Switched to SharpChat authentication instead of hooking into the Misuzu database.
This commit is contained in:
parent
0005813d4b
commit
088531a620
3 changed files with 41 additions and 73 deletions
|
|
@ -1,8 +1,3 @@
|
|||
[PDO]
|
||||
dsn = https://www.php.net/manual/en/ref.pdo-mysql.connection.php
|
||||
username = mariadb username
|
||||
password = mariadb password
|
||||
|
||||
[Database]
|
||||
dsn = "mariadb://user:password@:unix:/eeprom?socket=/var/run/mysqld/mysqld.sock&charset=utf8mb4&init=SET SESSION time_zone = '+00:00', sql_mode = 'STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION'"
|
||||
|
||||
|
|
@ -12,7 +7,8 @@ clients[] = \EEPROM\Auth\MisuzuAuth
|
|||
clients[] = \EEPROM\Auth\SockChatAuth
|
||||
|
||||
[Misuzu]
|
||||
config = /path/to/misuzu/config.ini
|
||||
secret = woomy
|
||||
endpoint = https://flashii.net/_sockchat/verify
|
||||
|
||||
[Nabucco]
|
||||
secret = secret key
|
||||
|
|
|
|||
|
|
@ -2,65 +2,57 @@
|
|||
namespace EEPROM\Auth;
|
||||
|
||||
use EEPROM\Config;
|
||||
use EEPROM\DB;
|
||||
use PDO;
|
||||
use PDOException;
|
||||
use Index\Serialisation\Serialiser;
|
||||
|
||||
class MisuzuAuth implements AuthInterface {
|
||||
private static $database = null;
|
||||
private $endPoint = '';
|
||||
private $secretKey = '';
|
||||
|
||||
public function getDatabase(): PDO {
|
||||
if(self::$database !== null)
|
||||
return self::$database;
|
||||
|
||||
$configPath = Config::get('Misuzu', 'config', '');
|
||||
|
||||
if(!is_file($configPath))
|
||||
throw new \Exception('Cannot find Misuzu configuration.');
|
||||
|
||||
$config = parse_ini_file($configPath, true)['Database'];
|
||||
$dsn = ($config['driver'] ?? 'mysql') . ':';
|
||||
|
||||
foreach($config as $key => $value) {
|
||||
if($key === 'driver' || $key === 'username' || $key === 'password')
|
||||
continue;
|
||||
if($key === 'database')
|
||||
$key = 'dbname';
|
||||
|
||||
$dsn .= $key . '=' . $value . ';';
|
||||
}
|
||||
|
||||
try {
|
||||
self::$database = new PDO($dsn, $config['username'], $config['password'], DB::FLAGS);
|
||||
} catch(PDOException $ex) {
|
||||
throw new \Exception('Unable to connect to Misuzu database.');
|
||||
}
|
||||
|
||||
return self::$database;
|
||||
public function __construct() {
|
||||
$this->endPoint = Config::get('Misuzu', 'endpoint', '');
|
||||
$this->secretKey = Config::get('Misuzu', 'secret', '');
|
||||
}
|
||||
|
||||
public function getName(): string { return 'Misuzu'; }
|
||||
|
||||
public function verifyToken(string $token): int {
|
||||
$packed = Serialiser::uriBase64()->deserialise($token, true);
|
||||
$packed = str_pad($packed, 37, "\x00");
|
||||
$packed = str_pad(Serialiser::uriBase64()->deserialise($token, true), 37, "\x00");
|
||||
$unpacked = unpack('Cversion/Nuser/H64token', $packed);
|
||||
|
||||
if($unpacked['version'] !== 1)
|
||||
return -1;
|
||||
if(isset($unpacked['version']) && $unpacked['version'] === 1
|
||||
&& isset($unpacked['user']) && $unpacked['user'] > 0) {
|
||||
$loginRequest = [
|
||||
'user_id' => $unpacked['user'],
|
||||
'token' => 'SESS:' . $token,
|
||||
'ip' => $_SERVER['REMOTE_ADDR'],
|
||||
];
|
||||
$loginSignature = hash_hmac('sha256', implode('#', $loginRequest), $this->secretKey);
|
||||
$login = curl_init($this->endPoint);
|
||||
curl_setopt_array($login, [
|
||||
CURLOPT_AUTOREFERER => false,
|
||||
CURLOPT_FAILONERROR => false,
|
||||
CURLOPT_FOLLOWLOCATION => true,
|
||||
CURLOPT_HEADER => false,
|
||||
CURLOPT_POST => true,
|
||||
CURLOPT_POSTFIELDS => json_encode($loginRequest),
|
||||
CURLOPT_RETURNTRANSFER => true,
|
||||
CURLOPT_TCP_FASTOPEN => true,
|
||||
CURLOPT_CONNECTTIMEOUT => 2,
|
||||
CURLOPT_MAXREDIRS => 2,
|
||||
CURLOPT_PROTOCOLS => CURLPROTO_HTTPS,
|
||||
CURLOPT_TIMEOUT => 5,
|
||||
CURLOPT_USERAGENT => 'mc.flashii.net',
|
||||
CURLOPT_HTTPHEADER => [
|
||||
'Content-Type: application/json',
|
||||
'X-SharpChat-Signature: ' . $loginSignature,
|
||||
],
|
||||
]);
|
||||
$userInfo = json_decode(curl_exec($login));
|
||||
curl_close($login);
|
||||
|
||||
$getUserId = $this->getDatabase()->prepare('
|
||||
SELECT `user_id`
|
||||
FROM `msz_sessions`
|
||||
WHERE `user_id` = :user
|
||||
AND `session_key` = :token
|
||||
AND `session_expires` > NOW()
|
||||
');
|
||||
$getUserId->bindValue('user', $unpacked['user']);
|
||||
$getUserId->bindValue('token', $unpacked['token']);
|
||||
$getUserId->execute();
|
||||
return $userInfo->user_id;
|
||||
}
|
||||
|
||||
return (int)$getUserId->fetchColumn();
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
20
src/DB.php
20
src/DB.php
|
|
@ -1,20 +0,0 @@
|
|||
<?php
|
||||
namespace EEPROM;
|
||||
|
||||
use PDO;
|
||||
|
||||
final class DB {
|
||||
public const FLAGS = [
|
||||
PDO::ATTR_CASE => PDO::CASE_NATURAL,
|
||||
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
||||
PDO::ATTR_ORACLE_NULLS => PDO::NULL_NATURAL,
|
||||
PDO::ATTR_STRINGIFY_FETCHES => false,
|
||||
PDO::ATTR_EMULATE_PREPARES => false,
|
||||
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
||||
PDO::MYSQL_ATTR_INIT_COMMAND => "
|
||||
SET SESSION
|
||||
sql_mode = 'STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION',
|
||||
time_zone = '+00:00';
|
||||
",
|
||||
];
|
||||
}
|
||||
Loading…
Reference in a new issue