cyberpresidentvanellope/Aurora.3
1
0
Fork 0
mirror of https://github.com/Aurorastation/Aurora.3.git synced 2025-12-25 01:22:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

External Auth security improvements (#6961)

Browse Source 
Adds connection timeout
Adds new API for WI to get client that is authing IP.
This commit is contained in:
Karolis
2019-09-09 21:54:11 +03:00
committed by Erki
parent 169cfc176c
commit b6f7d9c79f
2 changed files with 42 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
code/modules/mob/abstract/unauthed/login.dm
View File

@@ -3,6 +3,7 @@
/mob/abstract/unauthed
authed = FALSE
var/token = ""
var/timeout_timer
/mob/abstract/unauthed/New()
verbs -= typesof(/mob/verb)
@@ -21,10 +22,18 @@
if(!config.guests_allowed && config.webint_url && config.external_auth)
src.OpenForumAuthWindow()
show_browser(src, uihtml, "window=auth;size=300x300;border=0;can_close=0;can_resize=0;can_minimize=0;titlebar=1")
timeout_timer = addtimer(CALLBACK(src, .proc/timeout), 900, TIMER_STOPPABLE)
/mob/abstract/unauthed/proc/timeout()
if (client)
to_chat(client, "Your login time has expired. Please relog and try again.")
qdel(client)
qdel(src)
/mob/abstract/unauthed/proc/ClientLogin(var/newkey)
if(!client)
qdel(src)
deltimer(timeout_timer)
var/client/c = client
show_browser(src, null, "window=auth;")
client.verbs += typesof(/client/verb) // Let's return regular client verbs

32
code/modules/world_api/commands/misc.dm
View File

@@ -208,6 +208,38 @@
response = "Client has been authenticated sucessfully."
una.ClientLogin(queryparams["key"])
// Authenticates client from external system
/datum/topic_command/get_auth_client_ip
name = "get_auth_client_ip"
description = "Returns the IP of the client awaiting authentication, identified by the client token."
params = list(
"clienttoken" = list("name"="clienttoken","desc"="Token for identifying the unique client.","type"="str","req"=1),
)
/datum/topic_command/get_auth_client_ip/run_command(queryparams)
if(!(queryparams["clienttoken"] in unauthed))
statuscode = 404
response = "Client with such token is not found."
return TRUE
var/mob/abstract/unauthed/una = unauthed[queryparams["clienttoken"]]
if(!istype(una) || !una.client)
statuscode = 500
response = "Something went horribly wrong."
return TRUE
if(!config.external_auth)
statuscode = 500
response = "External auth is disallowed."
del(una.client)
del(una)
return TRUE
statuscode = 200
response = "Got client IP sucessfully."
data = una.client.address
// Updates external auth state
/datum/topic_command/set_extenal_auth
name = "set_extenal_auth"