first commit

Anton Pirogov · Anton Pirogov · commit 62c257f33ec4 · 2011-04-29T15:32:50.000+02:00
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,2 @@
+passwords.txt
+.rvmrc
diff --git a/README b/README
@@ -0,0 +1,45 @@
+MCMyAuth - Custom Minecraft User Authentication
+Copyright (C) 2011 Anton Pirogov
+Licensed under the GPL version 3
+
+----
+Why MCMyAuth?
+
+It is lightweight, easy to set up (on unix machines)
+and provides an alternative login system independent
+from www.minecraft.net for your personal server.
+MCMyAuth only requires to add an entry to your hosts file
+and needs no server side modding.
+
+----
+Why NOT MCMyAuth?
+
+This program handles just the basics and provides password
+secured login for your users. You can not set skins or cloaks
+and there is no password recovery system (admin can only delete
+user from the file to let him register again)
+
+Also, MCMyAuth depends on the usage of a modded Minecraft Launcher,
+which allows to decide which authentication server to connect to
+(that means, with that launcher a player can connect to any
+MCMyAuth server with a provided address).
+
+----
+Requirements: sinatra gem
+
+----
+Usage:
+1. redirect www.minecraft.net to the server running this app in your hosts file.
+   This is neccessary for the server to use this app instead of the official
+   site without modding the minecraft_server.jar.
+
+2. start the app with start.sh (before you might want to change some settings in config.rb)
+
+3. run your server with online-mode=true
+
+Now all authentication should run over your own authentication server (this app).
+Your players can now login over the MCMyAuth launcher.
+
+You can open localhost/users in your webbrowser to register accounts.
+(If you have not modified the URL)
+
diff --git a/config.rb b/config.rb
@@ -0,0 +1,14 @@
+#MCMyAuth configuration settings
+
+#relative URL of the main page of MCMyAuth
+$mainpage = '/users'
+
+#name of your game server / clan / whatever
+$servername = 'New Server'
+
+#address of your game server (which you connect to for SMP)
+$serveraddress = 'localhost'
+
+#contact information of server admin (forgotten passwords etc)
+$admincontact = 'E-Mail: admin@server.com'
+
diff --git a/main.rb b/main.rb
@@ -0,0 +1,144 @@
+#!/usr/bin/env ruby
+#MCMyAuth - Custom Minecraft User Authentication
+#Copyright (C) 2011 Anton Pirogov
+#Licensed under the GPL version 3
+require 'rubygems'
+require 'sinatra'
+require 'erb'
+require 'digest/md5'
+
+require './config' if File.exists?('./config.rb')
+
+#set defaults if not present in config
+$mainpage ||= '/users'
+$servername ||= '<$servername not set>'
+$serveraddress ||= '<$serveraddress not set>'
+$admincontact ||= '<$admincontact not set>'
+
+
+$mcma_version = 1             #MCMyAuth program version
+$current_launcher_version = 1
+$pwpath = 'passwords.txt'     #File where password md5s are stored
+
+$userpws = Hash.new
+$sessions = Hash.new
+$serverids = Hash.new
+
+def md5(str)
+  Digest::MD5.hexdigest str
+end
+
+def load_users
+  userhashs = Hash.new
+
+  return Hash.new if File.exists?($pwpath)==false
+  lines = File.open($pwpath,'r').readlines.map{|l| l.chomp}
+  lines.each{|l| userhashs[l.split('=')[0]] = l.split('=')[1] }
+
+  $userpws = userhashs
+end
+
+def save_users
+  File.rename($pwpath, $pwpath+'.bak') if File.exists?($pwpath)
+
+  f = File.open($pwpath,'w')
+  $userpws.each do |k,v|
+    f.puts k+"="+v
+  end
+  f.close
+
+  File.delete($pwpath+'.bak') if File.exists?($pwpath+'.bak')
+
+  return true
+end
+
+#render a message using erb and providing a back link
+def msg(str)
+  erb str + '<br /><a href="'+$mainpage+'">back</a>'
+end
+
+# Following is called from the website
+
+get $mainpage do
+  erb :index
+end
+
+post $mainpage+'/register' do
+  name = params[:name]
+  pwd = params[:pwd]
+  return msg 'You have to set a nickname!' if name==''
+  return msg 'User already exists!' if $userpws[name] != nil
+  return msg 'You have to set a password!' if pwd==''
+
+  $userpws[name] = md5 pwd
+  save_users
+
+  msg 'User successfully registered!<br /><br />You can login using the MCMyAuth launcher with Server=<b>'+$serveraddress+'</b> and your new account!'
+end
+
+post $mainpage+'/changepw' do
+  name = params[:name]
+  pwd = params[:pwd]
+  return msg 'Wrong nickname or password!' if $userpws[name].nil? || md5(pwd) != $userpws[name]
+
+  $userpws[name] = md5 params[:newpwd]
+  save_users
+
+  msg 'Password changed!'
+end
+
+post $mainpage+'/unregister' do
+  name = params[:name]
+  pwd = params[:pwd]
+  return msg 'Wrong nickname or password!' if $userpws[name].nil? || md5(pwd) != $userpws[name]
+
+  $userpws.delete(name)
+  save_users
+
+  msg 'Account deleted!'
+end
+
+
+# Called by client
+get '/game/joinserver.jsp' do
+  name = params[:user]
+  serverid = params[:serverId].to_s
+  return 'User not registered!' if $userpws[name].nil?
+  return 'User not authenticated!' if $sessions[name] != params[:sessionId]
+
+  #if hash passed -> name verification
+  if serverid != ""
+    $serverids[name] = serverid
+  end
+
+  'ok'
+end
+
+# Called by server
+get '/game/checkserver.jsp' do
+  name = params[:user]
+  serverid = params[:serverId]
+  return 'Failed to verify username!' if $userpws[name].nil? || serverid != $serverids[name]
+
+  'YES'
+end
+
+# Called by the launcher
+post '/login' do
+  name = params[:user]
+  pwd = params[:password]
+  version = params[:version]
+  return 'Wrong nickname or password!' if $userpws[name].nil? || md5(pwd) != $userpws[name]
+  return 'Outdated launcher!' if version.to_i < $current_launcher_version
+
+  #generate new session id
+  sid = ''
+  16.times{ sid += rand(16).to_s(16) }
+  $sessions[name] = sid
+
+  #return nick + sessionid
+  return params[:user]+':'+sid
+end
+
+#Init user hash
+load_users
diff --git a/start.sh b/start.sh
@@ -0,0 +1 @@
+rvmsudo ruby main.rb -p80
diff --git a/views/index.erb b/views/index.erb
@@ -0,0 +1,39 @@
+<h2>Welcome to the user management of <%= $servername %></h2>
+
+<div class="box">
+  <form method="post" action="<%=$mainpage%>/register">
+    <p style="font-weight: bold;">Create account</p>
+    <label for="name">Nickname:</label><input type="text" name="name" maxlength="20" />
+    <br />
+    <label for="pwd">Password:</label><input type="password" name="pwd" maxlength="20" />
+    <label>&nbsp;</label><input type="submit" value="Register" />
+  </form>
+</div>
+
+<div class="box">
+  <form method="post" action="<%=$mainpage%>/changepw">
+    <p style="font-weight: bold;">Change password</p>
+    <label for="name">Nickname:</label><input type="text" name="name" maxlength="20" />
+    <br />
+    <label for="pwd">Old password:</label><input type="password" name="pwd" maxlength="20" />
+    <label for="newpwd">New password:</label><input type="password" name="newpwd" maxlength="20" />
+    <label>&nbsp;</label><input type="submit" value="Change password" />
+  </form>
+</div>
+
+<div class="box">
+  <form method="post" action="<%=$mainpage%>/unregister">
+    <p style="font-weight: bold;">Delete account</p>
+    <label for="name">Nickname:</label><input type="text" name="name" maxlength="20" />
+    <br />
+    <label for="pwd">Password:</label><input type="password" name="pwd" maxlength="20" />
+    <label>&nbsp;</label><input type="submit" value="Unregister" />
+  </form>
+</div>
+
+<br /><br />
+Forgot your password? Contact the administrator:<br/>
+<div class="box">
+  <%= $admincontact %>
+</div>
+
diff --git a/views/layout.erb b/views/layout.erb
@@ -0,0 +1,42 @@
+<html>
+    <head>
+        <title><%= $servername %></title>
+        <style type="text/css">
+            body {
+                font-family: sans-serif;
+            }
+
+            .box {
+              border: 3px dashed gray;
+              margin: 5px;
+              padding: 5px;
+              width: 30%;
+            }
+            .box form {
+              padding: 0px;
+              margin: 0px;
+            }
+            .box p {
+              padding: 0px;
+              margin: 0px;
+              margin-bottom: 10px;
+            }
+            .box label {
+              float: left;
+              width: 40%;
+            }
+
+            #bottom {
+                float: right;
+                color: gray;
+                font-size: 10px;
+            }
+        </style>
+    </head>
+    <body>
+       <%= yield %>
+       <span id="bottom">
+           Powered by MCMyAuth v<%=$mcma_version%>
+        </span>
+    </body>
+</html>
