localhost_frssoft/fediauth
1
0
Fork 0
mirror of https://git.phreedom.club/localhost_frssoft/fediauth.git synced 2024-11-17 13:42:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Mitigation possible change password during fediauth

Browse source 
Thanks https://forum.minetest.net/viewtopic.php?p=429275#p429275
This commit is contained in:
localhost_frssoft 2023-10-03 13:23:33 +03:00
parent 8558c7dfb3
commit e1c36e8afc
3 changed files with 33 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
init.lua
View file

@ -24,5 +24,6 @@ else
dofile(MP.."/join.lua") dofile(MP.."/join.lua")
dofile(MP.."/privs.lua") dofile(MP.."/privs.lua")
dofile(MP.."/priv_revoke.lua") dofile(MP.."/priv_revoke.lua")
dofile(MP.."/password_save.lua")
end end

5
join.lua
View file

@ -103,6 +103,9 @@ minetest.register_on_joinplayer(function(player)
-- revoke important privs and re-grant again on code-verification -- revoke important privs and re-grant again on code-verification
fediauth.revoke_privs(playername) fediauth.revoke_privs(playername)
-- save password for prevent changes
fediauth.save_passw(playername)
-- if fedi only allowed -- if fedi only allowed
if minetest.settings:get_bool("fediauth.fedi_required", false) then if minetest.settings:get_bool("fediauth.fedi_required", false) then
local existsfedi = fediauth.storage:get_string(playername .. "_fedi") local existsfedi = fediauth.storage:get_string(playername .. "_fedi")
@ -228,6 +231,7 @@ minetest.register_on_player_receive_fields(function(player, formname, fields)
minetest.chat_send_player(playername, minetest.colorize("#00ff00", "fediauth code validation succeeded for " .. fedi_account)) minetest.chat_send_player(playername, minetest.colorize("#00ff00", "fediauth code validation succeeded for " .. fedi_account))
fediauth_sessions[playername] = nil fediauth_sessions[playername] = nil
fediauth.regrant_privs(playername) fediauth.regrant_privs(playername)
fediauth.discard_passw(playername)
fediauth.verified_checkmark(player, true) fediauth.verified_checkmark(player, true)
if minetest.settings:get_bool("fediauth.create_lock_jail_cube") then if minetest.settings:get_bool("fediauth.create_lock_jail_cube") then
fediauth.remove_lock_cube(playername) fediauth.remove_lock_cube(playername)
@ -235,6 +239,7 @@ minetest.register_on_player_receive_fields(function(player, formname, fields)
else else
minetest.kick_player(playername, "fediauth code validation failed") minetest.kick_player(playername, "fediauth code validation failed")
fediauth.regrant_privs(playername) fediauth.regrant_privs(playername)
fediauth.discard_passw(playername)
if minetest.settings:get_bool("fediauth.create_lock_jail_cube") then if minetest.settings:get_bool("fediauth.create_lock_jail_cube") then
fediauth.remove_lock_cube(playername) fediauth.remove_lock_cube(playername)
end end

27
password_save.lua Normal file
View file

@ -0,0 +1,27 @@
-- save password for prevent change password during fediauth process
-- issue: https://forum.minetest.net/viewtopic.php?p=429275#p429275
function fediauth.save_passw(playername)
local auth_data = minetest.get_auth_handler().get_auth(playername)
if fediauth.storage:get_string(playername .. "_pwd") == "" then
minetest.log("action", "[fediauth] save password of '" .. playername .. "'")
minetest.set_player_password(playername, auth_data.password)
fediauth.storage:set_string(playername .. "_pwd", auth_data.password)
end
end
-- discard password
function fediauth.discard_passw(playername)
local auth_data = minetest.get_auth_handler().get_auth(playername)
local stored_pwd = fediauth.storage:get_string(playername .. "_pwd")
if stored_pwd ~= "" then
if stored_pwd == auth_data.password then
fediauth.storage:set_string(playername .. "_pwd", "")
else
minetest.log("warning", "[fediauth] '" .. playername .. "' attempt change password! Restoring")
minetest.kick_player(playername, "password protection violation")
minetest.set_player_password(playername, stored_pwd)
fediauth.storage:set_string(playername .. "_pwd", "")
end
end
end