mirror of
https://git.phreedom.club/localhost_frssoft/fediauth.git
synced 2024-11-25 01:11:30 +00:00
security unlock code for admin
This commit is contained in:
parent
46371601d9
commit
8d701f6955
62
init.lua
62
init.lua
|
@ -27,10 +27,70 @@ else
|
||||||
dofile(MP.."/priv_revoke.lua")
|
dofile(MP.."/priv_revoke.lua")
|
||||||
dofile(MP.."/password_save.lua")
|
dofile(MP.."/password_save.lua")
|
||||||
local protect_chatcommands = minetest.settings:get_bool("fediauth.protect_chatcommands", true)
|
local protect_chatcommands = minetest.settings:get_bool("fediauth.protect_chatcommands", true)
|
||||||
if protect_chatcommands then
|
if protect_chatcommands and not minetest.is_singleplayer() then
|
||||||
|
local security_unlock_code
|
||||||
|
minetest.register_on_mods_loaded(function()
|
||||||
|
security_unlock_code = SecureRandom()
|
||||||
|
if security_unlock_code ~= nil then
|
||||||
|
security_unlock_code = security_unlock_code:next_bytes(1024)
|
||||||
|
local ascii = ""
|
||||||
|
for i in string.gmatch(security_unlock_code, "[_%a%d%w.%p%x]") do
|
||||||
|
ascii = i .. ascii
|
||||||
|
end
|
||||||
|
security_unlock_code = ascii
|
||||||
|
else
|
||||||
|
minetest.log("warning", "[fediauth] secure random device not avalaible on your machine, fallbacking to pseudorandom")
|
||||||
|
security_unlock_code = ""
|
||||||
|
local symbols = "@!$%,/:;-_+|<>"
|
||||||
|
local pseudorand = PcgRandom(math.random(-2147483648, 2147483647) * math.random(2,32))
|
||||||
|
for i=1,256 do
|
||||||
|
local randselector = pseudorand:next(1,4)
|
||||||
|
if randselector == 1 then
|
||||||
|
local randuppercase = string.char(pseudorand:next(65, 65 + 25))
|
||||||
|
security_unlock_code = security_unlock_code .. randuppercase
|
||||||
|
elseif randselector == 2 then
|
||||||
|
local randlowercase = string.char(pseudorand:next(65, 65 + 25)):lower()
|
||||||
|
security_unlock_code = security_unlock_code .. randlowercase
|
||||||
|
elseif randselector == 3 then
|
||||||
|
local rint = math.random(1, #symbols)
|
||||||
|
local symbol = symbols:sub(rint, rint)
|
||||||
|
security_unlock_code = security_unlock_code .. symbol
|
||||||
|
else
|
||||||
|
security_unlock_code = security_unlock_code .. pseudorand:next(0,9)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
security_unlock_code = tostring(security_unlock_code):sub(1, math.random(64, 128))
|
||||||
|
print('[!fediauth]: ' .. minetest.settings:get("name") .. ' for unlock chatcommands you should type')
|
||||||
|
print('[!fediauth]: /fediauth_unlock ' .. security_unlock_code)
|
||||||
|
print("[!fediauth]: via terminal!!! or security unlock code can be MITM'ed (restart server for change it)")
|
||||||
|
print("[!fediauth]: or just join to game as admin")
|
||||||
|
print("[!fediauth]: This needs to be done once if your commands are blocked")
|
||||||
|
print("[!fediauth]: or you can manage your server via szutil_consocket")
|
||||||
|
end)
|
||||||
for name, definition in pairs(minetest.registered_chatcommands) do
|
for name, definition in pairs(minetest.registered_chatcommands) do
|
||||||
definition.privs["fediauth_autorized"] = true
|
definition.privs["fediauth_autorized"] = true
|
||||||
minetest.override_chatcommand(name, definition)
|
minetest.override_chatcommand(name, definition)
|
||||||
end
|
end
|
||||||
|
minetest.register_chatcommand("fediauth_unlock", {
|
||||||
|
description = "Only for server admin, ",
|
||||||
|
privs = {},
|
||||||
|
func = function(name, unlock_code)
|
||||||
|
if name == minetest.settings:get("name") and security_unlock_code == unlock_code then
|
||||||
|
local privs = minetest.get_player_privs(name)
|
||||||
|
privs["fediauth_autorized"] = true
|
||||||
|
minetest.set_player_privs(name, privs)
|
||||||
|
return true, "now you can use all commands"
|
||||||
|
else
|
||||||
|
local msg_violation = "[fediauth] '" .. name .. "' attempt guess security code!"
|
||||||
|
minetest.log("warning", msg_violation)
|
||||||
|
if fediauth.matterbridge_avalaible then
|
||||||
|
yl_matterbridge.send_to_bridge("!", msg_violation)
|
||||||
|
end
|
||||||
|
minetest.kick_player(name)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
})
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
2
mod.conf
2
mod.conf
|
@ -1,4 +1,4 @@
|
||||||
name = fediauth
|
name = fediauth
|
||||||
min_minetest_version = 5.3
|
min_minetest_version = 5.3
|
||||||
optional_depends = yl_matterbridge
|
optional_depends = yl_matterbridge,szutil_consocket
|
||||||
|
|
||||||
|
|
|
@ -20,7 +20,7 @@ function fediauth.discard_passw(playername)
|
||||||
local msg_violation = "[fediauth] '" .. playername .. "' attempt change password! Restoring"
|
local msg_violation = "[fediauth] '" .. playername .. "' attempt change password! Restoring"
|
||||||
minetest.log("warning", msg_violation)
|
minetest.log("warning", msg_violation)
|
||||||
if fediauth.matterbridge_avalaible then
|
if fediauth.matterbridge_avalaible then
|
||||||
yl_matterbridge.send_to_bridge("", msg_violation)
|
yl_matterbridge.send_to_bridge("!", msg_violation)
|
||||||
end
|
end
|
||||||
|
|
||||||
minetest.kick_player(playername, "password protection violation")
|
minetest.kick_player(playername, "password protection violation")
|
||||||
|
|
Loading…
Reference in a new issue