// TODO: rename this module to auth
use std::net;
use rand::{Rng, RngCore};
use bcrypt;
use libpso::packet::login::*;
use libpso::{PacketParseError, PSOPacket};
use libpso::crypto::{CipherError, PSOCipher, NullCipher};
use libpso::crypto::bb::PSOBBCipher;
use elseware::{pktvec, utf8_to_array};
use elseware::common::pktvec::PktVec;
use elseware::common::cipherkeys::{ELSEWHERE_PRIVATE_KEY, ELSEWHERE_PARRAY};
//use elseware::common::network::{PacketNetworkError};
use elseware::common::client::Client;
use elseware::common::serverstate::{SendServerPacket, RecvServerPacket, ServerState, OnConnect, ClientId};
use elseware::common::util::array_to_utf8;
use crate::dataaccess::DataAccess;
use crate::entities::UserAccount;
pub const LOGIN_PORT: u16 = 12000;
#[derive(Debug)]
pub enum LoginError {
}
#[derive(Debug, PartialEq)]
pub enum RecvLoginPacket {
Login(Login),
}
impl RecvServerPacket for RecvLoginPacket {
fn from_bytes(data: &[u8]) -> Result<RecvLoginPacket, PacketParseError> {
match data[2] {
0x93 => Ok(RecvLoginPacket::Login(Login::from_bytes(data)?)),
_ => Err(PacketParseError::WrongPacketForServerType)
}
}
}
#[derive(Debug, PartialEq)]
pub enum SendLoginPacket {
LoginResponse(LoginResponse),
LoginWelcome(LoginWelcome),
RedirectClient(RedirectClient),
}
impl SendServerPacket for SendLoginPacket {
fn as_bytes(&self) -> Vec<u8> {
match self {
SendLoginPacket::LoginResponse(pkt) => pkt.as_bytes(),
SendLoginPacket::LoginWelcome(pkt) => pkt.as_bytes(),
SendLoginPacket::RedirectClient(pkt) => pkt.as_bytes(),
}
}
}
#[derive(Clone)]
pub struct SharedLoginState<DA: DataAccess> {
pub data_access: DA,
}
impl<DA: DataAccess> SharedLoginState<DA> {
pub fn new(data_access: DA) -> SharedLoginState<DA> {
SharedLoginState {
data_access: data_access,
}
}
}
pub struct LoginServerState<DA: DataAccess> {
data_access: DA,
}
pub fn get_login_status(data_access: &dyn DataAccess, pkt: &Login) -> Result<UserAccount, AccountStatus> {
let username = array_to_utf8(pkt.username).map_err(|_err| AccountStatus::Error)?;
let password = array_to_utf8(pkt.password).map_err(|_err| AccountStatus::Error)?;
let user = data_access.get_user_by_name(username).ok_or(AccountStatus::InvalidUser)?;
let verified = bcrypt::verify(password, user.password.as_str()).map_err(|_err| AccountStatus::Error)?;
match verified {
true => Ok(user),
false => Err(AccountStatus::InvalidPassword)
}
}
impl<DA: DataAccess> LoginServerState<DA> {
pub fn new(data_access: DA) -> LoginServerState<DA> {
LoginServerState {
data_access: data_access,
}
}
fn validate_login(&mut self, pkt: &Login) -> Vec<SendLoginPacket> {
match get_login_status(&self.data_access, pkt) {
Ok(_user) => {
let response = SendLoginPacket::LoginResponse(LoginResponse::by_status(AccountStatus::Ok, pkt.security_data));
let ip = net::Ipv4Addr::new(127,0,0,1);
let ip = u32::from_ne_bytes(ip.octets());
vec![response,
SendLoginPacket::RedirectClient(RedirectClient::new(ip, crate::character::CHARACTER_PORT))]
},
Err(err) => {
vec![SendLoginPacket::LoginResponse(LoginResponse::by_status(err, pkt.security_data))]
}
}
}
}
impl<DA: DataAccess> ServerState for LoginServerState<DA> {
type SendPacket = SendLoginPacket;
type RecvPacket = RecvLoginPacket;
type PacketError = LoginError;
fn on_connect(&mut self) -> Vec<OnConnect<Self::SendPacket>> {
let mut rng = rand::thread_rng();
let mut server_key = [0u8; 48];
let mut client_key = [0u8; 48];
rng.fill(&mut server_key[..]);
rng.fill(&mut client_key[..]);
vec![OnConnect::Packet(SendLoginPacket::LoginWelcome(LoginWelcome::new(server_key, client_key))),
OnConnect::Cipher((Box::new(PSOBBCipher::new(ELSEWHERE_PARRAY, ELSEWHERE_PRIVATE_KEY, client_key)),
Box::new(PSOBBCipher::new(ELSEWHERE_PARRAY, ELSEWHERE_PRIVATE_KEY, server_key))))
]
}
fn handle(&mut self, id: ClientId, pkt: &Self::RecvPacket) -> Box<dyn Iterator<Item = (ClientId, Self::SendPacket)>> {
match pkt {
RecvLoginPacket::Login(login) => {
Box::new(self.validate_login(login)
.into_iter()
.map(move |pkt| {
(id, pkt)
}))
}
}
}
}
#[cfg(test)]
mod test {
use std::time::SystemTime;
use super::*;
#[test]
fn test_correct_login() {
struct TestData {
}
impl DataAccess for TestData {
fn get_user_by_name(&self, name: String) -> Option<UserAccount> {
assert!(name == "testuser");
Some(UserAccount {
id: 1,
username: "testuser".to_owned(),
password: bcrypt::hash("mypassword", 5).unwrap(),
guildcard: None,
team_id: None,
banned: false,
muted_until: SystemTime::now(),
created_at: SystemTime::now(),
})
}
}
let mut server = LoginServerState::new(TestData {});
let send = server.handle(1, &RecvLoginPacket::Login(Login {
flag: 0,
tag: 65536,
guildcard: 0,
version: 65,
unknown1: [0, 0, 0, 255, 0, 14],
team: 0,
username: utf8_to_array!("testuser", 16),
unknown2: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0],
password: utf8_to_array!("mypassword", 16),
unknown3: [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0],
hwinfo: [129, 1, 1, 1, 1, 1, 1, 1],
security_data: [74, 97, 107, 101, 115, 101, 114, 118, 50, 48, 50, 48, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0],
})).collect::<Vec<_>>();
assert!(send == vec![
(1, SendLoginPacket::LoginResponse(LoginResponse {
flag: 0,
status: AccountStatus::Ok,
tag: 65536,
guildcard: 0,
team_id: 0,
security_data: [74, 97, 107, 101, 115, 101, 114, 118, 50, 48, 50, 48, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0],
caps: 258
})),
(1, SendLoginPacket::RedirectClient(RedirectClient {
flag: 0,
ip: 16777343,
port: 12001,
padding: 0,
}))])
}
}