Refactor login packet handler for more flexible auth (#298)

This PR enables auth cookies to be used simultaneously with plaintext paasswords sent in the cookie authID field. * Hoist a bunch of checks from the login packet handler into helper functions. * Rename the LoginType enum to AuthMethod and distinguish it from the iLoginType packet field (see comment in code for why these should be decoupled). * If the provided token does not pass the cookie check and password auth is enabled, treat it as a plaintext password and authenticate if it is correct.
2026-03-28 15:40:03 +00:00 · 2024-11-16 20:21:37 -08:00
parent 1543dac4e0
commit 55cf3f7102
6 changed files with 161 additions and 98 deletions
--- a/src/core/CNStructs.hpp
+++ b/src/core/CNStructs.hpp
@@ -49,6 +49,7 @@ std::string U16toU8(char16_t* src, size_t max);
 size_t U8toU16(std::string src, char16_t* des, size_t max); // returns number of char16_t that was written at des
 time_t getTime();
 time_t getTimestamp();
+int timingSafeStrcmp(const char* a, const char* b);
 void terminate(int);

 // The PROTOCOL_VERSION definition can be defined by the build system.