mirror of
https://github.com/Grasscutters/Grasscutter.git
synced 2025-01-09 03:42:57 +08:00
Implement proper handbook authentication (pt. 2)
This commit is contained in:
parent
f1cf6da178
commit
2800cce15a
@ -5,6 +5,7 @@ import emu.grasscutter.data.GameData;
|
||||
import emu.grasscutter.game.avatar.Avatar;
|
||||
import emu.grasscutter.game.entity.EntityMonster;
|
||||
import emu.grasscutter.game.inventory.GameItem;
|
||||
import emu.grasscutter.game.player.Player;
|
||||
import emu.grasscutter.game.props.ActionReason;
|
||||
import emu.grasscutter.server.packet.send.PacketAddNoGachaAvatarCardNotify;
|
||||
import emu.grasscutter.utils.objects.HandbookBody.*;
|
||||
@ -12,6 +13,20 @@ import java.util.Objects;
|
||||
|
||||
/** Commands executed by the handbook. */
|
||||
public interface HandbookActions {
|
||||
/**
|
||||
* Checks if the player is authenticated.
|
||||
*
|
||||
* @param player The player.
|
||||
* @param token The player's unique session token.
|
||||
* @return True if the player is authenticated.
|
||||
*/
|
||||
static boolean isAuthenticated(Player player, String token) {
|
||||
// Check properties.
|
||||
if (player == null || token == null) return false;
|
||||
// Compare the session key and token.
|
||||
return player.getSessionKey().equals(token);
|
||||
}
|
||||
|
||||
/**
|
||||
* Grants an avatar to the player.
|
||||
*
|
||||
@ -37,6 +52,9 @@ public interface HandbookActions {
|
||||
if (player == null) {
|
||||
return Response.builder().status(1).message("Player not found.").build();
|
||||
}
|
||||
if (!HandbookActions.isAuthenticated(player, request.getPlayerToken())) {
|
||||
return Response.builder().status(1).message("Player not authorized.").build();
|
||||
}
|
||||
if (avatarData == null) {
|
||||
return Response.builder().status(400).message("Invalid avatar ID.").build();
|
||||
}
|
||||
@ -92,6 +110,9 @@ public interface HandbookActions {
|
||||
if (player == null) {
|
||||
return Response.builder().status(1).message("Player not found.").build();
|
||||
}
|
||||
if (!HandbookActions.isAuthenticated(player, request.getPlayerToken())) {
|
||||
return Response.builder().status(1).message("Player not authorized.").build();
|
||||
}
|
||||
if (itemData == null) {
|
||||
return Response.builder().status(400).message("Invalid player UID or item ID.").build();
|
||||
}
|
||||
@ -150,6 +171,9 @@ public interface HandbookActions {
|
||||
if (player == null) {
|
||||
return Response.builder().status(1).message("Player not found.").build();
|
||||
}
|
||||
if (!HandbookActions.isAuthenticated(player, request.getPlayerToken())) {
|
||||
return Response.builder().status(1).message("Player not authorized.").build();
|
||||
}
|
||||
|
||||
// Find the scene in the player's world.
|
||||
var scene = player.getWorld().getSceneById(sceneId);
|
||||
@ -201,6 +225,9 @@ public interface HandbookActions {
|
||||
if (player == null) {
|
||||
return Response.builder().status(1).message("Player not found.").build();
|
||||
}
|
||||
if (!HandbookActions.isAuthenticated(player, request.getPlayerToken())) {
|
||||
return Response.builder().status(1).message("Player not authorized.").build();
|
||||
}
|
||||
if (entityData == null) {
|
||||
return Response.builder().status(400).message("Invalid entity ID.").build();
|
||||
}
|
||||
|
@ -72,10 +72,7 @@ import emu.grasscutter.server.game.GameServer;
|
||||
import emu.grasscutter.server.game.GameSession;
|
||||
import emu.grasscutter.server.game.GameSession.SessionState;
|
||||
import emu.grasscutter.server.packet.send.*;
|
||||
import emu.grasscutter.utils.DateHelper;
|
||||
import emu.grasscutter.utils.MessageHandler;
|
||||
import emu.grasscutter.utils.Position;
|
||||
import emu.grasscutter.utils.Utils;
|
||||
import emu.grasscutter.utils.*;
|
||||
import it.unimi.dsi.fastutil.ints.Int2ObjectMap;
|
||||
import it.unimi.dsi.fastutil.ints.Int2ObjectOpenHashMap;
|
||||
import lombok.Getter;
|
||||
@ -98,6 +95,7 @@ public class Player implements PlayerHook {
|
||||
@Getter private String accountId;
|
||||
@Setter private transient Account account;
|
||||
@Getter @Setter private transient GameSession session;
|
||||
@Transient private String sessionKey;
|
||||
|
||||
@Getter private String nickname;
|
||||
@Getter private String signature;
|
||||
@ -376,6 +374,24 @@ public class Player implements PlayerHook {
|
||||
return this.account;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return The player's session key.
|
||||
*/
|
||||
public String getSessionKey() {
|
||||
if (this.sessionKey == null) {
|
||||
// Check if the account is null.
|
||||
if (this.account == null) {
|
||||
this.account = DispatchUtils.getAccountById(this.getAccountId());
|
||||
}
|
||||
if (this.account == null) return "";
|
||||
|
||||
// Get the session key.
|
||||
this.sessionKey = this.getAccount().getSessionKey();
|
||||
}
|
||||
|
||||
return this.sessionKey;
|
||||
}
|
||||
|
||||
public boolean isOnline() {
|
||||
return this.getSession() != null && this.getSession().isActive();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user