mirror of
https://github.com/OpenFusionProject/OpenFusion.git
synced 2024-11-24 05:51:05 +00:00
PR feedback
This commit is contained in:
parent
a5a15a54ff
commit
babf774013
@ -53,7 +53,7 @@ namespace Database {
|
|||||||
|
|
||||||
void updateAccountLevel(int accountId, int accountLevel);
|
void updateAccountLevel(int accountId, int accountLevel);
|
||||||
|
|
||||||
// return true iff cookie is valid for the account.
|
// return true if cookie is valid for the account.
|
||||||
// invalidates the stored cookie afterwards
|
// invalidates the stored cookie afterwards
|
||||||
bool checkCookie(int accountId, const char *cookie);
|
bool checkCookie(int accountId, const char *cookie);
|
||||||
|
|
||||||
|
@ -130,7 +130,8 @@ bool Database::checkCookie(int accountId, const char *tryCookie) {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* since cookies are immediately invalidated, we don't need to be concerned about
|
/*
|
||||||
|
* since cookies are immediately invalidated, we don't need to be concerned about
|
||||||
* timing-related side channel attacks, so strcmp is fine here
|
* timing-related side channel attacks, so strcmp is fine here
|
||||||
*/
|
*/
|
||||||
bool match = (strcmp(cookie, tryCookie) == 0);
|
bool match = (strcmp(cookie, tryCookie) == 0);
|
||||||
@ -141,7 +142,7 @@ bool Database::checkCookie(int accountId, const char *tryCookie) {
|
|||||||
rc = sqlite3_step(stmt);
|
rc = sqlite3_step(stmt);
|
||||||
sqlite3_finalize(stmt);
|
sqlite3_finalize(stmt);
|
||||||
if (rc != SQLITE_DONE)
|
if (rc != SQLITE_DONE)
|
||||||
std::cout << "[WARN] Database fail on consumeCookie(): " << sqlite3_errmsg(db) << std::endl;
|
std::cout << "[WARN] Database fail on checkCookie(): " << sqlite3_errmsg(db) << std::endl;
|
||||||
|
|
||||||
return match;
|
return match;
|
||||||
}
|
}
|
||||||
|
@ -682,8 +682,7 @@ bool CNLoginServer::isCharacterNameGood(std::string Firstname, std::string Lastn
|
|||||||
|
|
||||||
bool CNLoginServer::isLoginTypeAllowed(LoginType loginType) {
|
bool CNLoginServer::isLoginTypeAllowed(LoginType loginType) {
|
||||||
// the config file specifies "comma-separated" but tbh we don't care
|
// the config file specifies "comma-separated" but tbh we don't care
|
||||||
switch (loginType)
|
switch (loginType) {
|
||||||
{
|
|
||||||
case LoginType::PASSWORD:
|
case LoginType::PASSWORD:
|
||||||
return settings::AUTHMETHODS.find("password") != std::string::npos;
|
return settings::AUTHMETHODS.find("password") != std::string::npos;
|
||||||
case LoginType::COOKIE:
|
case LoginType::COOKIE:
|
||||||
|
Loading…
Reference in New Issue
Block a user