61 lines
2.2 KiB
Rust
61 lines
2.2 KiB
Rust
/*
|
|
* Yggdrasil: Minecraft authentication server
|
|
* Copyright (C) 2023 0xf8.dev@proton.me
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
use tide::{prelude::*, Request, Result};
|
|
|
|
use yggdrasil::Database;
|
|
use yggdrasil::errors::YggdrasilError;
|
|
use yggdrasil::structs::session::Session;
|
|
use yggdrasil::structs::token::Token;
|
|
|
|
#[derive(Deserialize, Debug)]
|
|
struct JoinBody {
|
|
#[serde(rename = "accessToken")]
|
|
pub access_token: String,
|
|
|
|
#[serde(rename = "selectedProfile")]
|
|
pub profile_uuid: String,
|
|
|
|
#[serde(rename = "serverId")]
|
|
pub server_id: String
|
|
}
|
|
|
|
pub async fn join(mut req: Request<Database>) -> Result {
|
|
let Ok(body) = req.body_json::<JoinBody>().await else {
|
|
return Err(YggdrasilError::new_bad_request("Bad Request").into())
|
|
};
|
|
|
|
let Some(token) = Token::from_access_token(req.state(), body.access_token).await else {
|
|
// Token doesnt exist
|
|
return Err(YggdrasilError::new_unauthorized("Invalid token.").into())
|
|
};
|
|
|
|
if !token.validate(req.state(), false).await? {
|
|
// Invalid token
|
|
return Err(YggdrasilError::new_unauthorized("Invalid token.").into())
|
|
}
|
|
|
|
let Some(profile) = token.account.selected_profile.to_owned() else {
|
|
// No selected profile
|
|
return Err(YggdrasilError::new_unauthorized("Invalid token.").into())
|
|
};
|
|
|
|
if body.profile_uuid != profile.uuid {
|
|
// UUID doesn't match
|
|
return Err(YggdrasilError::new_unauthorized("Invalid token.").into())
|
|
}
|
|
|
|
Session::create(req.state(), &profile, body.server_id, req.remote().unwrap().to_string()).await?;
|
|
|
|
Ok("".into())
|
|
}
|
|
|