mirror of
https://github.com/GravitLauncher/Launcher
synced 2024-11-15 11:39:11 +03:00
Закрытие доступа неавторизированным к checkServer/joinServer
This commit is contained in:
parent
a8153c9101
commit
0c9bb41bee
2 changed files with 14 additions and 4 deletions
|
@ -10,6 +10,7 @@
|
|||
import ru.gravit.launchserver.auth.AuthException;
|
||||
import ru.gravit.launchserver.response.Response;
|
||||
import ru.gravit.launchserver.response.profile.ProfileByUUIDResponse;
|
||||
import ru.gravit.launchserver.socket.Client;
|
||||
import ru.gravit.utils.helper.LogHelper;
|
||||
import ru.gravit.utils.helper.VerifyHelper;
|
||||
|
||||
|
@ -25,9 +26,12 @@ public void reply() throws IOException {
|
|||
String serverID = VerifyHelper.verifyServerID(input.readASCII(41)); // With minus sign
|
||||
String client = input.readString(SerializeLimits.MAX_CLIENT);
|
||||
debug("Username: %s, Server ID: %s", username, serverID);
|
||||
//Фитча оставлена до внедрения WebSockets
|
||||
//Client clientData = server.sessionManager.getClient(session);
|
||||
//if(!clientData.isAuth || clientData.type != Client.Type.SERVER) { requestError("Assess denied"); return;}
|
||||
Client clientData = server.sessionManager.getClient(session);
|
||||
if(!clientData.isAuth || clientData.type != Client.Type.SERVER)
|
||||
{
|
||||
requestError("Assess denied");
|
||||
return;
|
||||
}
|
||||
// Try check server with auth handler
|
||||
UUID uuid;
|
||||
try {
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
import ru.gravit.launchserver.LaunchServer;
|
||||
import ru.gravit.launchserver.auth.AuthException;
|
||||
import ru.gravit.launchserver.response.Response;
|
||||
import ru.gravit.launchserver.socket.Client;
|
||||
import ru.gravit.utils.helper.LogHelper;
|
||||
import ru.gravit.utils.helper.SecurityHelper;
|
||||
import ru.gravit.utils.helper.VerifyHelper;
|
||||
|
@ -23,7 +24,12 @@ public void reply() throws IOException {
|
|||
String username = VerifyHelper.verifyUsername(input.readString(SerializeLimits.MAX_LOGIN));
|
||||
String accessToken = SecurityHelper.verifyToken(input.readASCII(-SecurityHelper.TOKEN_STRING_LENGTH));
|
||||
String serverID = VerifyHelper.verifyServerID(input.readASCII(SerializeLimits.MAX_SERVERID)); // With minus sign
|
||||
|
||||
Client clientData = server.sessionManager.getClient(session);
|
||||
if(!clientData.isAuth || clientData.type != Client.Type.USER)
|
||||
{
|
||||
requestError("Assess denied");
|
||||
return;
|
||||
}
|
||||
// Try join server with auth handler
|
||||
debug("Username: '%s', Access token: %s, Server ID: %s", username, accessToken, serverID);
|
||||
boolean success;
|
||||
|
|
Loading…
Reference in a new issue