Refactor token generation and remove unused endpoints.

VelocityCore/src/de/steamwar/velocitycore/commands/WebpasswordCommand.java

@@ -19,17 +19,13 @@
 
 package de.steamwar.velocitycore.commands;
 
-import com.google.gson.JsonObject;
-import com.google.gson.JsonParser;
 import de.steamwar.command.SWCommand;
 import de.steamwar.messages.Chatter;
 import de.steamwar.sql.SteamwarUser;
+import de.steamwar.sql.Token;
 
-import java.net.URI;
 import java.net.URLEncoder;
 import java.net.http.HttpClient;
-import java.net.http.HttpRequest;
-import java.net.http.HttpResponse;
 import java.nio.charset.StandardCharsets;
 
 public class WebpasswordCommand extends SWCommand {
@@ -44,16 +40,7 @@ public class WebpasswordCommand extends SWCommand {
     public void genericCommand(Chatter sender) {
         SteamwarUser user = sender.user();
 
-        HttpRequest request = HttpRequest.newBuilder()
+        String token = Token.createToken("PT" + user.getUserName(), user);
-                        .POST(HttpRequest.BodyPublishers.noBody())
+        sender.system("WEB_RESET_URL", URLEncoder.encode(token, StandardCharsets.UTF_8));
-                        .uri(URI.create("http://localhost:1337/v2/auth/enroll/" + user.getId())).build();
-
-        client.sendAsync(request, responseInfo -> HttpResponse.BodySubscribers.ofString(StandardCharsets.UTF_8)).thenAccept(httpResponse -> {
-            JsonObject jsonObject = JsonParser.parseString(httpResponse.body()).getAsJsonObject();
-
-            String token = jsonObject.get("token").getAsString();
-
-            sender.system("WEB_RESET_URL", URLEncoder.encode(token, StandardCharsets.UTF_8));
-        });
     }
 }

WebsiteBackend/src/de/steamwar/routes/Routes.kt

@@ -19,7 +19,7 @@
 
 package de.steamwar.routes
 
-import de.steamwar.routes.v2.configureNewAuth
+import de.steamwar.routes.v2.*
 import io.ktor.server.application.*
 import io.ktor.server.auth.*
 import io.ktor.server.routing.*
@@ -35,9 +35,7 @@ fun Application.configureRoutes() {
             configurePage()
             configureSchematic()
             configureAuthRoutes()
-            route("/v2") {
+            configureNewAuth()
-                configureNewAuth()
-            }
         }
     }
 }

WebsiteBackend/src/de/steamwar/routes/Stats.kt

@@ -21,7 +21,6 @@ package de.steamwar.routes
 
 import de.steamwar.plugins.SWAuthPrincipal
 import de.steamwar.plugins.SWPermissionCheck
-import de.steamwar.plugins.getUser
 import de.steamwar.sql.*
 import io.ktor.http.*
 import io.ktor.server.application.*

WebsiteBackend/src/de/steamwar/routes/v2/Auth.kt

@@ -61,32 +61,6 @@ fun SteamwarUser.createAccessAndRefreshToken(keepLoggedIn: Boolean = false): Aut
 
 fun Route.configureNewAuth() {
     route("/auth") {
-        route("/enroll") {
-            post("/{userId}") {
-                if (call.request.headers.contains("X-Forwarded-For") || call.request.header("Host") != "localhost:1337") {
-                    SWException.log("Request to /auth/register from", "Invalid IP")
-                    call.respond(HttpStatusCode.Forbidden, ResponseError("Invalid IP", "F_U"))
-                    return@post
-                }
-
-                val userId = call.parameters["userId"]?.toInt()
-                if (userId == null) {
-                    call.respond(HttpStatusCode.BadRequest, ResponseError("Missing or invalid userId"))
-                    return@post
-                }
-
-                val user = SteamwarUser.get(userId)
-                if (user == null) {
-                    call.respond(HttpStatusCode.BadRequest, ResponseError("Invalid userId"))
-                    return@post
-                }
-
-                val token = Token.createToken("PT-${user.userName}", user)
-
-                call.respond(HttpStatusCode.OK, ResponseToken(token, TokenType.RESET_PASSWORD.lifetime))
-            }
-        }
-
         post("/register") {
             val requester = call.request.header("X-Forwarded-For") ?: call.request.origin.remoteAddress