mirror of
https://github.com/DarkflameUniverse/DarkflameServer.git
synced 2026-05-12 18:35:06 +00:00
e3467465b4
- Implemented dashboard audit logging with InsertAuditLog, GetRecentAuditLogs, GetAuditLogsByIP, and CleanupOldAuditLogs methods. - Created dashboard configuration management with GetDashboardConfig and SetDashboardConfig methods. - Added new tables for dashboard_audit_log and dashboard_config in both MySQL and SQLite migrations. - Updated CMakeLists to include Crow and ASIO for dashboard server functionality. - Enhanced existing database classes to support new dashboard features, including character, play key, and property management. - Added new methods for retrieving and managing play keys, properties, and pet names. - Updated TestSQLDatabase to include stubs for new dashboard-related methods. - Modified shared and dashboard configuration files for new settings.
130 lines
3.6 KiB
C++
130 lines
3.6 KiB
C++
#include "AuthBlueprint.h"
|
|
#include "Database.h"
|
|
#include <bcrypt/BCrypt.hpp>
|
|
|
|
namespace AuthBlueprint {
|
|
|
|
void Setup(DashboardApp& app) {
|
|
// Login route
|
|
CROW_ROUTE(app, "/api/login")
|
|
.methods("POST"_method)
|
|
([&](crow::request& req, crow::response& res) {
|
|
auto body = crow::json::load(req.body);
|
|
if (!body) {
|
|
res.code = 400;
|
|
res.set_header("Content-Type", "application/json");
|
|
res.write("{\"error\": \"Invalid JSON\"}");
|
|
res.end();
|
|
return;
|
|
}
|
|
|
|
std::string username = body["username"].s();
|
|
std::string password = body["password"].s();
|
|
|
|
if (username.empty() || password.empty()) {
|
|
res.code = 400;
|
|
res.set_header("Content-Type", "application/json");
|
|
res.write("{\"error\": \"Username and password required\"}");
|
|
res.end();
|
|
return;
|
|
}
|
|
|
|
// Get account info from database
|
|
auto accountInfo = Database::Get()->GetAccountInfo(username);
|
|
if (!accountInfo) {
|
|
res.code = 401;
|
|
res.set_header("Content-Type", "application/json");
|
|
res.write("{\"error\": \"Invalid credentials\"}");
|
|
res.end();
|
|
return;
|
|
}
|
|
|
|
// Verify password using bcrypt
|
|
if (!BCrypt::validatePassword(password, accountInfo->bcryptPassword)) {
|
|
res.code = 401;
|
|
res.set_header("Content-Type", "application/json");
|
|
res.write("{\"error\": \"Invalid credentials\"}");
|
|
res.end();
|
|
return;
|
|
}
|
|
|
|
// Check if account is banned or locked
|
|
if (accountInfo->banned) {
|
|
res.code = 403;
|
|
res.set_header("Content-Type", "application/json");
|
|
res.write("{\"error\": \"Account is banned\"}");
|
|
res.end();
|
|
return;
|
|
}
|
|
|
|
if (accountInfo->locked) {
|
|
res.code = 403;
|
|
res.set_header("Content-Type", "application/json");
|
|
res.write("{\"error\": \"Account is locked\"}");
|
|
res.end();
|
|
return;
|
|
}
|
|
|
|
// Create session
|
|
auto& session = app.get_context<Session>(req);
|
|
session.set("username", username);
|
|
session.set("account_id", static_cast<int>(accountInfo->id));
|
|
session.set("gm_level", static_cast<int>(accountInfo->maxGmLevel));
|
|
|
|
// Return success with user info
|
|
crow::json::wvalue response;
|
|
response["success"] = true;
|
|
response["username"] = username;
|
|
response["account_id"] = accountInfo->id;
|
|
response["gm_level"] = static_cast<uint8_t>(accountInfo->maxGmLevel);
|
|
|
|
res.set_header("Content-Type", "application/json");
|
|
res.write(response.dump());
|
|
res.end();
|
|
});
|
|
|
|
// Logout route
|
|
CROW_ROUTE(app, "/api/logout")
|
|
.methods("POST"_method)
|
|
([&](crow::request& req, crow::response& res) {
|
|
auto& session = app.get_context<Session>(req);
|
|
|
|
// Clear session
|
|
session.remove("username");
|
|
session.remove("account_id");
|
|
session.remove("gm_level");
|
|
|
|
crow::json::wvalue response;
|
|
response["success"] = true;
|
|
|
|
res.set_header("Content-Type", "application/json");
|
|
res.write(response.dump());
|
|
res.end();
|
|
});
|
|
|
|
// Auth status route
|
|
CROW_ROUTE(app, "/api/auth/status")
|
|
([&](const crow::request& req) {
|
|
auto& session = app.get_context<Session>(const_cast<crow::request&>(req));
|
|
std::string username = session.template get<std::string>("username");
|
|
|
|
crow::json::wvalue response;
|
|
|
|
if (!username.empty()) {
|
|
int account_id = session.template get<int>("account_id", -1);
|
|
int gm_level = session.template get<int>("gm_level", -1);
|
|
|
|
response["authenticated"] = true;
|
|
response["username"] = username;
|
|
response["account_id"] = account_id;
|
|
response["gm_level"] = gm_level;
|
|
} else {
|
|
response["authenticated"] = false;
|
|
}
|
|
|
|
return crow::response(response);
|
|
});
|
|
}
|
|
|
|
} // namespace AuthBlueprint
|