forum__user__handler_8cpp_source.html

 /*
    Copyright (C) 2008 - 2018 by Thomas Baumhauer <thomas.baumhauer@NOSPAMgmail.com>
    Part of the Battle for Wesnoth Project https://www.wesnoth.org/

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY.

    See the COPYING file for more details.
 */

 #ifdef HAVE_MYSQLPP

 #include "server/common/forum_user_handler.hpp"
 #include "hash.hpp"
 #include "log.hpp"
 #include "config.hpp"

 #include <cstdlib>
 #include <sstream>

 static lg::log_domain log_mp_user_handler("mp_user_handler");
 #define ERR_UH LOG_STREAM(err, log_mp_user_handler)
 #define WRN_UH LOG_STREAM(warn, log_mp_user_handler)
 #define LOG_UH LOG_STREAM(info, log_mp_user_handler)
 #define DBG_UH LOG_STREAM(debug, log_mp_user_handler)

 namespace {
     const int USER_INACTIVE = 1;
     const int USER_IGNORE = 2;
 }

 fuh::fuh(const config& c)
     : conn(c)
     , db_users_table_(c["db_users_table"].str())
     , db_extra_table_(c["db_extra_table"].str())
     , mp_mod_group_(0)
 {
     try {
         mp_mod_group_ = std::stoi(c["mp_mod_group"].str());
     } catch(...) {
         ERR_UH << "Failed to convert the mp_mod_group value of '" << c["mp_mod_group"].str() << "' into an int!  Defaulting to " << mp_mod_group_ << "." << std::endl;
     }
 }

 bool fuh::login(const std::string& name, const std::string& password, const std::string& seed) {
     // Retrieve users' password as hash
     std::string hash;

     try {
         hash = get_hash(name);
     } catch (const error& e) {
         ERR_UH << "Could not retrieve hash for user '" << name << "' :" << e.message << std::endl;
         return false;
     }

     std::string valid_hash;

     if(utils::md5::is_valid_hash(hash)) { // md5 hash
         valid_hash = utils::md5(hash.substr(12,34), seed).base64_digest();
     } else if(utils::bcrypt::is_valid_prefix(hash)) { // bcrypt hash
         valid_hash = utils::md5(hash, seed).base64_digest();
     } else {
         ERR_UH << "Invalid hash for user '" << name << "'" << std::endl;
         return false;
     }

     if(password == valid_hash) return true;

     return false;
 }

 std::string fuh::extract_salt(const std::string& name) {

     // Some double security, this should never be needed
     if(!(user_exists(name))) {
         return "";
     }

     std::string hash;

     try {
         hash = get_hash(name);
     } catch (const error& e) {
         ERR_UH << "Could not retrieve hash for user '" << name << "' :" << e.message << std::endl;
         return "";
     }

     if(utils::md5::is_valid_hash(hash))
         return hash.substr(0,12);

     if(utils::bcrypt::is_valid_prefix(hash)) {
         try {
             return utils::bcrypt::from_hash_string(hash).get_salt();
         } catch(const utils::hash_error& err) {
             ERR_UH << "Error getting salt from hash of user '" << name << "': " << err.what() << std::endl;
             return "";
         }
     }

     return "";
 }

 void fuh::user_logged_in(const std::string& name) {
     set_lastlogin(name, std::time(nullptr));
 }

 bool fuh::user_exists(const std::string& name) {
     return conn.user_exists(name);
 }

 bool fuh::user_is_active(const std::string& name) {
     int user_type = conn.get_user_int(db_users_table_, "user_type", name);
     return user_type != USER_INACTIVE && user_type != USER_IGNORE;
 }

 bool fuh::user_is_moderator(const std::string& name) {
     if(!user_exists(name)){
         return false;
     }
     return conn.get_user_int(db_extra_table_, "user_is_moderator", name) == 1 || (mp_mod_group_ != 0 && conn.is_user_in_group(name, mp_mod_group_));
 }

 void fuh::set_is_moderator(const std::string& name, const bool& is_moderator) {
     if(!user_exists(name)){
         return;
     }
     conn.write_user_int("user_is_moderator", name, is_moderator);
 }

 fuh::ban_info fuh::user_is_banned(const std::string& name, const std::string& addr)
 {
     //
     // NOTE: glob IP and email address bans are NOT supported yet since they
     //       require a different kind of query that isn't supported by our
     //       prepared SQL statement API right now. However, they are basically
     //       never used on forums.wesnoth.org, so this shouldn't be a problem
     //       for the time being.
     ban_check b = conn.get_ban_info(name, addr);
     switch(b.get_ban_type())
     {
         case BAN_NONE:
             return {};
         case BAN_IP:
             LOG_UH << "User '" << name << "' ip " << addr << " banned by IP address\n";
             return { BAN_IP, b.get_ban_duration() };
         case BAN_USER:
             LOG_UH << "User '" << name << "' uid " << b.get_user_id() << " banned by uid\n";
             return { BAN_USER, b.get_ban_duration() };
         case BAN_EMAIL:
             LOG_UH << "User '" << name << "' email " << b.get_email() << " banned by email address\n";
             return { BAN_EMAIL, b.get_ban_duration() };
         default:
             ERR_UH << "Invalid ban type '" << b.get_ban_type() << "' returned for user '" << name << "'\n";
             return {};
     }
 }

 std::string fuh::user_info(const std::string& name) {
     if(!user_exists(name)) {
         throw error("No user with the name '" + name + "' exists.");
     }

     std::time_t reg_date = get_registrationdate(name);
     std::time_t ll_date = get_lastlogin(name);

     std::string reg_string = ctime(&reg_date);
     std::string ll_string;

     if(ll_date) {
         ll_string = ctime(&ll_date);
     } else {
         ll_string = "Never\n";
     }

     std::stringstream info;
     info << "Name: " << name << "\n"
          << "Registered: " << reg_string
          << "Last login: " << ll_string;
     if(!user_is_active(name)) {
         info << "This account is currently inactive.\n";
     }

     return info.str();
 }

 std::string fuh::get_hash(const std::string& user) {
     return conn.get_user_string(db_users_table_, "user_password", user);
 }

 std::time_t fuh::get_lastlogin(const std::string& user) {
     return std::time_t(conn.get_user_int(db_extra_table_, "user_lastvisit", user));
 }

 std::time_t fuh::get_registrationdate(const std::string& user) {
     return std::time_t(conn.get_user_int(db_users_table_, "user_regdate", user));
 }

 void fuh::set_lastlogin(const std::string& user, const std::time_t& lastlogin) {
     conn.write_user_int("user_lastvisit", user, static_cast<int>(lastlogin));
 }

 std::string fuh::get_uuid(){
     return conn.get_uuid();
 }

 std::string fuh::get_tournaments(){
     return conn.get_tournaments();
 }

 void fuh::db_insert_game_info(const std::string& uuid, int game_id, const std::string& version, const std::string& name, const std::string& map_name, const std::string& era_name, int reload, int observers, int is_public, int has_password, const std::string& map_source, const std::string& map_version, const std::string& era_source, const std::string& era_version){
     conn.insert_game_info(uuid, game_id, version, name, map_name, era_name, reload, observers, is_public, has_password, map_source, map_version, era_source, era_version);
 }

 void fuh::db_update_game_end(const std::string& uuid, int game_id, const std::string& replay_location){
     conn.update_game_end(uuid, game_id, replay_location);
 }

 void fuh::db_insert_game_player_info(const std::string& uuid, int game_id, const std::string& username, int side_number, int is_host, const std::string& faction, const std::string& version, const std::string& source, const std::string& current_user){
     conn.insert_game_player_info(uuid, game_id, username, side_number, is_host, faction, version, source, current_user);
 }

 void fuh::db_insert_modification_info(const std::string& uuid, int game_id, const std::string& modification_name, const std::string& modification_source, const std::string& modification_version){
     conn.insert_modification_info(uuid, game_id, modification_name, modification_source, modification_version);
 }

 void fuh::db_set_oos_flag(const std::string& uuid, int game_id){
     conn.set_oos_flag(uuid, game_id);
 }

 #endif //HAVE_MYSQLPP
fuh::get_hash
std::string get_hash(const std::string &user)

ban_check::get_ban_duration
int get_ban_duration()

forum_user_handler.hpp

utils::md5::base64_digest
virtual std::string base64_digest() const override
Definition: hash.cpp:121

error
static l_noret error(LoadState *S, const char *why)
Definition: lundump.cpp:39

lg::info
logger & info()
Definition: log.cpp:90

lg::log_domain
Definition: log.hpp:99

fuh::get_uuid
std::string get_uuid()

utils::bcrypt::is_valid_prefix
static bool is_valid_prefix(const std::string &hash)
Definition: hash.cpp:187

fuh::user_logged_in
void user_logged_in(const std::string &name)
Executed when the user with the given name logged in.

fuh::get_lastlogin
std::time_t get_lastlogin(const std::string &user)

str
std::string str
Definition: statement.cpp:110

fuh::db_insert_game_info
void db_insert_game_info(const std::string &uuid, int game_id, const std::string &version, const std::string &name, const std::string &map_name, const std::string &era_name, int reload, int observers, int is_public, int has_password, const std::string &map_source, const std::string &map_version, const std::string &era_source, const std::string &era_version)

fuh::user_info
std::string user_info(const std::string &name)
Returns a string containing info like the last login of this user.

utils::md5
Definition: hash.hpp:52

fuh::user_exists
bool user_exists(const std::string &name)
Returns true if a user with the given name exists.

ban_check::get_email
std::string get_email()

fuh::set_is_moderator
void set_is_moderator(const std::string &name, const bool &is_moderator)
Mark this user as a moderator.

fuh::fuh
fuh(const config &c)

b
#define b

utils::md5::is_valid_hash
static bool is_valid_hash(const std::string &hash)
Definition: hash.cpp:96

fuh::db_insert_modification_info
void db_insert_modification_info(const std::string &uuid, int game_id, const std::string &modification_name, const std::string &modification_source, const std::string &modification_version)

fuh::user_is_banned
ban_info user_is_banned(const std::string &name, const std::string &addr)
Returns true if this user account or IP address is banned.

ban_check
Definition: ban_check.hpp:20

game::error::what
const char * what() const noexcept
Definition: exceptions.hpp:37

fuh::get_tournaments
std::string get_tournaments()

fuh::login
bool login(const std::string &name, const std::string &password, const std::string &seed)
Return true if the given password matches the password for the given user.

fuh::db_set_oos_flag
void db_set_oos_flag(const std::string &uuid, int game_id)

lg::err
logger & err()
Definition: log.cpp:78

ban_check::get_ban_type
long get_ban_type()

dbconn::user_exists
bool user_exists(const std::string &name)

fuh::user_is_active
bool user_is_active(const std::string &name)
Returns true if the specified user account is usable for logins.

user_handler::ban_info
Ban status description.
Definition: user_handler.hpp:88

preferences::password
std::string password(const std::string &server, const std::string &login)
Definition: credentials.cpp:154

utils::bcrypt::from_hash_string
static bcrypt from_hash_string(const std::string &input)
Definition: hash.cpp:168

fuh::get_registrationdate
std::time_t get_registrationdate(const std::string &user)

mariadb::value::time
Definition: types.hpp:50

fuh::user_is_moderator
bool user_is_moderator(const std::string &name)
Returns true if this user is a moderator on this server.

mariadb::value::string
Definition: types.hpp:51

dbconn::db_users_table_
std::string db_users_table_
Definition: dbconn.hpp:53

ban_check::get_user_id
int get_user_id()

fuh::set_lastlogin
void set_lastlogin(const std::string &user, const std::time_t &lastlogin)

hash.hpp

e
#define e

utils::bcrypt::get_salt
std::string get_salt() const
Definition: hash.cpp:194

ai::side_number
int side_number
Definition: game_info.hpp:39

utils::hash_error
Definition: hash.hpp:29

config
A config object defines a single node in a WML file, with access to child nodes.
Definition: config.hpp:68

fuh::extract_salt
std::string extract_salt(const std::string &name)
Needed because the hashing algorithm used by phpbb requires some info from the original hash to recre...

c
mock_char c
Definition: test_formula_core.cpp:67

fuh::db_update_game_end
void db_update_game_end(const std::string &uuid, int game_id, const std::string &replay_location)

fuh::db_insert_game_player_info
void db_insert_game_player_info(const std::string &uuid, int game_id, const std::string &username, int side_number, int is_host, const std::string &faction, const std::string &version, const std::string &source, const std::string &current_user)

dbconn::db_extra_table_
std::string db_extra_table_
Definition: dbconn.hpp:55