Add dashboard audit log and configuration management

- Implemented dashboard audit logging with InsertAuditLog, GetRecentAuditLogs, GetAuditLogsByIP, and CleanupOldAuditLogs methods. - Created dashboard configuration management with GetDashboardConfig and SetDashboardConfig methods. - Added new tables for dashboard_audit_log and dashboard_config in both MySQL and SQLite migrations. - Updated CMakeLists to include Crow and ASIO for dashboard server functionality. - Enhanced existing database classes to support new dashboard features, including character, play key, and property management. - Added new methods for retrieving and managing play keys, properties, and pet names. - Updated TestSQLDatabase to include stubs for new dashboard-related methods. - Modified shared and dashboard configuration files for new settings.
2026-05-13 02:45:04 +00:00 · 2026-04-22 11:01:41 -05:00
parent d532a9b063
commit e3467465b4
92 changed files with 9133 additions and 77 deletions
--- a/dDashboardServer/blueprints/AuthBlueprint.cpp
+++ b/dDashboardServer/blueprints/AuthBlueprint.cpp
@@ -0,0 +1,129 @@
+#include "AuthBlueprint.h"
+#include "Database.h"
+#include <bcrypt/BCrypt.hpp>
+
+namespace AuthBlueprint {
+
+	void Setup(DashboardApp& app) {
+		// Login route
+		CROW_ROUTE(app, "/api/login")
+			.methods("POST"_method)
+			([&](crow::request& req, crow::response& res) {
+				auto body = crow::json::load(req.body);
+				if (!body) {
+					res.code = 400;
+					res.set_header("Content-Type", "application/json");
+					res.write("{\"error\": \"Invalid JSON\"}");
+					res.end();
+					return;
+				}
+
+				std::string username = body["username"].s();
+				std::string password = body["password"].s();
+
+				if (username.empty() || password.empty()) {
+					res.code = 400;
+					res.set_header("Content-Type", "application/json");
+					res.write("{\"error\": \"Username and password required\"}");
+					res.end();
+					return;
+				}
+
+				// Get account info from database
+				auto accountInfo = Database::Get()->GetAccountInfo(username);
+				if (!accountInfo) {
+					res.code = 401;
+					res.set_header("Content-Type", "application/json");
+					res.write("{\"error\": \"Invalid credentials\"}");
+					res.end();
+					return;
+				}
+
+				// Verify password using bcrypt
+				if (!BCrypt::validatePassword(password, accountInfo->bcryptPassword)) {
+					res.code = 401;
+					res.set_header("Content-Type", "application/json");
+					res.write("{\"error\": \"Invalid credentials\"}");
+					res.end();
+					return;
+				}
+
+				// Check if account is banned or locked
+				if (accountInfo->banned) {
+					res.code = 403;
+					res.set_header("Content-Type", "application/json");
+					res.write("{\"error\": \"Account is banned\"}");
+					res.end();
+					return;
+				}
+
+				if (accountInfo->locked) {
+					res.code = 403;
+					res.set_header("Content-Type", "application/json");
+					res.write("{\"error\": \"Account is locked\"}");
+					res.end();
+					return;
+				}
+
+				// Create session
+				auto& session = app.get_context<Session>(req);
+				session.set("username", username);
+				session.set("account_id", static_cast<int>(accountInfo->id));
+				session.set("gm_level", static_cast<int>(accountInfo->maxGmLevel));
+
+				// Return success with user info
+				crow::json::wvalue response;
+				response["success"] = true;
+				response["username"] = username;
+				response["account_id"] = accountInfo->id;
+				response["gm_level"] = static_cast<uint8_t>(accountInfo->maxGmLevel);
+
+				res.set_header("Content-Type", "application/json");
+				res.write(response.dump());
+				res.end();
+			});
+
+		// Logout route
+		CROW_ROUTE(app, "/api/logout")
+			.methods("POST"_method)
+			([&](crow::request& req, crow::response& res) {
+				auto& session = app.get_context<Session>(req);
+
+				// Clear session
+				session.remove("username");
+				session.remove("account_id");
+				session.remove("gm_level");
+
+				crow::json::wvalue response;
+				response["success"] = true;
+
+				res.set_header("Content-Type", "application/json");
+				res.write(response.dump());
+				res.end();
+			});
+
+		// Auth status route
+		CROW_ROUTE(app, "/api/auth/status")
+			([&](const crow::request& req) {
+				auto& session = app.get_context<Session>(const_cast<crow::request&>(req));
+				std::string username = session.template get<std::string>("username");
+
+				crow::json::wvalue response;
+
+				if (!username.empty()) {
+					int account_id = session.template get<int>("account_id", -1);
+					int gm_level = session.template get<int>("gm_level", -1);
+
+					response["authenticated"] = true;
+					response["username"] = username;
+					response["account_id"] = account_id;
+					response["gm_level"] = gm_level;
+				} else {
+					response["authenticated"] = false;
+				}
+
+				return crow::response(response);
+			});
+	}
+
+} // namespace AuthBlueprint