Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
G
gameauth
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Locked Files
Issues
1
Issues
1
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
Security & Compliance
Security & Compliance
Dependency List
License Compliance
Analytics
Analytics
Code Review
Insights
Issues
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
sucssite
gameauth
Commits
48617ff0
Commit
48617ff0
authored
Dec 10, 2015
by
Stuart John Watson
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Added the php to index.php to make it work with no javascript
parent
a376c002
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
100 additions
and
216 deletions
+100
-216
controll.php
controll.php
+0
-199
gameauth.db
gameauth.db
+0
-0
index.php
index.php
+87
-3
refresh.js
refresh.js
+13
-14
No files found.
controll.php
deleted
100644 → 0
View file @
a376c002
<?php
/*
* SUCS GameAuth v2
* Follows the idea of a SPA, largely based around php sessions
* User loads the page, session is started (or resumed), if it's in the db then
* the state is restored. Otherwise the see the page with a login form. POST
* requests to self with user/pass, if successfully authd using my LDAP auth
* lib then database is poked with their details.
* Idea mainly follows the old system, some things like bans were a last minute
* afterthought that's why they are so barebones
*
* Split into a sperate API by ~ripp_
*
*/
// include my ldap auth lib
include
(
'ldap-auth.php'
);
error_reporting
(
E_ERROR
);
// star/resume a session
session_start
();
// initialise some variables we'll use later
$authd
;
// if they get authd, how, otherwise "nope"
$authdUser
;
// once authd, this is their username
$sessionid
=
session_id
();
$time
=
time
();
$uniAllowFilePATH
=
'/home/game-server/uni.allow'
;
$gameauthDBPATH
=
'gameauth.db'
;
#WIP CHANGE
$username
=
$_POST
[
"username"
];
$password
=
$_POST
[
"password"
];
$accessLevel
;
//Set to one of NO_LOGIN|NO_GAMES|GAMES_ACCESS|AS_BEFORE
$oldLevel
;
//set to level is accessLevel is AS_BEFORE to get allowed info
$failReason
;
// If they can't connect contains the reason why.
// create the db object, if the db aint there then make it
if
(
!
file_exists
(
$gameauthDBPATH
)){
$db
=
new
SQLite3
(
$gameauthDBPATH
)
or
di
(
"Could not create DB"
);
$db
->
exec
(
"CREATE TABLE gamers
(
username TEXT PRIMARY KEY NOT NULL,
sessionid TEXT NOT NULL,
IP TEXT NOT NULL,
level TEXT NOT NULL,
lastseen INT NOT NULL
)"
);
$db
->
exec
(
"CREATE TABLE bans
(
username TEXT PRIMARY KEY NOT NULL,
reason TEXT
)"
);
}
else
{
$db
=
new
SQLite3
(
$gameauthDBPATH
);
}
$cip
=
$_SERVER
[
'REMOTE_ADDR'
];
$cip2
=
$_SERVER
[
'HTTP_CLIENT_IP'
];
$cip3
=
$_SERVER
[
'HTTP_X_FORWARDED_FOR'
];
$cookie
=
$_COOKIE
[
"sucs_gameauth"
];
/*echo("REMOTE_ADDR: $cip <br>");
echo("HTTP_CLIENT_IP: $cip2 <br>");
echo("HTTP_X_FORWARDED_FOR: $cip3 <br>");*/
// get a list of sessions in the db and banned users
$sessionsResult
=
$db
->
query
(
"SELECT sessionid FROM gamers"
);
$bannedUsers
=
$db
->
query
(
"SELECT username FROM bans"
);
// store sessions in another data format (1d array), easier to search
$sessions
=
array
();
$i
=
0
;
while
(
$res
=
$sessionsResult
->
fetchArray
(
SQLITE3_ASSOC
)){
if
(
!
isset
(
$res
[
'sessionid'
]))
continue
;
$sessions
[
$i
]
=
$res
[
'sessionid'
];
$i
++
;
}
//If they are renewing
if
(
$renew
){
//Check if they are still in the database
if
(
in_array
(
$sessionid
,
$sessions
)){
//If they are update the ip & time
$query
=
$db
->
query
(
"SELECT level FROM gamers WHERE sessionid='
$sessionid
'"
);
$oldLevel
=
$query
->
fetchArray
()[
0
];
$query
=
$db
->
query
(
"SELECT username FROM gamers WHERE sessionid='
$sessionid
'"
);
$authdUser
=
$query
->
fetchArray
()[
0
];
$db
->
exec
(
"DELETE FROM gamers WHERE username='
$authdUser
'"
);
$time
=
time
();
$db
->
exec
(
"INSERT INTO gamers (username,sessionid,IP,level,lastseen) VALUES ('
$authdUser
','
$sessionid
','
$cip
','
$oldLevel
','
$time
')"
);
$accessLevel
=
"AS_BEFORE"
;
}
else
{
//Otherwise return a timeout error
$accessLevel
=
"NO_LOGIN"
;
$failReason
=
"TIMEOUT"
;
}
//Oterwise check their post data to try and auth them
}
else
{
//Insure they have passed a username and password
if
(
$username
==
""
&&
$password
==
""
)
{
$authd
=
""
;
$accessLevel
=
"NO_LOGIN"
;
$failReason
=
"MISSING_USERNAME_OR_PASSWORD"
;
}
else
{
// the main auth bit
$authd
=
ldapAuth
(
$username
,
$password
);
// bingo! we have a valid account
if
(
$authd
==
"sucs"
||
$authd
==
"uni"
)
{
// people like to use emails to login so lets detect and strip
if
(
filter_var
(
$username
,
FILTER_VALIDATE_EMAIL
)){
//valid email, lets strip
// split the email into a string array "@" as a delim
$s
=
explode
(
"@"
,
$username
);
// remove the last element (domain)
array_pop
(
$s
);
// put the array back togther using "@" as a seperator
$username
=
implode
(
"@"
,
$s
);
}
$authdUser
=
strtolower
(
$username
);
// check if they are banned
if
(
in_array
(
$authdUser
,
$bannedUsers
->
fetchArray
()))
{
$accessLevel
=
"NO_GAMES"
;
$failReason
=
"BANNED"
;
}
else
{
if
(
$authd
==
"sucs"
)
{
$accessLevel
=
"GAME_ACCESS"
;
$type
=
"sucs"
;
$db
->
exec
(
"DELETE FROM gamers WHERE username='
$authdUser
'"
);
$db
->
exec
(
"INSERT INTO gamers (username,sessionid,IP,level,lastseen) VALUES ('
$authdUser
','
$sessionid
','
$cip
','
$accessLevel
','
$time
')"
);
}
elseif
(
$authd
==
"uni"
)
{
if
(
file_exists
(
$uniAllowFilePATH
))
{
$type
=
"uni"
;
$accessLevel
=
"GAME_ACCESS"
;
}
else
{
$accessLevel
=
"NO_GAMES"
;
$failReason
=
"UNI_DISALLOWED"
;
}
$db
->
exec
(
"DELETE FROM gamers WHERE username='
$authdUser
'"
);
$db
->
exec
(
"INSERT INTO gamers (username,sessionid,IP,level,lastseen) VALUES ('
$authdUser
','
$sessionid
','
$cip
','
$accessLevel
','
$time
')"
);
}
else
{
$accessLevel
=
"NO_LOGIN"
;
$failReason
=
"ERR_UNKNOWN_AUTH_TYPE"
;
}
}
}
else
if
(
$authd
==
"nope"
){
$authd
=
""
;
$accessLevel
=
"NO_LOGIN"
;
$failReason
=
"BAD_LOGIN"
;
}
}
}
// logouts are done by posting the username logout to the page
if
(
$username
==
"logout"
){
//$db->exec("DELETE FROM gamers WHERE sessionid='$sessionid'");
$db
->
exec
(
"UPDATE gamers SET lastseen=0, sessionid='n0p3' WHERE sessionid='
$sessionid
'"
);
session_destroy
();
$authd
=
"loggedOut"
;
$failReason
=
null
;
$authdUser
=
null
;
$accessLevel
=
"NO_LOGIN"
;
}
//If the user is logged in succesfully iterate get the online uses (into a 1d array)
$onlineUsers
;
if
(
$accessLevel
==
"GAME_ACCESS"
||
(
$accessLevel
==
"AS_BEFORE"
&&
$oldLevel
==
"GAME_ACCESS"
)){
$onlineUsers
=
[];
$loggedInUsers
=
$db
->
query
(
"SELECT username FROM gamers"
);
while
(
$res
=
$loggedInUsers
->
fetchArray
(
SQLITE3_ASSOC
)){
if
(
!
isset
(
$res
[
'username'
]))
continue
;
$onlineUsers
[]
=
$res
[
'username'
];
}
}
//Get other payload data
chdir
(
"games"
);
include
"_manager.php"
;
$services
=
getGameStatus
();
chdir
(
".."
);
header
(
'Content-Type: application/json'
);
//Echo response
echo
json_encode
([
level
=>
$accessLevel
,
loginError
=>
$failReason
,
username
=>
$authdUser
,
extraPayload
=>
[
onlineUsers
=>
$onlineUsers
,
services
=>
$services
]
]);
?>
gameauth.db
View file @
48617ff0
No preview for this file type
index.php
View file @
48617ff0
<!doctype html>
<?php
include
"controll_2.php"
;
$username
=
$_POST
[
"username"
];
$password
=
$_POST
[
"password"
];
$renew
=
$_POST
[
"renew"
];
$logout
=
$_POST
[
"logout"
];
$response
;
if
(
$renew
){
$response
=
renew
();
}
else
if
(
$logout
){
$response
=
logout
();
}
else
{
$response
=
login
(
$username
,
$password
);
}
$level
=
$response
[
"level"
];
$loginError
=
$response
[
"loginError"
];
if
(
$username
==
null
&&
$password
==
null
){
$level
=
"NO_LOGIN"
;
$loginError
=
"FIRST"
;
}
$ERR_MAP
=
[
"BAD_LOGIN"
=>
"You have entered invalid credentials."
,
"MISSING_USERNAME_OR_PASSWORD"
=>
"Please enter a username and password."
,
"BANNED"
=>
"Sorry you are banned. For more information contact games@sucs.org"
,
"ERR_UNKNOWN_AUTH_TYPE"
=>
"An unexpected error occoured - Bad Auth Type."
,
"UNI_DISALLOWED"
=>
"Only SUCS members are currentlly allowed access."
];
$errMsg
=
$ERR_MAP
[
$loginError
];
function
iff
(
$test
,
$t
,
$f
){
if
(
$test
){
print
$t
;
}
else
{
print
$f
;
}
}
?>
<html
lang=
"en"
>
<head>
<?php
if
(
$level
!=
"NO_LOGIN"
)
{
?>
<noscript><meta
http-equiv=
"refresh"
content=
"30"
></noscript>
<?php
}
?>
<meta
http-equiv=
"Content-type"
content=
"text/html;charset=UTF-8"
/>
<link
href=
"css/bootstrap.min.css"
rel=
"stylesheet"
>
<link
href=
"css/ripples.min.css"
rel=
"stylesheet"
>
...
...
@@ -8,6 +56,25 @@
<title>
SUCS Games Server
</title>
<style>
#loginErrorWrap
{
display
:
<?php
iff
(
$errMsg
,
"block"
,
"none"
);
?>
}
#login
{
display
:
<?php
iff
(
$level
==
"NO_LOGIN"
,
"block"
,
"none"
);
?>
}
#loginMessage
{
display
:
<?php
iff
(
$level
==
"GAME_ACCESS"
||
$loginError
==
"UNI_DISALLOWED"
,
"block"
,
"none"
);
?>
}
#logout
{
display
:
<?php
iff
(
$level
!=
"NO_LOGIN"
,
"inline-block"
,
"none"
);
?>
}
#signup
{
display
:
<?php
iff
(
$level
==
"NO_LOGIN"
||
$loginError
==
"UNI_DISALLOWED"
,
"inline-block"
,
"none"
);
?>
}
</style>
</head>
<body>
<nav
class=
"navbar navbar-inverse navbar-warning"
>
...
...
@@ -46,10 +113,13 @@
<div
class=
"panel panel-default"
>
<div
class=
"panel-body"
>
<!-- LOGIN SECTION -->
<div
id=
"loginErrorWrap"
class=
"alert alert-danger"
role=
"alert"
>
<span
class=
"glyphicon glyphicon-exclamation-sign"
aria-hidden=
"true"
></span>
<span
class=
"sr-only"
>
Error:
</span>
<span
id=
"loginError"
></span>
<span
id=
"loginError"
>
<?php
print
$ERR_MAP
[
$loginError
];
?>
</span>
</div>
<form
method=
"post"
class=
"form-login"
id=
"login"
>
...
...
@@ -63,8 +133,22 @@
Login with your SUCS username or Student Number
</form>
<p
id=
"username"
>
Hello $authdUser!
</p>
<p
id=
"loginMessage"
></p>
<p
id=
"username"
></p>
<p
id=
"loginMessage"
>
<?php
if
(
$level
==
"GAME_ACCESS"
)
{
?>
You are now logged into the SUCS Game Server system,
and can connect to any of the servers we have running by simply specifying the hostname/IP address 'games.sucs.org'.
This page must be left open while you are playing.
When you close this window, you will no longer have access to the games server,
and will have to login again if you wish to play some more.
<?php
}
else
if
(
$loginError
==
"UNI_DISALLOWED"
)
{
?>
Thank you for taking an interest in playing on the SUCS game server.
Unfortunately the game server is currently only available to SUCS members,
you can
<a
href=
\"https://sucs.org/join\"
>
sign up
</a>
to SUCS and get 24/7 access to the server
plus all the other benefits that come with SUCS membership.
<?php
}
?>
</p>
<a
class=
"btn btn-warning"
href=
"http://sucs.org/join"
id=
"signup"
>
Signup
</a>
...
...
refresh.js
View file @
48617ff0
...
...
@@ -10,7 +10,6 @@ SIGNUP_INFO = "Thank you for taking an interest in playing on the SUCS game serv
function
loginRefresh
(){
console
.
log
()
$
.
post
(
"
endpoint.php
"
,{
renew
:
1
},
onPostResponse
);
}
var
REFRESH_ID
;
...
...
@@ -23,21 +22,21 @@ function cancelRefresh(){
function
populateExtraData
(
data
,
domain
){
if
(
domain
===
undefined
){
domain
=
$
(
"
body
"
)
domain
=
$
(
"
body
"
)
;
}
$
.
each
(
data
,
function
(
key
,
value
){
var
target
=
domain
.
find
(
"
[data-target='
"
+
key
+
"
']
"
);
if
(
target
.
length
==
0
){
if
(
target
.
length
==
=
0
){
console
.
warn
(
"
failed to find target
"
,
key
,
"
under
"
,
domain
);
return
;
}
if
(
key
==
"
_online
"
){
if
(
value
){
target
.
css
(
"
color
"
,
"
green
"
).
text
(
"
Online
"
)
target
.
css
(
"
color
"
,
"
green
"
).
text
(
"
Online
"
)
;
}
else
{
target
.
css
(
"
color
"
,
"
red
"
).
text
(
"
Offline
"
)
target
.
css
(
"
color
"
,
"
red
"
).
text
(
"
Offline
"
)
;
}
}
else
if
(
value
==
null
){
}
else
if
(
value
==
=
null
){
target
.
empty
();
}
else
if
(
value
instanceof
Array
){
target
.
empty
();
...
...
@@ -45,26 +44,26 @@ function populateExtraData(data,domain){
$
(
"
<li>
"
).
text
(
value
[
i
]).
appendTo
(
target
);
}
}
else
if
(
typeof
value
==
"
object
"
)
{
populateExtraData
(
value
,
target
)
populateExtraData
(
value
,
target
)
;
}
else
{
target
.
text
(
value
);
}
})
})
;
}
function
onPostResponse
(
response
){
console
.
log
(
response
)
console
.
log
(
response
)
;
//When this response comes back it will be 1 of 5 diffrent state we care about
//DEFAULT|BANNED|UNI-NO|GAME-ACCESS|BAD-CREDENTIALS
//Populate extra payload data
populateExtraData
(
response
.
extraPayload
)
populateExtraData
(
response
.
extraPayload
)
;
//if the response is AS_BEFORE nothing changes, just schedle a refresh
if
(
response
.
level
==
"
AS_BEFORE
"
)
{
scheduleRefresh
();
return
return
;
}
//Show an error if there is one
...
...
@@ -92,7 +91,7 @@ function onPostResponse(response){
}
//Now lets take care of the other messages we end up having to display
var
welcomeMessage
var
welcomeMessage
;
if
(
response
.
level
==
"
GAME_ACCESS
"
){
welcomeMessage
=
SUCCESS
;
}
else
if
(
response
.
loginError
==
"
UNI_DISALLOWED
"
){
...
...
@@ -116,12 +115,12 @@ function onPostResponse(response){
onPostResponse
({
level
:
"
NO_LOGIN
"
,
extraPayload
:{}});
$
(
"
form
"
).
submit
(
function
(
event
){
var
data
=
{}
var
data
=
{}
;
$
(
this
).
find
(
"
input
"
).
each
(
function
(){
var
t
=
$
(
this
);
data
[
t
.
attr
(
"
name
"
)]
=
t
.
val
();
if
(
t
.
attr
(
"
type
"
)
==
"
password
"
){
t
.
val
(
""
)
t
.
val
(
""
)
;
}
});
$
.
post
(
"
endpoint.php
"
,
data
,
onPostResponse
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment