themaster1970sf/TShock
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Merge branch 'h/warn-logins' into general-devel

Browse source
This commit is contained in:
Lucas Nicodemus 2021-05-28 19:49:37 -07:00
commit 58d7e26960
2 changed files with 36 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

35
TShockAPI/TShock.cs
View file

@ -824,10 +824,45 @@ namespace TShockAPI
if (!string.IsNullOrEmpty(Netplay.ServerPassword))
{
//CLI defined password overrides a config password
if (!string.IsNullOrEmpty(Config.Settings.ServerPassword))
{
Log.ConsoleError("!!! The server password in config.json was overridden by the interactive prompt and will be ignored.");
}
if (!Config.Settings.DisableUUIDLogin)
{
Log.ConsoleError("!!! UUID login is enabled. If a user's UUID matches an account, the server password will be bypassed.");
Log.ConsoleError("!!! > Set DisableUUIDLogin to true in the config file and /reload if this is a problem.");
}
if (!Config.Settings.DisableLoginBeforeJoin)
{
Log.ConsoleError("!!! Login before join is enabled. Existing accounts can login & the server password will be bypassed.");
Log.ConsoleError("!!! > Set DisableLoginBeforeJoin to true in the config file and /reload if this is a problem.");
}
_cliPassword = Netplay.ServerPassword;
Netplay.ServerPassword = "";
Config.Settings.ServerPassword = _cliPassword;
}
else
{
if (!string.IsNullOrEmpty(Config.Settings.ServerPassword))
{
Log.ConsoleInfo("A password for this server was set in config.json and is being used.");
}
}
if (!Config.Settings.DisableLoginBeforeJoin)
{
Log.ConsoleInfo("Login before join enabled. Users may be prompted for an account specific password instead of a server password on connect.");
}
if (!Config.Settings.DisableUUIDLogin)
{
Log.ConsoleInfo("Login using UUID enabled. Users automatically login via UUID.");
Log.ConsoleInfo("A malicious server can easily steal a user's UUID. You may consider turning this option off if you run a public server.");
}
// Disable the auth system if "setup.lock" is present or a user account already exists
if (File.Exists(Path.Combine(SavePath, "setup.lock")) || (UserAccounts.GetUserAccounts().Count() > 0))