Auth Cookie Support (#285)

* Auth cookie support * Add config option for auth cookie support * Safe handling of TEGid/auth_id strings * Fix bad size calculation due to pointer cast * Expiration timestamp instead of valid bit * Change setting to "allowed auth methods" This allows plaintext password auth to be disabled altogether * PR feedback
2026-02-03 03:40:02 +00:00 · 2024-09-17 20:41:48 -07:00
parent 52833f7fb3
commit a6eb0e2349
10 changed files with 185 additions and 36 deletions
--- a/src/servers/CNLoginServer.hpp
+++ b/src/servers/CNLoginServer.hpp
@@ -23,6 +23,11 @@ enum class LoginError {
    UPDATED_EUALA_REQUIRED = 9
 };

+enum class LoginType {
+    PASSWORD = 1,
+    COOKIE = 2
+};
+
 // WARNING: THERE CAN ONLY BE ONE OF THESE SERVERS AT A TIME!!!!!! TODO: change loginSessions & packet handlers to be non-static
 class CNLoginServer : public CNServer {
 private:
@@ -39,10 +44,12 @@ private:
    static void changeName(CNSocket* sock, CNPacketData* data);
    static void duplicateExit(CNSocket* sock, CNPacketData* data);

-    static bool isLoginDataGood(std::string login, std::string password);
+    static bool isUsernameGood(std::string login);
+    static bool isPasswordGood(std::string password);
    static bool isPasswordCorrect(std::string actualPassword, std::string tryPassword);
    static bool isAccountInUse(int accountId);
    static bool isCharacterNameGood(std::string Firstname, std::string Lastname);
+    static bool isLoginTypeAllowed(LoginType loginType);
    static void newAccount(CNSocket* sock, std::string userLogin, std::string userPassword, int32_t clientVerC);
    // returns true if success
    static bool exitDuplicate(int accountId);