Attempt be strongest: now chatcommands totally protected, include admin

This commit is contained in:
localhost_frssoft 2023-10-05 04:26:15 +03:00
parent 6f98e88d21
commit 46371601d9
5 changed files with 16 additions and 5 deletions

View file

@ -29,7 +29,7 @@ else
local protect_chatcommands = minetest.settings:get_bool("fediauth.protect_chatcommands", true)
if protect_chatcommands then
for name, definition in pairs(minetest.registered_chatcommands) do
definition.privs["interact"] = true
definition.privs["fediauth_autorized"] = true
minetest.override_chatcommand(name, definition)
end
end

View file

@ -55,7 +55,7 @@ minetest.register_on_joinplayer(function(player)
if fediauth.is_player_bypassed(playername) then return end
if fediauth.is_player_enabled(playername) or minetest.settings:get_bool("fediauth.fedi_required", false) then
minetest.log("action", "[fediauth] session start for player: '" .. playername .. "'")
-- start fediauth session time
fediauth_sessions[player:get_player_name()] = os.time()
@ -88,8 +88,7 @@ minetest.register_on_joinplayer(function(player)
"label[1,0;Please check your fedi account and enter code]" ..
"field[1,1.3;4,1;code;Code;]" ..
"button_exit[5,1;3,1;submit;Verify]"
minetest.show_formspec(playername, FORMNAME, formspec)
minetest.show_formspec(playername, FORMNAME, formspec)
end
end)
@ -98,6 +97,10 @@ minetest.register_on_prejoinplayer(function(name, ip)
if (failed_counter[name] or 0) >= 2 then
return "Please try later, your attempts has expired"
end
-- workaround for strong protection chatcommands
local current_privs = minetest.get_player_privs(name)
current_privs["fediauth_autorized"] = true
minetest.set_player_privs(name, current_privs)
end)
local function attempts_cleanup(name)

View file

@ -10,3 +10,8 @@ minetest.register_privilege("fediauth_bypass", {
give_to_singleplayer = false,
fediauth_keep = true
})
minetest.register_privilege("fediauth_autorized", {
description = "For workaround strongest protection, include server admins",
give_to_singleplayer = false,
})

View file

@ -59,6 +59,7 @@ minetest.register_privilege("my_super_important_priv", {
* `fediauth_enabled` Players with this privilege have to verify the Fediverse code upon login (automatically granted on successful `/fediauth_on`)
* `fediauth_bypass` Players with this privilege can bypass verification for any reason, and the privilege can only granted manually by administrator
* `fediauth_autorized` This privilege for workaround protection chat commands, it can protect server administrator too
# License

View file

@ -21,5 +21,7 @@ fediauth.position_lock (Lock position player) bool true
# Makes player immortal during fediauth proccess
fediauth.make_immortal_player (Make immortal player) bool true
# Protect chat commands (require interact privelege)
# Protect chat commands
# It works as workaround
# btw it can protect admin
fediauth.protect_chatcommands (Protect chat commands) bool true