You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
rogueserver/api/account.go

147 lines
3.5 KiB
Go

11 months ago
package api
import (
11 months ago
"bytes"
"crypto/rand"
"database/sql"
11 months ago
"encoding/base64"
"fmt"
"os"
11 months ago
"regexp"
"strconv"
"time"
11 months ago
"github.com/Flashfyre/pokerogue-server/db"
11 months ago
"golang.org/x/crypto/argon2"
11 months ago
)
11 months ago
const (
UUIDSize = 16
ArgonTime = 1
ArgonMemory = 256 * 1024
ArgonThreads = 4
ArgonKeySize = 32
ArgonSaltSize = 16
11 months ago
)
var isValidUsername = regexp.MustCompile(`^\w{1,16}$`).MatchString
11 months ago
type AccountInfoResponse struct {
Username string `json:"username"`
LastSessionSlot int `json:"lastSessionSlot"`
11 months ago
}
8 months ago
// /account/info - get account info
func handleAccountInfo(username string, uuid []byte) (AccountInfoResponse, error) {
var latestSave time.Time
latestSaveID := -1
for id := range sessionSlotCount {
fileName := "session"
if id != 0 {
fileName += strconv.Itoa(id)
}
stat, err := os.Stat(fmt.Sprintf("userdata/%x/%s.pzs", uuid, fileName))
if err != nil {
continue
}
if stat.ModTime().After(latestSave) {
latestSave = stat.ModTime()
latestSaveID = id
}
}
return AccountInfoResponse{Username: username, LastSessionSlot: latestSaveID}, nil
11 months ago
}
type AccountRegisterRequest GenericAuthRequest
8 months ago
// /account/register - register account
func handleAccountRegister(request AccountRegisterRequest) error {
if !isValidUsername(request.Username) {
return fmt.Errorf("invalid username")
11 months ago
}
if len(request.Password) < 6 {
return fmt.Errorf("invalid password")
11 months ago
}
uuid := make([]byte, UUIDSize)
_, err := rand.Read(uuid)
11 months ago
if err != nil {
return fmt.Errorf("failed to generate uuid: %s", err)
11 months ago
}
salt := make([]byte, ArgonSaltSize)
11 months ago
_, err = rand.Read(salt)
if err != nil {
return fmt.Errorf(fmt.Sprintf("failed to generate salt: %s", err))
11 months ago
}
err = db.AddAccountRecord(uuid, request.Username, argon2.IDKey([]byte(request.Password), salt, ArgonTime, ArgonMemory, ArgonThreads, ArgonKeySize), salt)
11 months ago
if err != nil {
return fmt.Errorf("failed to add account record: %s", err)
11 months ago
}
return nil
11 months ago
}
type AccountLoginRequest GenericAuthRequest
type AccountLoginResponse GenericAuthResponse
8 months ago
// /account/login - log into account
func handleAccountLogin(request AccountLoginRequest) (AccountLoginResponse, error) {
if !isValidUsername(request.Username) {
return AccountLoginResponse{}, fmt.Errorf("invalid username")
11 months ago
}
if len(request.Password) < 6 {
return AccountLoginResponse{}, fmt.Errorf("invalid password")
11 months ago
}
key, salt, err := db.FetchAccountKeySaltFromUsername(request.Username)
11 months ago
if err != nil {
if err == sql.ErrNoRows {
return AccountLoginResponse{}, fmt.Errorf("account doesn't exist")
11 months ago
}
return AccountLoginResponse{}, err
11 months ago
}
if !bytes.Equal(key, argon2.IDKey([]byte(request.Password), salt, ArgonTime, ArgonMemory, ArgonThreads, ArgonKeySize)) {
return AccountLoginResponse{}, fmt.Errorf("password doesn't match")
11 months ago
}
token := make([]byte, 32)
11 months ago
_, err = rand.Read(token)
if err != nil {
return AccountLoginResponse{}, fmt.Errorf("failed to generate token: %s", err)
11 months ago
}
err = db.AddAccountSession(request.Username, token)
11 months ago
if err != nil {
return AccountLoginResponse{}, fmt.Errorf("failed to add account session")
11 months ago
}
return AccountLoginResponse{Token: base64.StdEncoding.EncodeToString(token)}, nil
11 months ago
}
// /account/logout - log out of account
func handleAccountLogout(token []byte) error {
11 months ago
if len(token) != 32 {
return fmt.Errorf("invalid token")
11 months ago
}
err := db.RemoveSessionFromToken(token)
11 months ago
if err != nil {
if err == sql.ErrNoRows {
return fmt.Errorf("token not found")
11 months ago
}
return fmt.Errorf("failed to remove account session")
11 months ago
}
11 months ago
return nil
11 months ago
}