-- Authentication handler
--
-function core.string_to_privs(str, delim)
- assert(type(str) == "string")
- delim = delim or ','
- privs = {}
- for _, priv in pairs(string.split(str, delim)) do
- privs[priv:trim()] = true
- end
- return privs
-end
-
-function core.privs_to_string(privs, delim)
- assert(type(privs) == "table")
- delim = delim or ','
- list = {}
- for priv, bool in pairs(privs) do
- if bool then
- table.insert(list, priv)
- end
- end
- return table.concat(list, delim)
-end
-
-assert(core.string_to_privs("a,b").b == true)
-assert(core.privs_to_string({a=true,b=true}) == "a,b")
-
core.auth_file_path = core.get_worldpath().."/auth.txt"
core.auth_table = {}
end
for line in file:lines() do
if line ~= "" then
- local name, password, privilegestring = string.match(line, "([^:]*):([^:]*):([^:]*)")
- if not name or not password or not privilegestring then
+ local fields = line:split(":", true)
+ local name, password, privilege_string, last_login = unpack(fields)
+ last_login = tonumber(last_login)
+ if not (name and password and privilege_string) then
error("Invalid line in auth.txt: "..dump(line))
end
- local privileges = core.string_to_privs(privilegestring)
- newtable[name] = {password=password, privileges=privileges}
+ local privileges = core.string_to_privs(privilege_string)
+ newtable[name] = {password=password, privileges=privileges, last_login=last_login}
end
end
io.close(file)
assert(type(stuff) == "table")
assert(type(stuff.password) == "string")
assert(type(stuff.privileges) == "table")
+ assert(stuff.last_login == nil or type(stuff.last_login) == "number")
end
local file, errmsg = io.open(core.auth_file_path, 'w+b')
if not file then
error(core.auth_file_path.." could not be opened for writing: "..errmsg)
end
for name, stuff in pairs(core.auth_table) do
- local privstring = core.privs_to_string(stuff.privileges)
- file:write(name..":"..stuff.password..":"..privstring..'\n')
+ local priv_string = core.privs_to_string(stuff.privileges)
+ local parts = {name, stuff.password, priv_string, stuff.last_login or ""}
+ file:write(table.concat(parts, ":").."\n")
end
io.close(file)
end
end
end
-- For the admin, give everything
- elseif name == core.setting_get("name") then
+ elseif name == core.settings:get("name") then
for priv, def in pairs(core.registered_privileges) do
privileges[priv] = true
end
return {
password = core.auth_table[name].password,
privileges = privileges,
+ -- Is set to nil if unknown
+ last_login = core.auth_table[name].last_login,
}
end,
create_auth = function(name, password)
core.log('info', "Built-in authentication handler adding player '"..name.."'")
core.auth_table[name] = {
password = password,
- privileges = core.string_to_privs(core.setting_get("default_privs")),
+ privileges = core.string_to_privs(core.settings:get("default_privs")),
+ last_login = os.time(),
}
save_auth_file()
end,
assert(type(name) == "string")
assert(type(privileges) == "table")
if not core.auth_table[name] then
- core.builtin_auth_handler.create_auth(name, core.get_password_hash(name, core.setting_get("default_password")))
+ core.builtin_auth_handler.create_auth(name,
+ core.get_password_hash(name,
+ core.settings:get("default_password")))
end
core.auth_table[name].privileges = privileges
core.notify_authentication_modified(name)
read_auth_file()
return true
end,
+ record_login = function(name)
+ assert(type(name) == "string")
+ assert(core.auth_table[name]).last_login = os.time()
+ save_auth_file()
+ end,
}
function core.register_authentication_handler(handler)
end
core.registered_auth_handler = handler
core.registered_auth_handler_modname = core.get_current_modname()
+ handler.mod_origin = core.registered_auth_handler_modname
end
function core.get_auth_handler()
- if core.registered_auth_handler then
- return core.registered_auth_handler
- end
- return core.builtin_auth_handler
+ return core.registered_auth_handler or core.builtin_auth_handler
end
-function core.set_player_password(name, password)
- if core.get_auth_handler().set_password then
- core.get_auth_handler().set_password(name, password)
+local function auth_pass(name)
+ return function(...)
+ local auth_handler = core.get_auth_handler()
+ if auth_handler[name] then
+ return auth_handler[name](...)
+ end
+ return false
end
end
-function core.set_player_privs(name, privs)
- if core.get_auth_handler().set_privileges then
- core.get_auth_handler().set_privileges(name, privs)
- end
-end
+core.set_player_password = auth_pass("set_password")
+core.set_player_privs = auth_pass("set_privileges")
+core.auth_reload = auth_pass("reload")
-function core.auth_reload()
- if core.get_auth_handler().reload then
- return core.get_auth_handler().reload()
- end
- return false
-end
+local record_login = auth_pass("record_login")
+core.register_on_joinplayer(function(player)
+ record_login(player:get_player_name())
+end)
+
+core.register_on_prejoinplayer(function(name, ip)
+ local auth = core.auth_table
+ if auth[name] ~= nil then
+ return
+ end
+
+ local name_lower = name:lower()
+ for k in pairs(auth) do
+ if k:lower() == name_lower then
+ return string.format("\nCannot create new player called '%s'. "..
+ "Another account called '%s' is already registered. "..
+ "Please check the spelling if it's your account "..
+ "or use a different nickname.", name, k)
+ end
+ end
+end)