Fixed data masking

PEMapModder · Jan 25, 2016 · 58b1615 · 58b1615
1 parent e783dfa
commit 58b1615
Show file tree

Hide file tree

Showing 9 changed files with 23 additions and 14 deletions.
diff --git a/README.md b/README.md
@@ -8,10 +8,10 @@ HereAuth
 * [Latest release candidate build](compile/HereAuth_RC.phar)
 
 #### Latest Dev build number
-`152`
+`162`
 
 #### Latest Beta build number
-`136`
+`163`
 
 #### Latest RC build number
 `nil`
@@ -47,15 +47,15 @@ the Free Software Foundation, either version 3 of the License, or
 - [x] Time-based and attempts-based brute-force protection
 - [ ] Customized automatic authentication methods
     - [x] By "customized", I mean to customize _per player_! This basically refers to `/opt`
-- [ ] Customized multi-factor authentication methods
+- [x] Customized multi-factor authentication methods
 - [ ] Customized data masking when player is not authenticated
-    - [ ] Don't let impostors see what is in your inventory!
-    - [ ] Don't let impostors see where you are!
-    - [ ] Don't let impostors see what messages other plugins want to send to you!
+    - [x] Don't let impostors see what is in your inventory!
+    - [x] Don't let impostors see where you are!
+    - [ ] Don't let impostors see what chat messages are sent to you!
 - [ ] Account management commands
     - [ ] `/chpw`: change password
     - [ ] `/unreg`: unregister account
-    - [ ] `/opt`: change account options (things in `config.yml`:`DefaultSettings`)
+    - [x] `/opt`: change account options (things in `config.yml`:`DefaultSettings`)
     - [x] `/lock`: temporarily logout (deauthenticate) without entirely leaving the server
     - [ ] `/rename`: rename account
 - [x] Server-customized events to block when not authenticated
@@ -81,6 +81,6 @@ Open this phar directly with PHP binaries to automatically extract the config fi
 
 ## Code Statistics
 * 55 PHP source files
-* 3969 lines of PHP code
+* 3978 lines of PHP code
   * minus 825 lines of license header
-  * Total: 3144
+  * Total: 3153
diff --git a/compile/HereAuth_Beta.phar b/compile/HereAuth_Beta.phar
diff --git a/compile/HereAuth_Dev.phar b/compile/HereAuth_Dev.phar
diff --git a/compile/info.json b/compile/info.json
@@ -9,5 +9,5 @@
         "major": 1,
         "minor": 0
     },
-    "nextBuild": 153
+    "nextBuild": 164
 }
diff --git a/src/HereAuth/Command/OptCommand.php b/src/HereAuth/Command/OptCommand.php
@@ -197,7 +197,7 @@ private function getHelpMessage(User $user){
 		$output .= TextFormat::GREEN . "Toggle " . TextFormat::YELLOW . "IP MFA\n";
 		$output .= "/opt mfat <timeout|forever> ";
 		$output .= TextFormat::GREEN . "Set " . TextFormat::YELLOW . "MFA timeout in days " . TextFormat::GREEN . "(or \"forever\")\n";
-		$output .= "If /opt doesn't work, try /auth instead"; // <-- how would people even be able to execute this command if it doesn't work?
+//		$output .= "If /opt doesn't work, try /auth instead"; // <-- how would people even be able to execute this command if it doesn't work?
 		return $output;
 	}
 

diff --git a/src/HereAuth/Database/Json/JsonDatabase.php b/src/HereAuth/Database/Json/JsonDatabase.php
@@ -61,7 +61,6 @@ public function __construct(HereAuth $main){
 
 		$this->sql = new SQLite3($this->path . "reg.db");
 		$this->sql->exec("CREATE TABLE IF NOT EXISTS reg (ip TEXT, name TEXT PRIMARY KEY, time INTEGER)");
-		var_dump($this->sql->busyTimeout(1)); // outputs bool(true)
 	}
 
 	public function loadFor($name, $identifier){

diff --git a/src/HereAuth/EventRouter.php b/src/HereAuth/EventRouter.php
@@ -204,12 +204,14 @@ public function onDamage(EntityDamageEvent $event){
 
 	public function onMove(PlayerMoveEvent $event){
 		if($this->main->getConfig()->getNested("Blocking.Move.Locomotion", true)){
-			if($event->getFrom()->equals($event->getTo())){
+			if(!$event->getFrom()->equals($to = $event->getTo())){
 				$user = $this->main->getUserByPlayer($event->getPlayer());
+//				if(!($user !== null and $user->origPos !== null and $user->origPos->equals($to))){
 				if($user === null or !$user->isPlaying()){
 					$event->setCancelled();
 					return;
 				}
+//				}
 			}
 		}
 		if($this->main->getConfig()->getNested("Blocking.Move.Rotation", true)){

diff --git a/src/HereAuth/HereAuth.php b/src/HereAuth/HereAuth.php
@@ -149,7 +149,12 @@ public function onUserStart($identifier, $info){
 		if(!isset($info->name)){
 			$info = AccountInfo::defaultInstance($player, $this);
 		}
-		$this->users[$player->getId()] = new User($this, $player, $info);
+		try{
+			$user = new User($this, $player, $info);
+		}catch(\Exception $e){
+			return;
+		}
+		$this->users[$player->getId()] = $user;
 	}
 
 	public function closeUser(Player $player){

diff --git a/src/HereAuth/User/User.php b/src/HereAuth/User/User.php
@@ -76,6 +76,9 @@ public function __construct(HereAuth $main, Player $player, AccountInfo $info){
 
 			return;
 		}
+		if(!$this->checkMultiFactor()){
+			throw new \Exception("MFA failure");
+		}
 		if($info->opts->autoSecret and $player->getClientSecret() === $info->lastSecret and $this->callLogin(HereAuthLoginEvent::METHOD_CLIENT_SECRET)){
 			$this->main->getAuditLogger()->logLogin(strtolower($player->getName()), $player->getAddress(), "secret");
 			$this->onAuth();