diff --git a/server/src/manager/data.rs b/server/src/manager/data.rs index eb275ee..0d0b0c7 100644 --- a/server/src/manager/data.rs +++ b/server/src/manager/data.rs @@ -219,10 +219,23 @@ pub async fn thread_system(mut app:App, bus:Bus) match app.user_handle.get(request.handle.to_lowercase().as_bytes()).cloned() { Some(uid) => { if let Some(tuid) = app.user_id.get(uid as isize).cloned() { - if let Some(user) = app.users.get(tuid).cloned() { + if let Some(mut user) = app.users.get(tuid).cloned() { // Get user salt if let Some(salt) = app.salts.get(user.na_key as isize).cloned() { + // [TEMPORARY] WORKAROUND FOR PASSWORD RESET + if user.secret.is_empty() { + if let Ok(secret) = argon2::hash_raw(&request.secret.as_bytes(), &salt, &argon_config) { + user.secret = secret; + if if let Some(app_user) = app.users.get_mut(tuid) { + app_user.secret = user.secret.clone(); + true + } else { false } { + app.filesystem.user_update(uid, &user).ok(); + } + } + } + // Verify salted secret against user data if argon2::verify_raw(&request.secret.as_bytes(), &salt, &user.secret, &argon_config).unwrap_or(false) { println!("Authenticated user '{}' id {}", user.handle, uid); @@ -695,6 +708,7 @@ pub async fn thread_system(mut app:App, bus:Bus) // Choose player seats. let time = std::time::SystemTime::now().duration_since(std::time::UNIX_EPOCH).unwrap_or_default().as_millis() as u64; + println!("Time {}", time); // Build session. let mut session = Session { diff --git a/server/src/system/filesystem/mod.rs b/server/src/system/filesystem/mod.rs index d68c798..e6f6b64 100644 --- a/server/src/system/filesystem/mod.rs +++ b/server/src/system/filesystem/mod.rs @@ -299,20 +299,7 @@ impl FileSystem { .join(format!("{:08x}", file_index)); fs::create_dir_all(bucket_path.clone()).map_err(|_| ())?; - // Create configuration file - let file_path = bucket_path.join(GENERIC_CONFIG); - if let Ok(mut file) = File::options().write(true).create(true).open(file_path) { - - let handle = user.handle.as_bytes().to_vec(); - - // Write user information - file.write(&pack_u32(user.flags)).map_err(|_| ())?; - file.write(&pack_u32(user.na_key)).map_err(|_| ())?; - file.write(&pack_u16(user.secret.len() as u16)).map_err(|_| ())?; - file.write(&user.secret).map_err(|_| ())?; - file.write(&pack_u8(handle.len() as u8)).map_err(|_| ())?; - file.write(&handle).map_err(|_| ())?; - } + self.user_update(size, user)?; // Create status file let file_path = bucket_path.join(GENERIC_STATUS); @@ -338,6 +325,33 @@ impl FileSystem { Ok(size) } + pub fn user_update(&mut self, id:u32, user:&User) -> Result<(),()> + { + let bucket_index = id & !HANDLE_BUCKET_MASK; + let file_index = id & HANDLE_BUCKET_MASK; + + let bucket_path = Path::new(DIR_USER) + .join(format!("{:08x}", bucket_index)) + .join(format!("{:08x}", file_index)); + + // Create configuration file + let file_path = bucket_path.join(GENERIC_CONFIG); + if let Ok(mut file) = File::options().write(true).create(true).open(file_path) { + + let handle = user.handle.as_bytes().to_vec(); + + // Write user information + file.write(&pack_u32(user.flags)).map_err(|_| ())?; + file.write(&pack_u32(user.na_key)).map_err(|_| ())?; + file.write(&pack_u16(user.secret.len() as u16)).map_err(|_| ())?; + file.write(&user.secret).map_err(|_| ())?; + file.write(&pack_u8(handle.len() as u8)).map_err(|_| ())?; + file.write(&handle).map_err(|_| ())?; + } + + Ok(()) + } + pub fn user_update_status(&mut self) -> Result<(),()> { Err(()) @@ -373,8 +387,11 @@ impl FileSystem { file.read_exact(&mut buffer_u16).map_err(|_| ())?; let secret_length = unpack_u16(&buffer_u16, &mut 0); - let mut secret = vec![0u8; secret_length as usize]; + let mut secret = vec![0u8; (secret_length & 0x7FF) as usize]; file.read_exact(&mut secret).map_err(|_| ())?; + if (secret_length & 0x8000) != 0 { + secret.clear(); + } file.read_exact(&mut buffer_u8).map_err(|_| ())?; let handle_length = unpack_u8(&buffer_u8, &mut 0);