diff options
| author | Himbeer <himbeer@disroot.org> | 2024-11-16 23:17:27 +0100 |
|---|---|---|
| committer | Himbeer <himbeer@disroot.org> | 2024-11-17 16:32:50 +0100 |
| commit | d0d39d2f9f3abb68eec146376b3233c8bc7c1cfa (patch) | |
| tree | 70be515811406cdc3ba1ab8b56d3c6eccb2f0d59 /process.go | |
| parent | e7d92562fcf05e4f9b7f6ba29b7cda529aab49bc (diff) | |
Allow plugins to implement authentication backends
Design decisions:
* Config option specifies which of the registered backends is used
* Name conflicts (including with builtins) make the backend registration
fail
* Builtin backends are not moved to plugins to avoid breaking existing
setups confusion in general
* Builtin backends are exposed to plugins (and have been for some time);
Important information and internal methods are hidden to prevent
interference from malicious plugins
See doc/auth_backends.md and the related interface and function
documentation for details.
Closes #127.
Diffstat (limited to 'process.go')
| -rw-r--r-- | process.go | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -88,7 +88,7 @@ func (cc *ClientConn) process(pkt mt.Pkt) { cc.name = cmd.PlayerName cc.logger.SetPrefix(fmt.Sprintf("[%s %s] ", cc.RemoteAddr(), cc.Name())) - if authIface.Banned(cc.RemoteAddr().(*net.UDPAddr)) { + if DefaultAuth().Banned(cc.RemoteAddr().(*net.UDPAddr)) { cc.Log("<-", "banned") cc.Kick("Banned by proxy.") return @@ -141,7 +141,7 @@ func (cc *ClientConn) process(pkt mt.Pkt) { } // reply - if authIface.Exists(cc.Name()) { + if DefaultAuth().Exists(cc.Name()) { cc.auth.method = mt.SRP } else { cc.auth.method = mt.FirstSRP @@ -188,7 +188,7 @@ func (cc *ClientConn) process(pkt mt.Pkt) { return } - if err := authIface.SetPasswd(cc.Name(), cmd.Salt, cmd.Verifier); err != nil { + if err := DefaultAuth().SetPasswd(cc.Name(), cmd.Salt, cmd.Verifier); err != nil { cc.Log("<-", "set password fail") ack, _ := cc.SendCmd(&mt.ToCltKick{Reason: mt.SrvErr}) @@ -215,7 +215,7 @@ func (cc *ClientConn) process(pkt mt.Pkt) { } cc.setState(csActive) - if err := authIface.SetPasswd(cc.Name(), cmd.Salt, cmd.Verifier); err != nil { + if err := DefaultAuth().SetPasswd(cc.Name(), cmd.Salt, cmd.Verifier); err != nil { cc.Log("<-", "change password fail") cc.SendChatMsg("Password change failed or unavailable.") return @@ -258,7 +258,7 @@ func (cc *ClientConn) process(pkt mt.Pkt) { cc.auth.method = mt.SRP - salt, verifier, err := authIface.Passwd(cc.Name()) + salt, verifier, err := DefaultAuth().Passwd(cc.Name()) if err != nil { cc.Log("<-", "SRP data retrieval fail") ack, _ := cc.SendCmd(&mt.ToCltKick{Reason: mt.SrvErr}) |