fediauth/join.lua

188 lines
6.9 KiB
Lua

local FORMNAME = "fediauth-check"
local FORMNAMEFEDI = "fediauth-check-fedi"
-- time for fediauth code verification
local fediauth_time = 300
-- playername => start_time
local fediauth_sessions = {}
local formspecfediadd = "size[9,10]" ..
"label[1,7;Input your fediverse account handle]" ..
"image[1.5,0.6;7,7;fediverse.png]" ..
"field[1,9;4,1;fediverse_account_url;@nick@example.com;]" ..
"button[5,8.7;3,1;submit;Send code]"
local feditempstore = {}
local failed_counter = {}
minetest.register_entity("fediauth:checkmark", {
initial_properties = {
pointable = false,
armor_groups = { immortal = 1 },
visual = "sprite",
visual_size = {x = 0.5, y = 0.5},
textures = { "checkmark.png^[opacity:180" },
use_texture_alpha = true,
static_save = false,
glow = 5,
},
on_detach = function(self, parent) self.object:remove() end
})
function fediauth.verified_checkmark(player, verified)
local tag = player:get_player_name()
local props = player:get_properties()
if verified then
local obj = minetest.add_entity({x=0,y=2,z=0}, "fediauth:checkmark", nil)
obj:set_attach(player, "Head", {x = 0, y = 12, z = 0})
player:set_properties({nametag = props.nametag .. " [FEDI]", nametag_color = "#00ff00" })
end
end
-- Code formspec on join for fediauth enabled players
minetest.register_on_joinplayer(function(player)
local playername = player:get_player_name()
if fediauth.is_player_bypassed(playername) then return end
if fediauth.is_player_enabled(playername) or minetest.settings:get_bool("fediauth.fedi_required", false) then
minetest.log("action", "[fediauth] session start for player: '" .. playername .. "'")
-- start fediauth session time
fediauth_sessions[player:get_player_name()] = os.time()
-- revoke important privs and re-grant again on code-verification
fediauth.revoke_privs(playername)
-- if fedi only allowed
if minetest.settings:get_bool("fediauth.fedi_required", false) then
local existsfedi = fediauth.storage:get_string(playername .. "_fedi")
if existsfedi == "" or not existsfedi then
minetest.log("action", "[fediauth] request fedi account for player: '" .. playername .. "'")
minetest.show_formspec(playername, FORMNAMEFEDI, formspecfediadd)
return
end
end
local secret_b32 = fediauth.get_player_secret_b32(playername)
local codeseq = fediauth.give_code(secret_b32)
local fedihandle = fediauth.storage:get_string(playername .. "_fedi"):split("@")
if fediauth.is_home_instance(fedihandle[2]) then
fediauth.send_code(codeseq[1], "@" .. fedihandle[1], playername)
else
fediauth.send_code(codeseq[1], "@" .. fedihandle[1] .. "@" .. fedihandle[2], playername)
end
-- send verification formspec
local formspec = "size[10,2]" ..
"label[1,0;Please check your fedi account and enter code]" ..
"field[1,1.3;4,1;code;Code;]" ..
"button_exit[5,1;3,1;submit;Verify]"
minetest.show_formspec(playername, FORMNAME, formspec)
end
end)
-- prevent flooding codes
minetest.register_on_prejoinplayer(function(name, ip)
if (failed_counter[name] or 0) >= 2 then
return "Please try later, your attempts has expired"
end
end)
local function attempts_cleanup(name)
for k, v in pairs(failed_counter) do
if v >= 2 then
failed_counter[k] = nil
end
end
minetest.after(120, attempts_cleanup)
end
minetest.after(120, attempts_cleanup)
-- clear fediauth session on leave
minetest.register_on_leaveplayer(function(player)
local playername = player:get_player_name()
fediauth_sessions[playername] = nil
end)
-- check sessions periodically and kick if timed out
local function session_check()
local now = os.time()
for name, start_time in pairs(fediauth_sessions) do
if (now - start_time) > fediauth_time then
minetest.kick_player(name, "fediauth code validation timed out")
fediauth_sessions[name] = nil
end
end
minetest.after(5, session_check)
end
minetest.after(5, session_check)
-- fediauth check
minetest.register_on_player_receive_fields(function(player, formname, fields)
if formname ~= FORMNAME and formname ~= FORMNAMEFEDI then
return
end
local playername = player:get_player_name()
local secret_b32 = fediauth.get_player_secret_b32(playername)
-- check for new player or doesn't have fedi account
if fields.fediverse_account_url then
-- basic prevent mention spam and limit length
if not string.starts(fields.fediverse_account_url, "@") or string.len(fields.fediverse_account_url) < 3 or string.len(fields.fediverse_account_url) > 100 then
minetest.chat_send_player(playername, minetest.colorize("#ff0000", "Try again, your input is incorrect"))
minetest.show_formspec(playername, FORMNAMEFEDI, formspecfediadd)
return
end
local fedihandle = fields.fediverse_account_url:split("@")
if #fedihandle ~= 2 then
minetest.chat_send_player(playername, minetest.colorize("#ff0000", "Incorrect format"))
minetest.show_formspec(playername, FORMNAMEFEDI, formspecfediadd)
return
end
if fediauth.check_for_restricted_instance(fedihandle[2]) then
minetest.chat_send_player(playername, minetest.colorize("#ff0000", fedihandle[2] .. " has restricted, try another..."))
minetest.show_formspec(playername, FORMNAMEFEDI, formspecfediadd)
return
end
local secret_b32 = fediauth.get_player_secret_b32(playername)
local codeseq = fediauth.give_code(secret_b32)
if fediauth.is_home_instance(fedihandle[2]) then
fediauth.send_code(codeseq[1], "@" .. fedihandle[1], playername)
else
fediauth.send_code(codeseq[1], "@" .. fedihandle[1] .. "@" .. fedihandle[2], playername)
end
feditempstore[playername] = fields.fediverse_account_url
local formspec = "size[9,10]" ..
"label[1,7;Check code on " .. minetest.formspec_escape(fields.fediverse_account_url) .. "]" ..
"field[1,9;4,1;code;Code;]" ..
"button_exit[5,8.7;3,1;submit;Verify]"
minetest.show_formspec(playername, FORMNAME, formspec)
return
end
if fediauth.check_code(secret_b32, fields.code) then
local fedi_account = fediauth.storage:get_string(playername .. "_fedi")
-- if player without fediverse (for prevent write account handle if code incorrect)
if fedi_account == "" and feditempstore[playername] then
fediauth.storage:set_string(playername .. "_fedi", feditempstore[playername])
fedi_account = feditempstore[playername]
feditempstore[playername] = nil
end
minetest.chat_send_player(playername, minetest.colorize("#00ff00", "fediauth code validation succeeded for " .. fedi_account))
fediauth_sessions[playername] = nil
fediauth.regrant_privs(playername)
fediauth.verified_checkmark(player, true)
else
minetest.kick_player(playername, "fediauth code validation failed")
fediauth.regrant_privs(playername)
failed_counter[playername] = (failed_counter[playername] or 0) + 1
end
end)