OpenPunk/OpenFusion
1
0
Fork 0
mirror of https://github.com/OpenFusionProject/OpenFusion.git synced 2026-03-28 23:50:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor login packet handler for more flexible auth (#298)

Browse Source 
This PR enables auth cookies to be used simultaneously with plaintext paasswords sent in the cookie authID field.

* Hoist a bunch of checks from the login packet handler into helper functions.
* Rename the LoginType enum to AuthMethod and distinguish it from the iLoginType packet field (see comment in code for why these should be decoupled).
* If the provided token does not pass the cookie check and password auth is enabled, treat it as a plaintext password and authenticate if it is correct.
This commit is contained in:
Gent Semaj
2024-11-16 20:21:37 -08:00
committed by GitHub
parent 1543dac4e0
commit 55cf3f7102
6 changed files with 161 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/main.cpp
View File

@@ -222,6 +222,17 @@ time_t getTimestamp() {
return (time_t)value.count();
}
// timing safe strcmp implementation for e.g. cookie validation
int timingSafeStrcmp(const char* a, const char* b) {
int diff = 0;
while (*a && *b) {
diff |= *a++ ^ *b++;
}
diff |= *a;
diff |= *b;
return diff;
}
// convert integer timestamp (in s) to FF systime struct
sSYSTEMTIME timeStampToStruct(uint64_t time) {