Merge remote-tracking branch 'ParadiseSS13/master' into toml-config

This commit is contained in:
AffectedArc07
2021-06-03 18:10:19 +01:00
117 changed files with 12076 additions and 18356 deletions
+44 -1
View File
@@ -1,5 +1,5 @@
//Blocks an attempt to connect before even creating our client datum thing.
/world/IsBanned(key, address, computer_id, type, check_ipintel = TRUE)
/world/IsBanned(key, address, computer_id, type, check_ipintel = TRUE, check_2fa = TRUE)
if(!key || !address || !computer_id)
log_adminwarn("Failed Login (invalid data): [key] [address]-[computer_id]")
@@ -44,6 +44,49 @@
return list("reason"="using proxy or vpn", "desc"="\nReason: Proxies/VPNs are not allowed here. [mistakemessage]")
// If 2FA is enabled, makes sure they were authed within the last minute
if(check_2fa && config._2fa_auth_host)
// First see if they exist at all
var/datum/db_query/check_query = SSdbcore.NewQuery("SELECT 2fa_status, ip FROM [format_table_name("player")] WHERE ckey=:ckey", list("ckey" = ckey(key)))
if(!check_query.warn_execute())
message_admins("Failed to do a DB 2FA check for [key]. You have been warned.")
qdel(check_query)
return
// If a row is returned, the player exists
var/_2fa_enabled = FALSE
var/always_check = FALSE
var/last_ip
if(check_query.NextRow())
if(check_query.item[1] != _2FA_DISABLED)
_2fa_enabled = TRUE
if(check_query.item[1] == _2FA_ENABLED_ALWAYS)
always_check = TRUE
last_ip = check_query.item[2]
qdel(check_query)
// If client has 2FA enabled, and they either:
// Have it set to always check, or their IP is different
if(_2fa_enabled && (always_check || (address != last_ip)))
// They have 2FA enabled, lets make sure they have authed within the last minute
var/datum/db_query/verify_query = SSdbcore.NewQuery("SELECT ckey FROM [format_table_name("2fa_secrets")] WHERE (last_time BETWEEN NOW() - INTERVAL 1 MINUTE AND NOW()) AND ckey=:ckey LIMIT 1", list(
"ckey" = ckey(key)
))
if(!verify_query.warn_execute())
message_admins("Failed to do a DB 2FA check for [key]. You have been warned.")
qdel(verify_query)
return
if(!verify_query.NextRow())
// If no row was returned, fail 2FA
qdel(verify_query)
return list("reason"="2fa check failed", "desc"="You have 2FA enabled but did not properly authenticate.")
qdel(verify_query)
if(!GLOB.configuration.general.use_database_bans)
//Ban Checking
. = CheckBan(ckey(key), computer_id, address)
+2
View File
@@ -263,6 +263,8 @@ GLOBAL_LIST_INIT(admin_verbs_ticket, list(
verbs += GLOB.admin_verbs_proccall
if(holder.rights & R_VIEWRUNTIMES)
verbs += /client/proc/view_runtimes
verbs += /client/proc/cmd_display_del_log
verbs += /client/proc/cmd_display_del_log_simple
spawn(1) // This setting exposes the profiler for people with R_VIEWRUNTIMES. They must still have it set in cfg/admin.txt
control_freak = 0
+1 -1
View File
@@ -2810,7 +2810,7 @@
if(R.module)
R.module.modules += I
I.loc = R.module
R.module.rebuild()
R.module.rebuild_modules()
R.activate_module(I)
R.module.fix_modules()
+2 -2
View File
@@ -790,7 +790,7 @@ GLOBAL_PROTECT(AdminProcCallSpamPrevention)
set name = "Display del() Log"
set desc = "Display del's log of everything that's passed through it."
if(!check_rights(R_DEBUG))
if(!check_rights(R_DEBUG|R_VIEWRUNTIMES))
return
var/list/dellog = list("<B>List of things that have gone through qdel this round</B><BR><BR><ol>")
@@ -822,7 +822,7 @@ GLOBAL_PROTECT(AdminProcCallSpamPrevention)
set name = "Display Simple del() Log"
set desc = "Display a compacted del's log."
if(!check_rights(R_DEBUG))
if(!check_rights(R_DEBUG|R_VIEWRUNTIMES))
return
var/dat = "<B>List of things that failed to GC this round</B><BR><BR>"