From ad25fb61f76b88e27caa9d9bd9759c990c400a7f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gabriel=20P=C3=A9rez-Cerezo?= Date: Sat, 10 Oct 2020 23:35:44 +0200 Subject: Squashed 'auth_export/' content from commit 77f7a30 git-subtree-dir: auth_export git-subtree-split: 77f7a301678e6e4b121d0f4729594f5cb34d8c39 --- README.md | 35 +++++++++++++++++++++++ channel.lua | 93 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ init.lua | 26 +++++++++++++++++ webmail.lua | 53 +++++++++++++++++++++++++++++++++++ 4 files changed, 207 insertions(+) create mode 100644 README.md create mode 100644 channel.lua create mode 100644 init.lua create mode 100644 webmail.lua diff --git a/README.md b/README.md new file mode 100644 index 0000000..363174a --- /dev/null +++ b/README.md @@ -0,0 +1,35 @@ +# Auth_export mod for minetest + +This is an ad-hoc mod written to interface Minetest with Mediawiki +(see [the mediawiki plugin](/AuthMinetest.git/)). It is intended only +for usage with the http server bundled with the mediawiki plugin. + +## Installation + +To set up your minetest installation to communicate with the minetest server, edit your "minetest.conf": + +``` +# enable curl/http on that mod +secure.http_mods = mail +secure.http_mods = auth_export +``` + +## BUGS + +Bugs are tracked on +[Hemiptera](https://bugs.linux-forks.de/MinetestMediawiki/). Send bugs +as an e-mail to + +## TODO + +* Improve architecture – This mod's architecture is rather ugly right now +* Integrate with various ban mechanisms +* Add service-specific access rights, such as a "wiki" priv for wiki + access, or "nowiki" xban flag to ban access to wiki + + +## Credits + +This mod is essentially scavenged from +[the webmail mod](https://github.com/thomasrudin-mt/mail) by Thomas +Rudin. diff --git a/channel.lua b/channel.lua new file mode 100644 index 0000000..2885e68 --- /dev/null +++ b/channel.lua @@ -0,0 +1,93 @@ +-- bi-directional http-channel +-- with long-poll GET and POST on the same URL + +local debug = true + +local function Channel(http, url, cfg) + cfg = cfg or {} + local extra_headers = cfg.extra_headers or {} + local timeout = cfg.timeout or 1 + local long_poll_timeout = cfg.long_poll_timeout or 30 + local error_retry = cfg.error_retry or 10 + + -- assemble post-header with json content + local post_headers = { "Content-Type: application/json" } + for _,header in pairs(cfg.extra_headers) do + table.insert(post_headers, header) + end + + local recv_listeners = {} + local run = true + + local recv_loop + + recv_loop = function() + assert(run) + + -- long-poll GET + http.fetch({ + url = url, + extra_headers = extra_headers, + timeout = long_poll_timeout + }, function(res) + if res.succeeded and res.code == 200 then + local data = minetest.parse_json(res.data) + + if debug then + minetest.log("action", "[webmail-rx] " .. dump(data)) + end + + if data then + for _,listener in pairs(recv_listeners) do + listener(data) + end + end + -- reschedule immediately + minetest.after(0, recv_loop) + else + -- error, retry after some time + minetest.after(error_retry, recv_loop) + end + end) + end + + + local send = function(data) + assert(run) + -- POST + + if debug then + minetest.log("action", "[webmail-tx] " .. dump(data)) + end + + http.fetch({ + url = url, + extra_headers = post_headers, + timeout = timeout, + post_data = minetest.write_json(data) + }, function(res) + -- TODO: error-handling + end) + end + + local receive = function(listener) + table.insert(recv_listeners, listener) + end + + local close = function() + run = false + end + + recv_loop(); + + return { + send = send, + receive = receive, + close = close + } + +end + + + +return Channel diff --git a/init.lua b/init.lua new file mode 100644 index 0000000..cbf5378 --- /dev/null +++ b/init.lua @@ -0,0 +1,26 @@ +local http = minetest.request_http_api() +mail = {} +local MP = minetest.get_modpath(minetest.get_current_modname()) +mail.webmail = {} +mail.webmail.disallow_banned_players = true +if http then + local webmail_url = "http://127.0.0.1:8080" + local webmail_key = "foo bar baz" -- not used in the mod but might get used in the future. + + if not webmail_url then error("webmail.url is not defined") end + if not webmail_key then error("webmail.key is not defined") end + + print("[mail] loading webmail-component with endpoint: " .. webmail_url) + dofile(MP .. "/webmail.lua") + mail.webmail_init(http, webmail_url, webmail_key) +end + + +minetest.register_on_prejoinplayer(function(name, ip) + if minetest.player_exists(name) then + return + end + if name:match("_") then + return "For security reasons, underscores are banned on this server. Please choose another username!" + end +end) diff --git a/webmail.lua b/webmail.lua new file mode 100644 index 0000000..5131adf --- /dev/null +++ b/webmail.lua @@ -0,0 +1,53 @@ +-- false per default +local has_xban2_mod = minetest.get_modpath("xban2") + +local MP = minetest.get_modpath(minetest.get_current_modname()) +local Channel = dofile(MP .. "/channel.lua") +local channel +-- auth request from webmail +local function auth_handler(auth) + local handler = minetest.get_auth_handler() + minetest.log("action", "[webmail] auth: " .. auth.name) + + local success = false + local banned = false + local message = "" + + if mail.webmail.disallow_banned_players and has_xban2_mod then + -- check xban db + local xbanentry = xban.find_entry(auth.name) + if xbanentry and xbanentry.banned then + banned = true + message = "Banned!" + end + end + + if not banned then + local entry = handler.get_auth(auth.name) + if entry and minetest.check_password_entry(auth.name, entry.password, auth.password) then + success = true + end + end + + channel.send({ + type = "auth", + data = { + name = auth.name, + success = success, + message = message + } + }) +end + + +function mail.webmail_init(http, url, key) + channel = Channel(http, url .. "/api/minetest/channel", { + extra_headers = { "webmailkey: " .. key } + }) + + channel.receive(function(data) + if data.type == "auth" then + auth_handler(data.data) + end + end) +end -- cgit v1.2.3