MultiCraft
/
MultiCraft2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make core.auth_table private and structure builtin/auth.lua 

If you give modders the ability to do something, they will...
master
sfan5 2017-11-27 17:37:41 +01:00 committed by Loïc Blot
parent 6efb453cdb
commit 36838ea22f
1 changed files with 45 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
builtin/game/auth.lua
View File

@ -1,17 +1,17 @@
-- Minetest: builtin/auth.lua -- Minetest: builtin/auth.lua
-- --
-- Authentication handler -- Builtin authentication handler
-- --
core.auth_file_path = core.get_worldpath().."/auth.txt" local auth_file_path = core.get_worldpath().."/auth.txt"
core.auth_table = {} local auth_table = {}
local function read_auth_file() local function read_auth_file()
local newtable = {} local newtable = {}
local file, errmsg = io.open(core.auth_file_path, 'rb') local file, errmsg = io.open(auth_file_path, 'rb')
if not file then if not file then
core.log("info", core.auth_file_path.." could not be opened for reading ("..errmsg.."); assuming new world") core.log("info", auth_file_path.." could not be opened for reading ("..errmsg.."); assuming new world")
return return
end end
for line in file:lines() do for line in file:lines() do
@ -27,14 +27,14 @@ local function read_auth_file()
end end
end end
io.close(file) io.close(file)
core.auth_table = newtable auth_table = newtable
core.notify_authentication_modified() core.notify_authentication_modified()
end end
local function save_auth_file() local function save_auth_file()
local newtable = {} local newtable = {}
-- Check table for validness before attempting to save -- Check table for validness before attempting to save
for name, stuff in pairs(core.auth_table) do for name, stuff in pairs(auth_table) do
assert(type(name) == "string") assert(type(name) == "string")
assert(name ~= "") assert(name ~= "")
assert(type(stuff) == "table") assert(type(stuff) == "table")
@ -43,13 +43,13 @@ local function save_auth_file()
assert(stuff.last_login == nil or type(stuff.last_login) == "number") assert(stuff.last_login == nil or type(stuff.last_login) == "number")
end end
local content = "" local content = ""
for name, stuff in pairs(core.auth_table) do for name, stuff in pairs(auth_table) do
local priv_string = core.privs_to_string(stuff.privileges) local priv_string = core.privs_to_string(stuff.privileges)
local parts = {name, stuff.password, priv_string, stuff.last_login or ""} local parts = {name, stuff.password, priv_string, stuff.last_login or ""}
content = content .. table.concat(parts, ":") .. "\n" content = content .. table.concat(parts, ":") .. "\n"
end end
if not core.safe_file_write(core.auth_file_path, content) then if not core.safe_file_write(auth_file_path, content) then
error(core.auth_file_path.." could not be written to") error(auth_file_path.." could not be written to")
end end
end end
@ -63,13 +63,13 @@ core.builtin_auth_handler = {
-- usually empty too) -- usually empty too)
local new_password_hash = "" local new_password_hash = ""
-- If not in authentication table, return nil -- If not in authentication table, return nil
if not core.auth_table[name] then if not auth_table[name] then
return nil return nil
end end
-- Figure out what privileges the player should have. -- Figure out what privileges the player should have.
-- Take a copy of the privilege table -- Take a copy of the privilege table
local privileges = {} local privileges = {}
for priv, _ in pairs(core.auth_table[name].privileges) do for priv, _ in pairs(auth_table[name].privileges) do
privileges[priv] = true privileges[priv] = true
end end
-- If singleplayer, give all privileges except those marked as give_to_singleplayer = false -- If singleplayer, give all privileges except those marked as give_to_singleplayer = false
@ -89,17 +89,17 @@ core.builtin_auth_handler = {
end end
-- All done -- All done
return { return {
password = core.auth_table[name].password, password = auth_table[name].password,
privileges = privileges, privileges = privileges,
-- Is set to nil if unknown -- Is set to nil if unknown
last_login = core.auth_table[name].last_login, last_login = auth_table[name].last_login,
} }
end, end,
create_auth = function(name, password) create_auth = function(name, password)
assert(type(name) == "string") assert(type(name) == "string")
assert(type(password) == "string") assert(type(password) == "string")
core.log('info', "Built-in authentication handler adding player '"..name.."'") core.log('info', "Built-in authentication handler adding player '"..name.."'")
core.auth_table[name] = { auth_table[name] = {
password = password, password = password,
privileges = core.string_to_privs(core.settings:get("default_privs")), privileges = core.string_to_privs(core.settings:get("default_privs")),
last_login = os.time(), last_login = os.time(),
@ -109,11 +109,11 @@ core.builtin_auth_handler = {
set_password = function(name, password) set_password = function(name, password)
assert(type(name) == "string") assert(type(name) == "string")
assert(type(password) == "string") assert(type(password) == "string")
if not core.auth_table[name] then if not auth_table[name] then
core.builtin_auth_handler.create_auth(name, password) core.builtin_auth_handler.create_auth(name, password)
else else
core.log('info', "Built-in authentication handler setting password of player '"..name.."'") core.log('info', "Built-in authentication handler setting password of player '"..name.."'")
core.auth_table[name].password = password auth_table[name].password = password
save_auth_file() save_auth_file()
end end
return true return true
@ -121,7 +121,7 @@ core.builtin_auth_handler = {
set_privileges = function(name, privileges) set_privileges = function(name, privileges)
assert(type(name) == "string") assert(type(name) == "string")
assert(type(privileges) == "table") assert(type(privileges) == "table")
if not core.auth_table[name] then if not auth_table[name] then
core.builtin_auth_handler.create_auth(name, core.builtin_auth_handler.create_auth(name,
core.get_password_hash(name, core.get_password_hash(name,
core.settings:get("default_password"))) core.settings:get("default_password")))
@ -129,19 +129,19 @@ core.builtin_auth_handler = {
-- Run grant callbacks -- Run grant callbacks
for priv, _ in pairs(privileges) do for priv, _ in pairs(privileges) do
if not core.auth_table[name].privileges[priv] then if not auth_table[name].privileges[priv] then
core.run_priv_callbacks(name, priv, nil, "grant") core.run_priv_callbacks(name, priv, nil, "grant")
end end
end end
-- Run revoke callbacks -- Run revoke callbacks
for priv, _ in pairs(core.auth_table[name].privileges) do for priv, _ in pairs(auth_table[name].privileges) do
if not privileges[priv] then if not privileges[priv] then
core.run_priv_callbacks(name, priv, nil, "revoke") core.run_priv_callbacks(name, priv, nil, "revoke")
end end
end end
core.auth_table[name].privileges = privileges auth_table[name].privileges = privileges
core.notify_authentication_modified(name) core.notify_authentication_modified(name)
save_auth_file() save_auth_file()
end, end,
@ -151,11 +151,34 @@ core.builtin_auth_handler = {
end, end,
record_login = function(name) record_login = function(name)
assert(type(name) == "string") assert(type(name) == "string")
assert(core.auth_table[name]).last_login = os.time() assert(auth_table[name]).last_login = os.time()
save_auth_file() save_auth_file()
end, end,
} }
core.register_on_prejoinplayer(function(name, ip)
if core.registered_auth_handler ~= nil then
return -- Don't do anything if custom auth handler registered
end
if auth_table[name] ~= nil then
return
end
local name_lower = name:lower()
for k in pairs(auth_table) do
if k:lower() == name_lower then
return string.format("\nCannot create new player called '%s'. "..
"Another account called '%s' is already registered. "..
"Please check the spelling if it's your account "..
"or use a different nickname.", name, k)
end
end
end)
--
-- Authentication API
--
function core.register_authentication_handler(handler) function core.register_authentication_handler(handler)
if core.registered_auth_handler then if core.registered_auth_handler then
error("Add-on authentication handler already registered by "..core.registered_auth_handler_modname) error("Add-on authentication handler already registered by "..core.registered_auth_handler_modname)
@ -183,26 +206,7 @@ core.set_player_password = auth_pass("set_password")
core.set_player_privs = auth_pass("set_privileges") core.set_player_privs = auth_pass("set_privileges")
core.auth_reload = auth_pass("reload") core.auth_reload = auth_pass("reload")
local record_login = auth_pass("record_login") local record_login = auth_pass("record_login")
core.register_on_joinplayer(function(player) core.register_on_joinplayer(function(player)
record_login(player:get_player_name()) record_login(player:get_player_name())
end) end)
core.register_on_prejoinplayer(function(name, ip)
local auth = core.auth_table
if auth[name] ~= nil then
return
end
local name_lower = name:lower()
for k in pairs(auth) do
if k:lower() == name_lower then
return string.format("\nCannot create new player called '%s'. "..
"Another account called '%s' is already registered. "..
"Please check the spelling if it's your account "..
"or use a different nickname.", name, k)
end
end
end)