This PR enables auth cookies to be used simultaneously with plaintext paasswords sent in the cookie authID field.
* Hoist a bunch of checks from the login packet handler into helper functions.
* Rename the LoginType enum to AuthMethod and distinguish it from the iLoginType packet field (see comment in code for why these should be decoupled).
* If the provided token does not pass the cookie check and password auth is enabled, treat it as a plaintext password and authenticate if it is correct.
This is to prevent accidental exposure of the monitor port to the public
internet if a server admin enables the monitor port without it being
properly firewalled. There is now a config option that lets you override
the address to bind to, so that it can still be made available to other
machines over private networks such as Wireguard.
* Auth cookie support
* Add config option for auth cookie support
* Safe handling of TEGid/auth_id strings
* Fix bad size calculation due to pointer cast
* Expiration timestamp instead of valid bit
* Change setting to "allowed auth methods"
This allows plaintext password auth to be disabled altogether
* PR feedback
The server administrator must now specify which patches they want the
server to load (if deviating from the defaults). There are multiple
reasons for this:
* It's useful to be able to pick and choose which patches you want to
boot the server with; without having to move the directories in and out
of the patch directory
* This way, we can have different default patches for different builds
of the game (104 vs 1013)
* ...ergo, it's easier to rapidly switch builds without having to
rearrange your workspace to properly run them
* This also allows us to remove the std::filesystem stuff, which has
spotty compatibility with slightly older (but still current) versions of
the compilers
They're not often changed, and keeping two sets of them in the config
file is messy when the right set is automatially chosen by the ifdef in
the server itself.
Having it at 25600 caused client performance issues in areas with a lot of mobs, 12800 was too short, but after testing 16000 on the public server I feel this is a sensible default.
* Add newly created chunks to nearby players and NPCs. This fixes the
slider/static path mob pop-in problem.
* Update a player's chunks when resurrecting. This fixes a mob desync
problem.
* Use a private instance for the Time Lab
* Spawn a slider for every stop
* Fix mobs in private lairs using the template chunk mobs's current
health for their max health
* Don't call into the JSON lib in the loop in aggroCheck(). This is an
optimization found after using gprof.
* Don't print NPC deletions to console. This stops the spam when a
private instance is deleted.
* Changed default view distance to half the length of a map tile, so
chunks are aligned to map tiles
* Update tdata reference
* Replaced bad exception logic with C-style error returns in ItemManager
* Removed unnecessary instances of objects being passed by value
* Fixed whitespace problems
* Added new config options to the default config.ini
* Updated tabledata reference
The first two fixes were caught by infer. The Big Bug(tm) remains
unfixed.
* Fixed the Leech nano power
* Fixed an unlikely nullptr dereference in ItemManager
* /toggleai now makes mobs retreat immediately, instead of waiting for
their next movement tick
* Static path mobs will now stop in place instead of retreating to
their spawn points when AI is disabled
* Changed the misleading config option name from "chunksize" to
"viewdistance", since it's actually only a third of the chunk size
* Monkey Skyway paths are now saved in a format compatible with
paths.json
* flush() is called on every periodic DB save in addition to the /flush
and /mss N export commands
* Monkeys now accept WIP routes
* implemented saving BatteryN and BatteryW
* implemented saving mentor
* moved int64->blob parsing to a separate function
* moved parsing blob->int64 to a separate function
* added functions for parsing int32->blob and vice versa
* added functions for parsing int16->blob and vice versa
* WIP saving quest items and active tasks
* Quest items are stored in inventory table instead of blob
* added sanity check for missionId
* saving active missions works
* removed unneccesary include
* implemented saving warplocationflag, skywaylocationflag and currentmissionid in database
* INFO DB message now shows how many accounts and player characters are in the database
* fixed dbsaveinterval being in [login] instead of [shard]
* fixed mission quit:
- fixed wrong json name, causing qitems not deleting properly
- quitting mission now resets npc kill count
* adjusted saving active missions
* removed blob parsing functions that ended up being unused
* removed accidentaly added include
* removed sending PCStyle2 on Player Enter
* added a sanity check in itemMoveHandler
* removed MapNum from PCLoad, as client doesn't even read it
* set BuddyWarpCooldown to 60s on PCLoad
* fixed a bug causing EXIT DUPLICATE not working
* added creation and last login timestamps to accounts and players
* added a sanity check for P_CL2LS_REQ_PC_EXIT_DUPLICATE
* implemented web api support, toggled by new setting (off by default)
* add usewebapi to config
Co-authored-by: Gent <gentsemaj@live.com>
Also:
* Made the timeout configurable
* Removed the stale randomcharacters config option
* Switched to time_t for time values, even though it doesn't really
matter that much
* Halved the keepAliveTimer frequency
* Clean up spacing/indentation
* Proper enum formatting
* Fix nano dismissal (for real this time)
* Do not copy Player struct when a pointer is right there
* Stop looking after the trade partner has been found
* Make sure we're shifting unsigned values (and 64-bit when they need to be)
* Look for JSONs in tdata/
* Add a dbsaveinterval to the example config.ini, in the login category