killed legacy
This commit is contained in:
parent
7a2ffdd191
commit
34c983b87f
7 changed files with 25 additions and 103 deletions
|
@ -13,14 +13,6 @@ I'll write a more descriptive readme once it's in a stable state.
|
||||||
ServerAlias www.[site url]
|
ServerAlias www.[site url]
|
||||||
</VirtualHost>
|
</VirtualHost>
|
||||||
|
|
||||||
<VirtualHost *:80 *:443>
|
|
||||||
DocumentRoot [local path]/content
|
|
||||||
ServerName content.[site url]
|
|
||||||
|
|
||||||
Header unset Cookie
|
|
||||||
Header unset Set-Cookie
|
|
||||||
</VirtualHost>
|
|
||||||
|
|
||||||
<VirtualHost *:80 *:443>
|
<VirtualHost *:80 *:443>
|
||||||
DocumentRoot [local path]/api
|
DocumentRoot [local path]/api
|
||||||
ServerName api.[site url]
|
ServerName api.[site url]
|
||||||
|
|
|
@ -1683,6 +1683,10 @@
|
||||||
{
|
{
|
||||||
"type": "FIX",
|
"type": "FIX",
|
||||||
"change": "Attempt to fix error while trying to get the old avatar name."
|
"change": "Attempt to fix error while trying to get the old avatar name."
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"type": "REM",
|
||||||
|
"change": "Removed legacy password hash support, if your account still uses this method request a password reset email."
|
||||||
}
|
}
|
||||||
|
|
||||||
]
|
]
|
||||||
|
|
|
@ -260,13 +260,6 @@ class Main {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Legacy password hashing to be able to validate passwords from users on the old backend.
|
|
||||||
public static function legacyPasswordHash($data) {
|
|
||||||
|
|
||||||
return hash('sha512', strrev(hash('sha512', $data)));
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
// Cleaning strings
|
// Cleaning strings
|
||||||
public static function cleanString($string, $lower = false, $nospecial = false) {
|
public static function cleanString($string, $lower = false, $nospecial = false) {
|
||||||
|
|
||||||
|
|
|
@ -116,24 +116,24 @@ class Users {
|
||||||
$user = self::getUser($uid);
|
$user = self::getUser($uid);
|
||||||
|
|
||||||
// Validate password
|
// Validate password
|
||||||
if($user['password_algo'] == 'nologin') { // Disable logging in to an account
|
switch($user['password_algo']) {
|
||||||
|
|
||||||
return [0, 'NO_LOGIN'];
|
// Abyssing
|
||||||
|
case 'nologin':
|
||||||
|
return [0, 'NO_LOGIN'];
|
||||||
|
|
||||||
} elseif($user['password_algo'] == 'legacy') { // Shitty legacy method of sha512(strrev(sha512()))
|
// Default hashing method
|
||||||
|
default:
|
||||||
|
if(!Hashing::validate_password($password, [
|
||||||
|
$user['password_algo'],
|
||||||
|
$user['password_iter'],
|
||||||
|
$user['password_salt'],
|
||||||
|
$user['password_hash']
|
||||||
|
])) {
|
||||||
|
|
||||||
if(Main::legacyPasswordHash($password) != $user['password_hash'])
|
return [0, 'INCORRECT_PASSWORD', $user['password_chan']];
|
||||||
return [0, 'INCORRECT_PASSWORD'];
|
|
||||||
|
|
||||||
} else { // PBKDF2 hashing
|
}
|
||||||
|
|
||||||
if(!Hashing::validate_password($password, [
|
|
||||||
$user['password_algo'],
|
|
||||||
$user['password_iter'],
|
|
||||||
$user['password_salt'],
|
|
||||||
$user['password_hash']
|
|
||||||
]))
|
|
||||||
return [0, 'INCORRECT_PASSWORD', $user['password_chan']];
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
<meta http-equiv="refresh" content="3; URL={{ page.redirect }}" />
|
<meta http-equiv="refresh" content="3; URL={{ page.redirect }}" />
|
||||||
{% endif %}
|
{% endif %}
|
||||||
<!-- CSS -->
|
<!-- CSS -->
|
||||||
<link rel="stylesheet" type="text/css" href="//{{ sakura.urls.content }}/global.css" />
|
<link rel="stylesheet" type="text/css" href="//{{ sakura.content_path }}/global.css" />
|
||||||
<link rel="stylesheet" type="text/css" href="{{ sakura.resources }}/css/manage.css" />
|
<link rel="stylesheet" type="text/css" href="{{ sakura.resources }}/css/manage.css" />
|
||||||
<link rel="stylesheet" type="text/css" href="//maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css" />
|
<link rel="stylesheet" type="text/css" href="//maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css" />
|
||||||
<!-- JS -->
|
<!-- JS -->
|
||||||
|
@ -27,19 +27,19 @@
|
||||||
<div class="nav">
|
<div class="nav">
|
||||||
<div class="menu" id="siteNav">
|
<div class="menu" id="siteNav">
|
||||||
<div style="color: {{ user.colour }};">{{ user.data.username }}</div>
|
<div style="color: {{ user.colour }};">{{ user.data.username }}</div>
|
||||||
<a href="//{{ sakura.urls.main }}/">Return to Site Index</a>
|
<a href="/">Return to Site Index</a>
|
||||||
<a href="//{{ sakura.urls.main }}/logout?mode=logout&time={{ php.time }}&session={{ php.sessionid }}&redirect=//{{ sakura.urls.main }}/">Logout</a>
|
<a href="/logout?mode=logout&time={{ php.time }}&session={{ php.sessionid }}&redirect=/">Logout</a>
|
||||||
</div>
|
</div>
|
||||||
<div class="menu" id="pageNav">
|
<div class="menu" id="pageNav">
|
||||||
<div>Navigation</div>
|
<div>Navigation</div>
|
||||||
{% for short,page in page.pages %}
|
{% for short,page in page.pages %}
|
||||||
<a href="//{{ sakura.urls.main }}/manage/{{ short }}/">{{ page.desc }}</a>
|
<a href="/manage/{{ short }}/">{{ page.desc }}</a>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
</div>
|
</div>
|
||||||
<div class="menu" id="subNav">
|
<div class="menu" id="subNav">
|
||||||
<div>{{ page.pages[page.activepage].desc }}</div>
|
<div>{{ page.pages[page.activepage].desc }}</div>
|
||||||
{% for short,sub in page.pages[page.activepage].subs %}
|
{% for short,sub in page.pages[page.activepage].subs %}
|
||||||
<a href="//{{ sakura.urls.main }}/manage/{{ page.activepage }}/{{ short }}/">{{ sub.desc }}</a>
|
<a href="/manage/{{ page.activepage }}/{{ short }}/">{{ sub.desc }}</a>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -1,29 +0,0 @@
|
||||||
{% include 'global/header.tpl' %}
|
|
||||||
<div class="content news settings">
|
|
||||||
<div class="head">Changing Password</div>
|
|
||||||
<div class="settings-explanation">
|
|
||||||
Because of a change in the way Flashii handles authentication you are required to change your password.
|
|
||||||
</div>
|
|
||||||
<form method="post" action="/authenticate" id="passwordForm">
|
|
||||||
<input type="hidden" name="redirect" value="//iihsalf.net/" />
|
|
||||||
<input type="hidden" name="session" value="{{ php.sessionid }}" />
|
|
||||||
<input type="hidden" name="time" value="{{ php.time }}" />
|
|
||||||
<input type="hidden" name="mode" value="legacypw" />
|
|
||||||
<div class="profile-field">
|
|
||||||
<div><h2>Old Password</h2></div>
|
|
||||||
<div style="text-align: center;"><input type="password" name="oldpw" placeholder="Your current password for verification" class="inputStyling" /></div>
|
|
||||||
</div>
|
|
||||||
<div class="profile-field">
|
|
||||||
<div><h2>New Password</h2></div>
|
|
||||||
<div style="text-align: center;"><input type="password" name="newpw" placeholder="Your new password, can be the same but that's not a good idea" class="inputStyling" /></div>
|
|
||||||
</div>
|
|
||||||
<div class="profile-field">
|
|
||||||
<div><h2>Verify Password</h2></div>
|
|
||||||
<div style="text-align: center;"><input type="password" name="verpw" placeholder="Your new password again to make sure you didn't typo anything" class="inputStyling" /></div>
|
|
||||||
</div>
|
|
||||||
<div class="profile-save">
|
|
||||||
<input type="submit" value="Save" name="submit" class="inputStyling" /> <input type="reset" value="Reset" name="reset" class="inputStyling" />
|
|
||||||
</div>
|
|
||||||
</form>
|
|
||||||
</div>
|
|
||||||
{% include 'global/footer.tpl' %}
|
|
|
@ -53,7 +53,7 @@ if(isset($_REQUEST['mode'])) {
|
||||||
// Login check
|
// Login check
|
||||||
if(Users::checkLogin()) {
|
if(Users::checkLogin()) {
|
||||||
|
|
||||||
if(!in_array($_REQUEST['mode'], ['logout', 'legacypw'])) {
|
if(!in_array($_REQUEST['mode'], ['logout'])) {
|
||||||
$continue = false;
|
$continue = false;
|
||||||
|
|
||||||
// Add page specific things
|
// Add page specific things
|
||||||
|
@ -86,32 +86,6 @@ if(isset($_REQUEST['mode'])) {
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'legacypw':
|
|
||||||
|
|
||||||
// Attempt change
|
|
||||||
$legacypass = Users::changeLegacy($_REQUEST['oldpw'], $_REQUEST['newpw'], $_REQUEST['verpw']);
|
|
||||||
|
|
||||||
// Array containing "human understandable" messages
|
|
||||||
$messages = [
|
|
||||||
'USER_NOT_LOGIN' => 'What are you doing, you\'re not even logged in. GO AWAY!',
|
|
||||||
'INCORRECT_PASSWORD' => 'The password you entered was invalid.',
|
|
||||||
'NOT_ALLOWED' => 'Your account does not have the required permissions to change your password.',
|
|
||||||
'NO_LOGIN' => 'Logging into this account is disabled.',
|
|
||||||
'PASS_TOO_SHIT' => 'Your password is too weak, try adding some special characters.',
|
|
||||||
'PASS_NOT_MATCH' => 'Passwords do not match.',
|
|
||||||
'SUCCESS' => 'Successfully changed your password, you may now continue.'
|
|
||||||
];
|
|
||||||
|
|
||||||
// Add page specific things
|
|
||||||
$renderData['page'] = [
|
|
||||||
'title' => 'Change Password',
|
|
||||||
'redirect' => '/',
|
|
||||||
'message' => $messages[$legacypass[1]],
|
|
||||||
'success' => $legacypass[0]
|
|
||||||
];
|
|
||||||
|
|
||||||
break;
|
|
||||||
|
|
||||||
case 'changepassword':
|
case 'changepassword':
|
||||||
|
|
||||||
// Attempt change
|
// Attempt change
|
||||||
|
@ -200,14 +174,13 @@ if(isset($_REQUEST['mode'])) {
|
||||||
'INCORRECT_PASSWORD' => 'The password you entered was invalid.',
|
'INCORRECT_PASSWORD' => 'The password you entered was invalid.',
|
||||||
'NOT_ALLOWED' => 'Your account does not have the required permissions to log in.',
|
'NOT_ALLOWED' => 'Your account does not have the required permissions to log in.',
|
||||||
'NO_LOGIN' => 'Logging into this account is disabled.',
|
'NO_LOGIN' => 'Logging into this account is disabled.',
|
||||||
'LEGACY_SUCCESS' => 'Login successful! Taking you to the password changing page...',
|
|
||||||
'LOGIN_SUCESS' => 'Login successful!'
|
'LOGIN_SUCESS' => 'Login successful!'
|
||||||
];
|
];
|
||||||
|
|
||||||
// Add page specific things
|
// Add page specific things
|
||||||
$renderData['page'] = [
|
$renderData['page'] = [
|
||||||
'title' => 'Login',
|
'title' => 'Login',
|
||||||
'redirect' => ($login[1] == 'LEGACY_SUCCESS' ? '/authenticate?legacy=true' : ($login[0] ? $_REQUEST['redirect'] : '/authenticate')),
|
'redirect' => $login[0] ? $_REQUEST['redirect'] : '/authenticate',
|
||||||
'message' => $messages[$login[1]],
|
'message' => $messages[$login[1]],
|
||||||
'success' => $login[0]
|
'success' => $login[0]
|
||||||
];
|
];
|
||||||
|
@ -326,17 +299,6 @@ $renderData['auth'] = [
|
||||||
// Check if the user is already logged in
|
// Check if the user is already logged in
|
||||||
if(Users::checkLogin()) {
|
if(Users::checkLogin()) {
|
||||||
|
|
||||||
// If password forgot things are set display password forget thing
|
|
||||||
if(isset($_REQUEST['legacy']) && $_REQUEST['legacy'] && Users::getUser(Session::$userId)['password_algo'] == 'legacy') {
|
|
||||||
|
|
||||||
$renderData['page']['title'] = 'Changing Password';
|
|
||||||
$renderData['auth']['changingPass'] = true;
|
|
||||||
|
|
||||||
print Templates::render('main/legacypasswordchange.tpl', $renderData);
|
|
||||||
exit;
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
// Add page specific things
|
// Add page specific things
|
||||||
$renderData['page'] = [
|
$renderData['page'] = [
|
||||||
'title' => 'Authentication',
|
'title' => 'Authentication',
|
||||||
|
|
Reference in a new issue