diff --git a/VelocityCore/src/de/steamwar/messages/BungeeCore.properties b/VelocityCore/src/de/steamwar/messages/BungeeCore.properties index c9527253..2315ed12 100644 --- a/VelocityCore/src/de/steamwar/messages/BungeeCore.properties +++ b/VelocityCore/src/de/steamwar/messages/BungeeCore.properties @@ -543,6 +543,7 @@ WEB_USAGE=§8/§7webpassword §8[§epassword§8] WEB_UPDATED=§7Your password was updated. WEB_CREATED=§7Your webaccount was created. WEB_PASSWORD_LENGTH=§cYour password is shorter than 8 characters. +WEB_RESET_URL=§7You can reset your Password here: §ehttps://steamwar.de/reset-password?token={0} #ChatListener CHAT_LIXFEL_ACTION_BAR=§4§lTechnical problems? diff --git a/VelocityCore/src/de/steamwar/messages/BungeeCore_de.properties b/VelocityCore/src/de/steamwar/messages/BungeeCore_de.properties index c50cf682..cbbb3e2e 100644 --- a/VelocityCore/src/de/steamwar/messages/BungeeCore_de.properties +++ b/VelocityCore/src/de/steamwar/messages/BungeeCore_de.properties @@ -518,6 +518,7 @@ WEB_USAGE=§8/§7webpassword §8[§ePasswort§8] WEB_UPDATED=§7Dein Passwort wurde aktualisiert. WEB_CREATED=§7Dein Webaccount wurde erstellt. WEB_PASSWORD_LENGTH=§cDein Passwort ist kürzer als 8 Zeichen. +WEB_RESET_URL=§7Hier kannst du dein Passwort zurücksetzen: §ehttps://steamwar.de/passwort-setzen?token={0} #ChatListener CHAT_LIXFEL_ACTION_BAR=§4§lTechnische Probleme? diff --git a/VelocityCore/src/de/steamwar/velocitycore/commands/WebpasswordCommand.java b/VelocityCore/src/de/steamwar/velocitycore/commands/WebpasswordCommand.java index d19dedd0..8f9b7b60 100644 --- a/VelocityCore/src/de/steamwar/velocitycore/commands/WebpasswordCommand.java +++ b/VelocityCore/src/de/steamwar/velocitycore/commands/WebpasswordCommand.java @@ -19,29 +19,41 @@ package de.steamwar.velocitycore.commands; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; import de.steamwar.command.SWCommand; import de.steamwar.messages.Chatter; import de.steamwar.sql.SteamwarUser; +import java.net.URI; +import java.net.URLEncoder; +import java.net.http.HttpClient; +import java.net.http.HttpRequest; +import java.net.http.HttpResponse; +import java.nio.charset.StandardCharsets; + public class WebpasswordCommand extends SWCommand { public WebpasswordCommand() { super("webpassword", "webpw", "web"); } + private static final HttpClient client = HttpClient.newHttpClient(); @Register(description = "WEB_USAGE") - public void genericCommand(Chatter sender, String password) { - if(password.length() < 8) { - sender.system("WEB_PASSWORD_LENGTH"); - return; - } - + public void genericCommand(Chatter sender) { SteamwarUser user = sender.user(); - boolean resetPW = user.hasPassword(); - user.setPassword(password); + HttpRequest request = HttpRequest.newBuilder() + .POST(HttpRequest.BodyPublishers.noBody()) + .uri(URI.create("http://localhost:1337/v2/auth/enroll/" + user.getId())).build(); - sender.system(resetPW ? "WEB_UPDATED" : "WEB_CREATED"); + client.sendAsync(request, responseInfo -> HttpResponse.BodySubscribers.ofString(StandardCharsets.UTF_8)).thenAccept(httpResponse -> { + JsonObject jsonObject = JsonParser.parseString(httpResponse.body()).getAsJsonObject(); + + String token = jsonObject.get("token").getAsString(); + + sender.system("WEB_RESET_URL", URLEncoder.encode(token, StandardCharsets.UTF_8)); + }); } } diff --git a/WebsiteBackend/src/de/steamwar/routes/v2/Auth.kt b/WebsiteBackend/src/de/steamwar/routes/v2/Auth.kt index 24e5cee6..b854d619 100644 --- a/WebsiteBackend/src/de/steamwar/routes/v2/Auth.kt +++ b/WebsiteBackend/src/de/steamwar/routes/v2/Auth.kt @@ -31,7 +31,6 @@ import de.steamwar.util.type import io.ktor.http.* import io.ktor.server.application.* import io.ktor.server.auth.* -import io.ktor.server.http.* import io.ktor.server.plugins.* import io.ktor.server.request.* import io.ktor.server.response.* @@ -64,7 +63,7 @@ fun Route.configureNewAuth() { route("/auth") { route("/enroll") { post("/{userId}") { - if (call.request.headers.contains("X-Forwarded-For")) { + if (call.request.headers.contains("X-Forwarded-For") || call.request.header("Host") != "localhost:1337") { SWException.log("Request to /auth/register from", "Invalid IP") call.respond(HttpStatusCode.Forbidden, ResponseError("Invalid IP", "F_U")) return@post