MP Login: removed Password Reminder functionality
Resolves #2748.
Essentially, all this did was tell users to go use the forum, so it wasn't worth
it to keep it and solve the infinite loading screen issues it was causing.
The server backend still needs to be cleaned up.
Also removed a dead reference to some "Change Username" button in the Login dialog's
code.
(cherry-picked from commit ebec4d6ce8)
This commit is contained in:
Charles Dang
parent
cd622afb0f
commit
717511a428
3 changed files with 33 additions and 72 deletions
|
|
@ -245,20 +245,6 @@
|
|||
|
||||
[/column]
|
||||
|
||||
[column]
|
||||
border = "all"
|
||||
border_size = 5
|
||||
horizontal_alignment = "right"
|
||||
|
||||
[button]
|
||||
definition = "default"
|
||||
id = "password_reminder"
|
||||
|
||||
label = _ "Password Reminder"
|
||||
[/button]
|
||||
|
||||
[/column]
|
||||
|
||||
[column]
|
||||
border = "all"
|
||||
border_size = 5
|
||||
|
|
|
|||
|
|
@ -183,8 +183,6 @@ std::pair<wesnothd_connection_ptr, config> open_connection(std::string host)
|
|||
|
||||
// Enter login loop
|
||||
for(;;) {
|
||||
std::string password_reminder = "";
|
||||
|
||||
std::string login = preferences::login();
|
||||
|
||||
config response ;
|
||||
|
|
@ -251,53 +249,49 @@ std::pair<wesnothd_connection_ptr, config> open_connection(std::string host)
|
|||
// or request a password reminder.
|
||||
// Otherwise or if the user pressed 'cancel' in the confirmation dialog
|
||||
// above go directly to the username/password dialog
|
||||
if((is_pw_request || !password_reminder.empty()) && !fall_through) {
|
||||
if(is_pw_request) {
|
||||
if((*error)["phpbb_encryption"].to_bool()) {
|
||||
// Apparently HTML key-characters are passed to the hashing functions of phpbb in this escaped form.
|
||||
// I will do closer investigations on this, for now let's just hope these are all of them.
|
||||
if(is_pw_request && !fall_through) {
|
||||
if((*error)["phpbb_encryption"].to_bool()) {
|
||||
// Apparently HTML key-characters are passed to the hashing functions of phpbb in this escaped form.
|
||||
// I will do closer investigations on this, for now let's just hope these are all of them.
|
||||
|
||||
// Note: we must obviously replace '&' first, I wasted some time before I figured that out... :)
|
||||
for(std::string::size_type pos = 0; (pos = password.find('&', pos)) != std::string::npos; ++pos)
|
||||
password.replace(pos, 1, "&");
|
||||
for(std::string::size_type pos = 0; (pos = password.find('\"', pos)) != std::string::npos; ++pos)
|
||||
password.replace(pos, 1, """);
|
||||
for(std::string::size_type pos = 0; (pos = password.find('<', pos)) != std::string::npos; ++pos)
|
||||
password.replace(pos, 1, "<");
|
||||
for(std::string::size_type pos = 0; (pos = password.find('>', pos)) != std::string::npos; ++pos)
|
||||
password.replace(pos, 1, ">");
|
||||
// Note: we must obviously replace '&' first, I wasted some time before I figured that out... :)
|
||||
for(std::string::size_type pos = 0; (pos = password.find('&', pos)) != std::string::npos; ++pos)
|
||||
password.replace(pos, 1, "&");
|
||||
for(std::string::size_type pos = 0; (pos = password.find('\"', pos)) != std::string::npos; ++pos)
|
||||
password.replace(pos, 1, """);
|
||||
for(std::string::size_type pos = 0; (pos = password.find('<', pos)) != std::string::npos; ++pos)
|
||||
password.replace(pos, 1, "<");
|
||||
for(std::string::size_type pos = 0; (pos = password.find('>', pos)) != std::string::npos; ++pos)
|
||||
password.replace(pos, 1, ">");
|
||||
|
||||
const std::string salt = (*error)["salt"];
|
||||
const std::string salt = (*error)["salt"];
|
||||
|
||||
if(salt.length() < 12) {
|
||||
throw wesnothd_error(_("Bad data received from server"));
|
||||
}
|
||||
if(salt.length() < 12) {
|
||||
throw wesnothd_error(_("Bad data received from server"));
|
||||
}
|
||||
|
||||
if(utils::md5::is_valid_prefix(salt)) {
|
||||
sp["password"] = utils::md5(utils::md5(password, utils::md5::get_salt(salt),
|
||||
utils::md5::get_iteration_count(salt)).base64_digest(), salt.substr(12, 8)).base64_digest();
|
||||
} else if(utils::bcrypt::is_valid_prefix(salt)) {
|
||||
try {
|
||||
auto bcrypt_salt = utils::bcrypt::from_salted_salt(salt);
|
||||
auto hash = utils::bcrypt::hash_pw(password, bcrypt_salt);
|
||||
std::string outer_salt = salt.substr(bcrypt_salt.iteration_count_delim_pos + 23);
|
||||
if(outer_salt.size() != 32)
|
||||
throw utils::hash_error("salt wrong size");
|
||||
sp["password"] = utils::md5(hash.base64_digest(), outer_salt).base64_digest();
|
||||
} catch(utils::hash_error& err) {
|
||||
ERR_MP << "bcrypt hash failed: " << err.what() << std::endl;
|
||||
throw wesnothd_error(_("Bad data received from server"));
|
||||
}
|
||||
} else {
|
||||
if(utils::md5::is_valid_prefix(salt)) {
|
||||
sp["password"] = utils::md5(utils::md5(password, utils::md5::get_salt(salt),
|
||||
utils::md5::get_iteration_count(salt)).base64_digest(), salt.substr(12, 8)).base64_digest();
|
||||
} else if(utils::bcrypt::is_valid_prefix(salt)) {
|
||||
try {
|
||||
auto bcrypt_salt = utils::bcrypt::from_salted_salt(salt);
|
||||
auto hash = utils::bcrypt::hash_pw(password, bcrypt_salt);
|
||||
std::string outer_salt = salt.substr(bcrypt_salt.iteration_count_delim_pos + 23);
|
||||
if(outer_salt.size() != 32)
|
||||
throw utils::hash_error("salt wrong size");
|
||||
sp["password"] = utils::md5(hash.base64_digest(), outer_salt).base64_digest();
|
||||
} catch(utils::hash_error& err) {
|
||||
ERR_MP << "bcrypt hash failed: " << err.what() << std::endl;
|
||||
throw wesnothd_error(_("Bad data received from server"));
|
||||
}
|
||||
} else {
|
||||
sp["password"] = password;
|
||||
throw wesnothd_error(_("Bad data received from server"));
|
||||
}
|
||||
} else {
|
||||
sp["password"] = password;
|
||||
}
|
||||
|
||||
sp["password_reminder"] = password_reminder;
|
||||
|
||||
// Once again send our request...
|
||||
sock->send_data(response);
|
||||
sock->wait_and_receive_data(data);
|
||||
|
|
@ -310,8 +304,6 @@ std::pair<wesnothd_connection_ptr, config> open_connection(std::string host)
|
|||
if(!*error) break;
|
||||
}
|
||||
|
||||
password_reminder = "";
|
||||
|
||||
// Providing a password either was not attempted because we did not
|
||||
// have any or failed:
|
||||
// Now show a dialog that displays the error and allows to
|
||||
|
|
@ -363,10 +355,6 @@ std::pair<wesnothd_connection_ptr, config> open_connection(std::string host)
|
|||
//Log in with password
|
||||
case gui2::retval::OK:
|
||||
break;
|
||||
//Request a password reminder
|
||||
case 1:
|
||||
password_reminder = "yes";
|
||||
break;
|
||||
// Cancel
|
||||
default:
|
||||
return std::make_pair(wesnothd_connection_ptr(), config());
|
||||
|
|
|
|||
|
|
@ -51,9 +51,6 @@ namespace dialogs
|
|||
* A toggle button to offer to remember the password in the
|
||||
* preferences. $
|
||||
*
|
||||
* password_reminder & & button & o &
|
||||
* Request a password reminder. $
|
||||
*
|
||||
* change_username & & button & o &
|
||||
* Use a different username. $
|
||||
*
|
||||
|
|
@ -93,16 +90,6 @@ void mp_login::save_password(window& win) const
|
|||
|
||||
void mp_login::pre_show(window& win)
|
||||
{
|
||||
if(button* btn = find_widget<button>(&win, "password_reminder", false, false)) {
|
||||
|
||||
btn->set_retval(1);
|
||||
}
|
||||
|
||||
if(button* btn = find_widget<button>(&win, "change_username", false, false)) {
|
||||
|
||||
btn->set_retval(2);
|
||||
}
|
||||
|
||||
text_box& login = find_widget<text_box>(&win, "user_name", false);
|
||||
login.connect_signal<event::RECEIVE_KEYBOARD_FOCUS>(std::bind(&mp_login::load_password, this, std::ref(win)));
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue