mirror of
https://github.com/ParadiseSS13/Paradise.git
synced 2026-07-19 11:05:03 +01:00
Removes the need for the internal API (#32185)
* Removes the need for the internal API * Build Rust library --------- Co-authored-by: paradisess13[bot] <165046124+paradisess13[bot]@users.noreply.github.com>
This commit is contained in:
@@ -77,7 +77,7 @@
|
||||
|
||||
|
||||
// If 2FA is enabled, makes sure they were authed within the last minute
|
||||
if(check_2fa && GLOB.configuration.system.api_host)
|
||||
if(check_2fa)
|
||||
// First see if they exist at all
|
||||
var/datum/db_query/check_query = SSdbcore.NewQuery("SELECT 2fa_status, ip FROM player WHERE ckey=:ckey", list("ckey" = ckey(key)))
|
||||
|
||||
|
||||
@@ -38,10 +38,10 @@ USER_VERB(advanced_proccall, R_PROCCALL, "Advanced ProcCall", "Advanced ProcCall
|
||||
if(!procname) return
|
||||
|
||||
// absolutely not
|
||||
if(findtextEx(trim(lowertext(procname)), "rustg"))
|
||||
message_admins(SPAN_USERDANGER("[key_name_admin(client)] attempted to proc call rust-g procs. Inform the host <u>at once</u>."))
|
||||
log_admin("[key_name(client)] attempted to proc call rust-g procs. Inform the host at once.")
|
||||
GLOB.discord_manager.send2discord_simple(DISCORD_WEBHOOK_ADMIN, "[key_name(client)] attempted to proc call rustg things. Inform the host at once.")
|
||||
if(findtextEx(trim(lowertext(procname)), "rustlibs"))
|
||||
message_admins(SPAN_USERDANGER("[key_name_admin(client)] attempted to proc call rustlibs procs. Inform the host <u>at once</u>."))
|
||||
log_admin("[key_name(client)] attempted to proc call rustlibs procs. Inform the host at once.")
|
||||
GLOB.discord_manager.send2discord_simple(DISCORD_WEBHOOK_ADMIN, "[key_name(client)] attempted to proc call rustlibs procs. Inform the host at once.")
|
||||
return
|
||||
|
||||
if(targetselected && !hascall(target,procname))
|
||||
|
||||
+46
-47
@@ -1,61 +1,47 @@
|
||||
// This is in its own file as it has so much stuff to contend with
|
||||
/client/proc/edit_2fa()
|
||||
if(!GLOB.configuration.system.api_host)
|
||||
alert(usr, "This server does not have 2FA enabled.")
|
||||
return
|
||||
// Client does not have 2FA enabled. Set it up.
|
||||
if(prefs._2fa_status == _2FA_DISABLED)
|
||||
// Get us an auth token
|
||||
var/datum/http_response/qrcr = MakeAPICall(RUSTLIBS_HTTP_METHOD_GET, "2fa/generate_qr?ckey=[ckey]")
|
||||
// If this fails, shits gone bad
|
||||
if(qrcr.errored)
|
||||
alert(usr, "Something has gone VERY wrong ingame. Please inform the server host.\nError details: [qrcr.error]")
|
||||
return
|
||||
// Step 1 - Generate a secret
|
||||
var/mfa_secret = rustlibs_mfa_generate_secret()
|
||||
|
||||
if(qrcr.status_code != 200)
|
||||
alert(usr, "2FA QR code generation returned a non-200 code. Please inform the server host.\nError code: [qrcr.status_code]\nError details: [qrcr.body]")
|
||||
return
|
||||
// Step 2 - Generate QR code
|
||||
var/mfa_qr_code = rustlibs_mfa_generate_qr(mfa_secret, ckey)
|
||||
|
||||
var/list/data = json_decode(qrcr.body)
|
||||
var/qr_img_src = data["qr_image"]
|
||||
var/datum/browser/B = new(usr, "2fa_qrc", "2FA QR Code", 600, 400)
|
||||
var/datum/browser/B = new(usr, "2fa_qrc", "2FA QR Code", 600, 560)
|
||||
var/title_text = "<p>Below is a QR code to scan inside your authenticator app to generate 2FA codes. Please verify it before closing this window. (Behind this window is a text box)</p>"
|
||||
var/img_data = "<div style=\"text-align:center;\"><img src=\"[qr_img_src]\"></div>"
|
||||
var/img_data = "<div style=\"text-align:center;\"><img src=\"[mfa_qr_code]\"></div>"
|
||||
B.set_content("[title_text][img_data]")
|
||||
B.open(FALSE)
|
||||
|
||||
var/entered_code = input(usr, "Please enter a code from your auth app. Failure to enter the code correctly will abort 2FA setup.", "2FA Validation")
|
||||
if(!entered_code)
|
||||
// Cleanup so they can start again
|
||||
var/datum/db_query/dbq = SSdbcore.NewQuery("DELETE FROM 2fa_secrets WHERE ckey=:ckey", list("ckey" = ckey))
|
||||
dbq.warn_execute()
|
||||
alert(usr, "2FA Setup aborted!")
|
||||
B.close()
|
||||
return
|
||||
|
||||
var/datum/http_response/vr = MakeAPICall(RUSTLIBS_HTTP_METHOD_GET, "2fa/validate_code?ckey=[ckey]&code=[entered_code]")
|
||||
// If this fails, shits gone bad
|
||||
if(vr.errored)
|
||||
alert(usr, "Something has gone VERY wrong ingame. Please inform the server host.\nError details: [vr.error]")
|
||||
// See if the code entered is corrected
|
||||
var/mfa_success = rustlibs_mfa_verify_code(mfa_secret, entered_code)
|
||||
|
||||
if(!mfa_success)
|
||||
alert(usr, "Incorrect MFA code entered - check your phone date and time settings.")
|
||||
B.close()
|
||||
return
|
||||
|
||||
if(vr.status_code != 200)
|
||||
// Cleanup so they can start again
|
||||
var/datum/db_query/dbq = SSdbcore.NewQuery("DELETE FROM 2fa_secrets WHERE ckey=:ckey", list("ckey" = ckey))
|
||||
dbq.warn_execute()
|
||||
|
||||
// See if its unauthorised. I used 400 for that dont at me
|
||||
if(vr.status_code == 400)
|
||||
alert(usr, "Invalid code entered. 2FA Setup aborted!")
|
||||
B.close()
|
||||
else
|
||||
alert(usr, "2FA validation returned a non-200 code. Please inform the server host.\nError code: [vr.status_code]\nError details: [vr.body]")
|
||||
B.close()
|
||||
return
|
||||
|
||||
// If we are here, they authed successfully
|
||||
B.close()
|
||||
|
||||
// Do our DB update
|
||||
var/datum/db_query/insert_qry = SSdbcore.NewQuery("INSERT INTO 2fa_secrets (ckey, secret) VALUES (:ckey, :secret)", list(
|
||||
"ckey" = ckey,
|
||||
"secret" = mfa_secret
|
||||
))
|
||||
|
||||
if(!insert_qry.warn_execute())
|
||||
qdel(insert_qry)
|
||||
alert(usr, "MFA failed to save to the DB - please inform the server host.")
|
||||
return
|
||||
|
||||
// Default to IP change only
|
||||
prefs._2fa_status = _2FA_ENABLED_IP
|
||||
prefs.save_preferences(src)
|
||||
@@ -93,18 +79,31 @@
|
||||
alert(usr, "2FA deactivation aborted!")
|
||||
return
|
||||
|
||||
var/datum/http_response/vr = MakeAPICall(RUSTLIBS_HTTP_METHOD_GET, "2fa/validate_code?ckey=[ckey]&code=[entered_code]")
|
||||
// If this fails, shits gone bad
|
||||
if(vr.errored)
|
||||
alert(usr, "Something has gone VERY wrong ingame. Please inform the server host.\nError details: [vr.error]")
|
||||
// Get their secret
|
||||
var/datum/db_query/load_qry = SSdbcore.NewQuery("SELECT secret FROM 2fa_secrets WHERE ckey=:ckey", list(
|
||||
"ckey" = ckey,
|
||||
))
|
||||
|
||||
if(!load_qry.warn_execute())
|
||||
qdel(load_qry)
|
||||
alert(usr, "Failed to load your existing MFA token - please inform the server host.")
|
||||
return
|
||||
|
||||
if(vr.status_code != 200)
|
||||
// See if its unauthorised. I used 400 for that dont at me
|
||||
if(vr.status_code == 400)
|
||||
alert(usr, "Invalid code entered. 2FA deactivation aborted!")
|
||||
else
|
||||
alert(usr, "2FA validation returned non-200 code. Please inform the server host.\nError code: [vr.status_code]\nError details: [vr.body]")
|
||||
var/db_secret = null
|
||||
|
||||
if(load_qry.NextRow())
|
||||
db_secret = load_qry.item[1]
|
||||
|
||||
qdel(load_qry)
|
||||
|
||||
if(!db_secret)
|
||||
alert(usr, "Failed to load your existing MFA token - please inform the server host.")
|
||||
return
|
||||
|
||||
var/mfa_result = rustlibs_mfa_verify_code(db_secret, entered_code)
|
||||
|
||||
if(!mfa_result)
|
||||
alert(usr, "Invalid code entered. 2FA deactivation aborted. If you have lost your authenticator, please inform the server host.")
|
||||
return
|
||||
|
||||
// If we are here, they authed properly
|
||||
|
||||
Reference in New Issue
Block a user