flashii/misuzu
flashii/misuzu
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Implemented session key auth and temporarily restored password auth.

Browse source
This commit is contained in:
flash 2019-12-14 02:08:45 +01:00
parent 9f14269fb6
commit 0bdd279874
1 changed files with 11 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
src/Http/Handlers/SockChatHandler.php
View file

@ -200,15 +200,19 @@ final class SockChatHandler extends Handler {
if(!hash_equals($realHash, $userHash))
return ['success' => false, 'reason' => 'hash'];
$authMethod = substr($authInfo->token, 0, 5);
$authMethod = mb_substr($authInfo->token, 0, 5);
if($authMethod === 'PASS:')
if($authMethod === 'PASS:') { // DEPRECATE THIS
if(time() > 1577750400)
return ['success' => false, 'reason' => 'unsupported'];
elseif($authMethod === 'SESS:') {
$sessionKey = substr($authInfo->token, 5);
// use session token to log in
return ['success' => false, 'reason' => 'unimplemented'];
if(user_password_verify_db($authInfo->user_id, mb_substr($authInfo->token, 5)))
$userId = $authInfo->user_id;
} elseif($authMethod === 'SESS:') { // IMPROVE THIS
user_session_start($authInfo->user_id, mb_substr($authInfo->token, 5));
if(user_session_active())
$userId = user_session_current('user_id');
} else {
try {
$token = ChatToken::get($authInfo->user_id, $authInfo->token);