99 lines
3.4 KiB
Rust
99 lines
3.4 KiB
Rust
/*
|
|
* Yggdrasil: Minecraft authentication server
|
|
* Copyright (C) 2023 0xf8.dev@proton.me
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
use log::{debug, info};
|
|
use tide::{prelude::*, Request, Result};
|
|
|
|
use yggdrasil::*;
|
|
use yggdrasil::errors::YggdrasilError;
|
|
use yggdrasil::structs::{account::Account, cape::Cape, token::Token};
|
|
|
|
#[derive(Deserialize, Debug)]
|
|
struct Agent {
|
|
pub name: String,
|
|
pub version: i64,
|
|
}
|
|
|
|
#[derive(Deserialize, Debug)]
|
|
struct AuthenticateBody {
|
|
pub agent: Agent,
|
|
pub username: String,
|
|
pub password: String,
|
|
|
|
#[serde(rename = "clientToken")]
|
|
pub client_token: Option<String>,
|
|
|
|
#[serde(rename = "requestUser")]
|
|
pub request_user: Option<bool>,
|
|
}
|
|
|
|
pub async fn authenticate(mut req: Request<Database>) -> Result {
|
|
let Ok(body) = req.body_json::<AuthenticateBody>().await else {
|
|
return Err(YggdrasilError::new_bad_request("Credentials can not be null.").into());
|
|
};
|
|
|
|
// Check current agent
|
|
if body.agent.name != "Minecraft" || body.agent.version != 1 {
|
|
return Err(YggdrasilError::new_bad_request("Unsupported game.").into());
|
|
};
|
|
|
|
// Get account
|
|
let account = Account::from_email(req.state(), body.username).await;
|
|
|
|
let Some(account) = account else {
|
|
// Account doesn't exist
|
|
return Err(YggdrasilError::new_unauthorized("Invalid credentials. Invalid username or password.").into());
|
|
};
|
|
|
|
// Verify password
|
|
if !bcrypt::verify(body.password, &account.password_hash)? {
|
|
// Password incorrect
|
|
return Err(YggdrasilError::new_unauthorized("Invalid credentials. Invalid username or password.").into());
|
|
}
|
|
|
|
// Response
|
|
let client_token = match body.client_token {
|
|
None => Token::random_token(),
|
|
Some(t) => t
|
|
};
|
|
|
|
// New token
|
|
let Some(token) = Token::new(req.state(), account.to_owned(), client_token).await else {
|
|
return Err(YggdrasilError::new_bad_request("Couldn't create new token").into())
|
|
};
|
|
|
|
let mut response = json!({
|
|
"clientToken": token.client,
|
|
"accessToken": token.access,
|
|
"availableProfiles": account.get_all_profiles(req.state()).await.unwrap_or(Vec::new()),
|
|
});
|
|
|
|
// Give selected profile if it exists
|
|
if let Some(profile) = account.selected_profile.to_owned() {
|
|
response["selectedProfile"] = json!({
|
|
"id": profile.uuid,
|
|
"name": profile.name,
|
|
"name_history": profile.name_history,
|
|
"skin_variant": profile.skin_variant,
|
|
"capes": match profile.capes {
|
|
Some(capes) => Cape::capes_to_string(capes),
|
|
None => "".to_string()
|
|
},
|
|
"active_cape": profile.active_cape,
|
|
"attributes": profile.attributes.to_json()
|
|
});
|
|
}
|
|
|
|
// Give user if requested
|
|
if body.request_user.unwrap_or(false) { response["user"] = account.to_user() }
|
|
|
|
Ok(response.into())
|
|
} |