Refactor login packet handler for more flexible auth (#298)

This PR enables auth cookies to be used simultaneously with plaintext paasswords sent in the cookie authID field. * Hoist a bunch of checks from the login packet handler into helper functions. * Rename the LoginType enum to AuthMethod and distinguish it from the iLoginType packet field (see comment in code for why these should be decoupled). * If the provided token does not pass the cookie check and password auth is enabled, treat it as a plaintext password and authenticate if it is correct.
2025-12-10 16:00:48 +00:00 · 2024-11-16 20:21:37 -08:00
parent 1543dac4e0
commit 55cf3f7102
6 changed files with 161 additions and 98 deletions
--- a/config.ini
+++ b/config.ini
@@ -18,8 +18,8 @@ acceptallcustomnames=true
 # automatically create them?
 autocreateaccounts=true
 # list of supported authentication methods (comma-separated)
-# password = allow login type 1 with plaintext passwords
-# cookie = allow login type 2 with one-shot auth cookies
+# password = allow logging in with plaintext passwords
+# cookie = allow logging in with one-shot auth cookies
 authmethods=password
 # how often should everything be flushed to the database?
 # the default is 4 minutes