
} |
14477 | 137 |
} |
138 |
} |
|
14800
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
139 |
|
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
140 |
fn get_hash(protocol_number: u16, web_password: &str, salt1: &str, salt2: &str) -> Sha1Digest { |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
141 |
let s = format!( |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
142 |
"{}{}{}{}{}", |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
143 |
salt1, salt2, web_password, protocol_number, "!hedgewars" |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
144 |
); |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
145 |
Sha1Digest::new(sha1(s.as_bytes())) |
f43ab2bd76ae
add a thread for internal server IO and implement account checking with it
alfadur
parents:
14478
diff
changeset
|
146 |
} |