Updated authentication.

This commit is contained in:
flash 2023-05-21 16:55:59 +00:00
parent 9ce189c514
commit 8b3051e442

View file

@ -52,19 +52,9 @@ if(!$sInAnnounce) {
// replace this with id.flashii.net shit
$mszAuth = (string)filter_input(INPUT_COOKIE, 'msz_auth');
if(!empty($mszAuth)) {
$mszAuthDecoded = str_pad(base64_decode(str_pad(strtr($mszAuth, '-_', '+/'), strlen($mszAuth) % 4, '=', STR_PAD_RIGHT)), 37, "\0");
$mszAuthUnpacked = unpack('Cversion/Nuser/H*token', $mszAuthDecoded);
if(isset($mszAuthUnpacked['version'])
&& $mszAuthUnpacked['version'] >= 1
&& isset($mszAuthUnpacked['user'])
&& $mszAuthUnpacked['user'] > 0) {
$loginRequest = [
'user_id' => $mszAuthUnpacked['user'],
'token' => 'SESS:' . $mszAuth,
'ip' => $_SERVER['REMOTE_ADDR'],
];
$loginSignature = hash_hmac('sha256', implode('#', $loginRequest), SERIA_MSZ_SECRET);
$loginMethod = 'Misuzu';
$loginSignature = sprintf('verify#%s#%s#%s', $loginMethod, $mszAuth, $_SERVER['REMOTE_ADDR']);
$loginSignature = hash_hmac('sha256', $loginSignature, SERIA_MSZ_SECRET);
$login = curl_init(SERIA_CAUTH_ENDPOINT);
curl_setopt_array($login, [
@ -73,7 +63,11 @@ if(!$sInAnnounce) {
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HEADER => false,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode($loginRequest),
CURLOPT_POSTFIELDS => http_build_query([
'method' => $loginMethod,
'token' => $mszAuth,
'ipaddr' => $_SERVER['REMOTE_ADDR'],
], '', '&', PHP_QUERY_RFC3986),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TCP_FASTOPEN => true,
CURLOPT_CONNECTTIMEOUT => 2,
@ -82,7 +76,7 @@ if(!$sInAnnounce) {
CURLOPT_TIMEOUT => 5,
CURLOPT_USERAGENT => 'Seria/' . SERIA_VERSION,
CURLOPT_HTTPHEADER => [
'Content-Type: application/json',
'Content-Type: application/x-www-form-urlencoded',
'X-SharpChat-Signature: ' . $loginSignature,
],
]);
@ -92,8 +86,7 @@ if(!$sInAnnounce) {
if(!empty($loginResponse->success))
$sUserInfo = SeriaUser::fromMisuzu($pdo, $loginResponse);
unset($mszAuth, $mszAuthDecoded, $mszAuthUnpacked, $loginRequest, $loginSignature, $login, $loginResponse);
}
unset($mszAuth, $loginMethod, $loginSignature, $loginMethod, $login, $loginResponse);
}
if(empty($_COOKIE['seria_random'])) {