Jaki/SteamWar
1
0
Fork 0
forked from SteamWar/SteamWar
Code Pull Requests Activity

Refactor token generation and remove unused endpoints.

Browse Source
This commit is contained in:
Chaoscaot
2025-02-20 22:13:13 +01:00
parent 7f5b57516e
commit dea0d33185
4 changed files with 5 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files
VelocityCore/src/de/steamwar/velocitycore/commands/WebpasswordCommand.java
+3 -16
View File
@@ -19,17 +19,13 @@
package de.steamwar.velocitycore.commands;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import de.steamwar.command.SWCommand;
import de.steamwar.messages.Chatter;
import de.steamwar.sql.SteamwarUser;
import de.steamwar.sql.Token;
import java.net.URI;
import java.net.URLEncoder;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.nio.charset.StandardCharsets;
public class WebpasswordCommand extends SWCommand {
@@ -44,16 +40,7 @@ public class WebpasswordCommand extends SWCommand {
public void genericCommand(Chatter sender) {
SteamwarUser user = sender.user();
HttpRequest request = HttpRequest.newBuilder()
.POST(HttpRequest.BodyPublishers.noBody())
.uri(URI.create("http://localhost:1337/v2/auth/enroll/" + user.getId())).build();
client.sendAsync(request, responseInfo -> HttpResponse.BodySubscribers.ofString(StandardCharsets.UTF_8)).thenAccept(httpResponse -> {
JsonObject jsonObject = JsonParser.parseString(httpResponse.body()).getAsJsonObject();
String token = jsonObject.get("token").getAsString();
sender.system("WEB_RESET_URL", URLEncoder.encode(token, StandardCharsets.UTF_8));
});
String token = Token.createToken("PT" + user.getUserName(), user);
sender.system("WEB_RESET_URL", URLEncoder.encode(token, StandardCharsets.UTF_8));
}
}
WebsiteBackend/src/de/steamwar/routes/Routes.kt
+2 -4
View File
@@ -19,7 +19,7 @@
package de.steamwar.routes
import de.steamwar.routes.v2.configureNewAuth
import de.steamwar.routes.v2.*
import io.ktor.server.application.*
import io.ktor.server.auth.*
import io.ktor.server.routing.*
@@ -35,9 +35,7 @@ fun Application.configureRoutes() {
configurePage()
configureSchematic()
configureAuthRoutes()
route("/v2") {
configureNewAuth()
}
configureNewAuth()
}
}
}
WebsiteBackend/src/de/steamwar/routes/Stats.kt
-1
View File
@@ -21,7 +21,6 @@ package de.steamwar.routes
import de.steamwar.plugins.SWAuthPrincipal
import de.steamwar.plugins.SWPermissionCheck
import de.steamwar.plugins.getUser
import de.steamwar.sql.*
import io.ktor.http.*
import io.ktor.server.application.*
WebsiteBackend/src/de/steamwar/routes/v2/Auth.kt
-26
View File
@@ -61,32 +61,6 @@ fun SteamwarUser.createAccessAndRefreshToken(keepLoggedIn: Boolean = false): Aut
fun Route.configureNewAuth() {
route("/auth") {
route("/enroll") {
post("/{userId}") {
if (call.request.headers.contains("X-Forwarded-For") || call.request.header("Host") != "localhost:1337") {
SWException.log("Request to /auth/register from", "Invalid IP")
call.respond(HttpStatusCode.Forbidden, ResponseError("Invalid IP", "F_U"))
return@post
}
val userId = call.parameters["userId"]?.toInt()
if (userId == null) {
call.respond(HttpStatusCode.BadRequest, ResponseError("Missing or invalid userId"))
return@post
}
val user = SteamwarUser.get(userId)
if (user == null) {
call.respond(HttpStatusCode.BadRequest, ResponseError("Invalid userId"))
return@post
}
val token = Token.createToken("PT-${user.userName}", user)
call.respond(HttpStatusCode.OK, ResponseToken(token, TokenType.RESET_PASSWORD.lifetime))
}
}
post("/register") {
val requester = call.request.header("X-Forwarded-For") ?: call.request.origin.remoteAddress