hamyack/GTA4RP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security config

Browse Source
This commit is contained in:
Vortrex
2023-03-04 08:36:24 -06:00
parent e34d24033e
commit 16549d5042
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
scripts/server/account.js
View File

@@ -48,6 +48,7 @@ class AccountData {
this.databaseId = 0; this.databaseId = 0;
this.name = ""; this.name = "";
this.password = ""; this.password = "";
this.passwordRevision = 0;
this.registerDate = 0; this.registerDate = 0;
this.flags = { this.flags = {
moderation: 0, moderation: 0,
@@ -78,6 +79,7 @@ class AccountData {
this.databaseId = toInteger(dbAssoc["acct_id"]); this.databaseId = toInteger(dbAssoc["acct_id"]);
this.name = toString(dbAssoc["acct_name"]); this.name = toString(dbAssoc["acct_name"]);
this.password = toString(dbAssoc["acct_pass"]); this.password = toString(dbAssoc["acct_pass"]);
this.password = toString(dbAssoc["acct_pass_revision"]);
this.registerDate = toInteger(dbAssoc["acct_when_registered"]); this.registerDate = toInteger(dbAssoc["acct_when_registered"]);
this.flags = { this.flags = {
moderation: toInteger(dbAssoc["acct_svr_mod_flags"]), moderation: toInteger(dbAssoc["acct_svr_mod_flags"]),
@@ -821,8 +823,13 @@ function hashAccountPassword(name, password) {
// =========================================================================== // ===========================================================================
function saltAccountInfo(name, password) { function saltAccountInfo(name, password, revision = 0) {
return `ag.gaming.${accountSaltHash}.${name}.${password}`; let tempString = getSecurityConfig().accountPasswordSaltAlgorithm[revision];
tempString.replace("{NAME}", name);
tempString.replace("{PASSWORD}", password);
tempString.replace("{SALTHASH}", getSecurityConfig().accountSaltHash[revision])
return tempString;
} }
// =========================================================================== // ===========================================================================
@@ -1078,7 +1085,7 @@ function createAccount(name, password, email = "") {
let safeName = escapeDatabaseString(dbConnection, name); let safeName = escapeDatabaseString(dbConnection, name);
let safeEmail = escapeDatabaseString(dbConnection, email); let safeEmail = escapeDatabaseString(dbConnection, email);
let dbQuery = queryDatabase(dbConnection, `INSERT INTO acct_main (acct_name, acct_pass, acct_email, acct_when_registered) VALUES ('${safeName}', '${hashedPassword}', '${safeEmail}', CURRENT_TIMESTAMP())`); let dbQuery = queryDatabase(dbConnection, `INSERT INTO acct_main (acct_name, acct_pass, acct_email, acct_when_registered) VALUES ('${safeName}', '${hashedPassword}', '${safeEmail}', UNIX_TIMESTAMP())`);
if (getDatabaseInsertId(dbConnection) > 0) { if (getDatabaseInsertId(dbConnection) > 0) {
let insertId = getDatabaseInsertId(dbConnection); let insertId = getDatabaseInsertId(dbConnection);
createDefaultAccountServerData(insertId); createDefaultAccountServerData(insertId);