From ad4b7fc4e77a5cc4606309d2b1884875ab2cb7bf Mon Sep 17 00:00:00 2001 From: zontreck Date: Thu, 16 May 2024 02:03:39 -0700 Subject: [PATCH] Create login logic --- lib/Constants.dart | 2 +- lib/Packets.dart | 66 ++++++++++++++++++++++++++++++++++++ lib/Settings.dart | 6 ++++ lib/pages/OpenSim.dart | 32 ++++++++++++++++++ php/Common.php | 2 -- php/Database.php | 8 ----- php/Login.php | 76 +++++++++++++++++++++++++++++++++++++++++- php/Register.php | 8 ++++- php/SetupCheck.php | 2 +- 9 files changed, 188 insertions(+), 14 deletions(-) delete mode 100644 php/Database.php diff --git a/lib/Constants.dart b/lib/Constants.dart index f897d4a..9023170 100644 --- a/lib/Constants.dart +++ b/lib/Constants.dart @@ -8,7 +8,7 @@ class Constants { static const DRAWER_COLOR = Color.fromARGB(148, 0, 97, 97); static const PORTFOLIO_CARD_COLOR = Color.fromARGB(255, 0, 71, 97); - static const VERSION = "Version 1.0.051524.2243"; + static const VERSION = "Version 1.0.051624.0201"; static const COPYRIGHT = "Copyright 2024 - Tara Piccari. All rights Reserved"; static const CLIENTPSK = "f5c6caf3efe1ec5aa4b7c572f92aa14782b7be34b4c7844fa9c6d47fdf94246"; diff --git a/lib/Packets.dart b/lib/Packets.dart index ba27e56..981d15d 100644 --- a/lib/Packets.dart +++ b/lib/Packets.dart @@ -1,5 +1,8 @@ import 'dart:convert'; +import 'package:libac_flutter/utils/Hashing.dart'; +import 'package:zontreck/pages/OpenSim.dart'; + import 'Settings.dart'; abstract class IPacket { @@ -243,3 +246,66 @@ class C2SRegisterAccountPacket implements IPacket { clientKey: map['clientKey'] as String); } } + +class C2SLoginPacket implements IPacket { + final String first; + final String last; + final String password; + + C2SLoginPacket( + {required this.first, required this.last, required this.password}); + + @override + HTTPMethod method() { + return HTTPMethod.Post; + } + + @override + String getType() { + return "C2SLogin"; + } + + @override + String encode() { + return json.encode({ + "first": first, + "last": last, + "type": getType(), + "password": Hashing.md5Hash(password) + }); + } +} + +class S2CLoginResponsePacket implements IPacket { + final bool loggedIn; + final String reason; + final User user; + + S2CLoginResponsePacket( + {required this.loggedIn, required this.reason, required this.user}); + + @override + HTTPMethod method() { + return HTTPMethod.Get; + } + + @override + String getType() { + return "S2CLoginResponse"; + } + + @override + String encode() { + return json + .encode({"type": getType(), "login": loggedIn, "reason": reason}); + } + + static S2CLoginResponsePacket decode(String params) { + var map = json.decode(params); + // Proceed now to constructing PODO + return S2CLoginResponsePacket( + loggedIn: map['login'] as bool, + reason: map['reason'] as String, + user: User.parseJson(json.encode(map['user']))); + } +} diff --git a/lib/Settings.dart b/lib/Settings.dart index 20e1bee..2fa8391 100644 --- a/lib/Settings.dart +++ b/lib/Settings.dart @@ -136,6 +136,12 @@ class Settings { S2CPongPacket pong = S2CPongPacket.decode(reply); return pong; } + case "S2CLoginResponse": + { + S2CLoginResponsePacket response = + S2CLoginResponsePacket.decode(reply); + return response; + } default: { return NullPacket(); diff --git a/lib/pages/OpenSim.dart b/lib/pages/OpenSim.dart index c1e812a..2ff1305 100644 --- a/lib/pages/OpenSim.dart +++ b/lib/pages/OpenSim.dart @@ -1,10 +1,42 @@ +import 'dart:convert'; + import 'package:flutter/material.dart'; import 'package:footer/footer.dart'; import 'package:footer/footer_view.dart'; +import 'package:libac_flutter/utils/uuid/UUID.dart'; import 'package:zontreck/Constants.dart'; import 'package:zontreck/Packets.dart'; import 'package:zontreck/Settings.dart'; +class User { + UUID ID; + String FirstName; + String LastName; + int createdAt; + String userTitle; + bool active; + + User( + {required this.ID, + required this.FirstName, + required this.LastName, + required this.createdAt, + required this.userTitle, + required this.active}); + + static User parseJson(String params) { + var map = json.decode(params); + + return User( + ID: UUID.parse(map['id'] as String), + FirstName: map['first'] as String, + LastName: map['last'] as String, + createdAt: map['rezzed'] as int, + userTitle: map['title'] as String, + active: map['active'] as bool); + } +} + class OpenSimPage extends StatefulWidget { const OpenSimPage({super.key}); diff --git a/php/Common.php b/php/Common.php index dd708a0..266712a 100644 --- a/php/Common.php +++ b/php/Common.php @@ -41,8 +41,6 @@ function rewriteSystemInclude($psk, $clientPSK) if(file_exists("../database.user.php")) require("../database.user.php"); -else - require("Database.php"); if(file_exists("../system.user.php")) require("../system.user.php"); diff --git a/php/Database.php b/php/Database.php deleted file mode 100644 index cddb380..0000000 --- a/php/Database.php +++ /dev/null @@ -1,8 +0,0 @@ - \ No newline at end of file diff --git a/php/Login.php b/php/Login.php index 5a3e2fe..1b78bbe 100644 --- a/php/Login.php +++ b/php/Login.php @@ -6,11 +6,85 @@ if(!defined("COMMON")) $js = getJsonizedInput(); // Read login parameters -$username = $js["username"]; +$first = $js['first']; +$last = $js['last']; $password = $js["password"]; // Password is hashed // Compare against hash in database + : md5(salt) $DB = get_DB(); +$clientKey = $js['clientKey']; +if($clientKey == CLIENTPSK) { + // PSK Matches, authorized application + + $res = $DB->query("SELECT * FROM `UserAccounts` INNER JOIN `auth` ON `UserAccounts`.`PrincipalID` = `auth`.`UUID` WHERE `FirstName` = '$first' AND `LastName` = '$last';"); +/* + * + return User( + ID: UUID.parse(map['id'] as String), + FirstName: map['first'] as String, + LastName: map['last'] as String, + createdAt: map['rezzed'] as int, + userTitle: map['title'] as String); + return S2CLoginResponsePacket( + loggedIn: map['login'] as bool, + reason: map['reason'] as String, + user: User.parseJson(json.encode(map['user']))); + */ + $id = NULLKEY; + $first = ""; + $last = ""; + $rezday = 0; + $title = ""; + $login = false; + $reason = "Invalid password"; + $active = false; + + if($res->num_rows > 0) { + $row = $res->fetch_assoc(); + $pwSalt = $row['passwordSalt']; + $pwHash = $row['passwordHash']; + + if(md5($password.":" . $pwSalt) == $pwHash) { + // Login Success + $_SESSION['login'] = "1"; + $id = $row['UUID']; + $first = $row['FirstName']; + $last = $row['LastName']; + $rezday = $row['createdAt']; + $title = $row['UserTitle']; + $active = $row['active'] == 1; + + $reason = "success"; + $login=true; + } + } + else { + $reason = "No such user"; + } + + die(json_encode( + array( + "login" => $login, + "reason" => $reason, + "type" => "S2CLoginResponse", + "user" => array( + "id" => $id, + "first" => $first, + "last" => $last, + "title" => $title, + "rez" => $rezday, + "active" => $active + ) + ) + )); +} else { + die(json_encode(array( + "login" => false, + "reason" => "Unauthorized", + "type" => "S2CLoginResponse" + ))); +} + ?> \ No newline at end of file diff --git a/php/Register.php b/php/Register.php index 6dfa2f7..cda8d09 100644 --- a/php/Register.php +++ b/php/Register.php @@ -26,7 +26,13 @@ if($clientKey == CLIENTPSK) { $DB->query("INSERT INTO `UserAccounts` (PrincipalID, ScopeID, FirstName, LastName, Email, ServiceURLs, Created, UserLevel, UserFlags, UserTitle, active) VALUES ('$ID', '".NULLKEY."', '$first', '$last', '$email', '', '".time()."', '$level', '0', '$title', '0');"); - die(json_encode(array("done"=>true, "type"=> "S2CSimpleReply"))); + die( + json_encode( + array( + "done"=>true, + "type"=> "S2CSimpleReply" + ) + )); }else { diff --git a/php/SetupCheck.php b/php/SetupCheck.php index 809a867..f425fe7 100644 --- a/php/SetupCheck.php +++ b/php/SetupCheck.php @@ -3,7 +3,7 @@ if(!defined("COMMON")) require("Common.php"); -if(DB_NAME == "changeme" && DB_PASS == "changeme") { +if(!defined("DB_NAME") && !defined("DB_PASS")) { $ret = array ( "done" => false, "type" => "S2CSimpleReply"