diff --git a/TShockAPI/Commands.cs b/TShockAPI/Commands.cs index 882c0b12..8db9e3d9 100755 --- a/TShockAPI/Commands.cs +++ b/TShockAPI/Commands.cs @@ -156,8 +156,9 @@ namespace TShockAPI ChatCommands.Add(new Command(PartyChat, "p")); ChatCommands.Add(new Command(Rules, "rules")); ChatCommands.Add(new Command("logs", DisplayLogs, "displaylogs")); - ChatCommands.Add(new Command("manageusers", ManageUsers, "user") { DoLog = false }); - ChatCommands.Add(new Command("manageusers", GrabUserIP, "ip")); + ChatCommands.Add(new Command("root-only", ManageUsers, "user") { DoLog = false }); + ChatCommands.Add(new Command("root-only", GrabUserIP, "ip")); + ChatCommands.Add(new Command("root-only", AuthVerify, "auth-verify")); ChatCommands.Add(new Command(AttemptLogin, "login") { DoLog = false }); ChatCommands.Add(new Command("cfg", Broadcast, "broadcast", "bc")); ChatCommands.Add(new Command("whisper", Whisper, "whisper", "w", "tell")); @@ -309,6 +310,7 @@ namespace TShockAPI { args.Player.Group = Tools.GetGroup(exr[1]); args.Player.UserName = args.Parameters[0]; + args.Player.IsLoggedIn = true; args.Player.SendMessage("Authenticated as " + args.Parameters[0] + " successfully.", Color.LimeGreen); return; } @@ -1502,12 +1504,51 @@ namespace TShockAPI return; } int givenCode = Convert.ToInt32(args.Parameters[0]); - if (givenCode == TShock.AuthToken) + if (givenCode == TShock.AuthToken && args.Player.Group.Name != "superadmin") { TShock.Users.AddUser(args.Player.IP,"","","superadmin"); - args.Player.SendMessage("SuperAdmin authenticated. Please re-connect using the same IP."); - TShock.AuthToken = 0; + args.Player.SendMessage("This IP address is now superadmin. Please perform the following command:"); + args.Player.SendMessage("/user add : superadmin"); + args.Player.SendMessage("This will create the username with the password as part of the superadmin group."); + args.Player.SendMessage("Please use /login to login from now on."); + args.Player.SendMessage("If you understand, please /login now, and type /auth-verify"); + return; } + + if (args.Player.Group.Name == "superadmin") + { + args.Player.SendMessage("Please disable the auth system! If you need help, consult the forums. http://tshock.co/"); + args.Player.SendMessage("This IP address is now superadmin. Please perform the following command:"); + args.Player.SendMessage("/user add : superadmin"); + args.Player.SendMessage("This will create the username with the password as part of the superadmin group."); + args.Player.SendMessage("Please use /login to login from now on."); + args.Player.SendMessage("If you understand, please /login now, and type /auth-verify"); + return; + } + } + + private static void AuthVerify(CommandArgs args) + { + if (TShock.AuthToken == 0) + { + args.Player.SendMessage("It appears that you have already turned off the auth token."); + args.Player.SendMessage("If this is a mistake, delete auth.lck."); + return; + } + + if (!args.Player.IsLoggedIn) + { + args.Player.SendMessage("You must be logged in to disable the auth system."); + args.Player.SendMessage("This is a security measure designed to prevent insecure administration setups."); + args.Player.SendMessage("Please re-run /auth and read the instructions!"); + args.Player.SendMessage("If you're still confused, consult the forums. http://tshock.co/"); + } + + args.Player.SendMessage("Your new account has been verified, and the /auth system has been turned off."); + args.Player.SendMessage("You can always use the /user command to manage players. Do not just delete the auth.lck file."); + args.Player.SendMessage("Thankyou for using TShock! http://tshock.co/ & http://github.com/TShock/TShock"); + FileTools.CreateFile(TShock.SavePath + "auth.lck"); + TShock.AuthToken = 0; } private static void ThirdPerson(CommandArgs args) diff --git a/TShockAPI/TSPlayer.cs b/TShockAPI/TSPlayer.cs index 2ae9708f..3ce1410c 100644 --- a/TShockAPI/TSPlayer.cs +++ b/TShockAPI/TSPlayer.cs @@ -48,6 +48,7 @@ namespace TShockAPI public Vector2 TeleportCoords = new Vector2(-1, -1); public string UserName { get; set; } public bool HasBeenSpammedWithBuildMessage = false; + public bool IsLoggedIn = false; Player FakePlayer = null; public bool RealPlayer diff --git a/TShockAPI/TShock.cs b/TShockAPI/TShock.cs index c8cc220a..58187a9c 100755 --- a/TShockAPI/TShock.cs +++ b/TShockAPI/TShock.cs @@ -17,7 +17,6 @@ along with this program. If not, see . */ /* TShock wouldn't be possible without: * Github - * Dreamspark * Microsoft Visual Studio 2010 * HostPenda * And you, for your continued support and devotion to the evolution of TShock @@ -255,9 +254,11 @@ namespace TShockAPI AuthToken = r.Next(100000, 10000000); Console.ForegroundColor = ConsoleColor.Yellow; Console.WriteLine("TShock Notice: To become SuperAdmin, join the game and type /auth " + AuthToken); - Console.WriteLine("This token will only display ONCE. This only works ONCE. If you don't use it and the server goes down, delete auth.lck."); + Console.WriteLine("This token will display until disabled by verification."); Console.ForegroundColor = ConsoleColor.Gray; - FileTools.CreateFile(Path.Combine(SavePath, "auth.lck")); + } else + { + AuthToken = 0; } } diff --git a/release-docs/changes.txt b/release-docs/changes.txt index 9cbd3390..de1efb7b 100644 --- a/release-docs/changes.txt +++ b/release-docs/changes.txt @@ -24,6 +24,7 @@ Changes in API release 4: - User names and passwords are now accepted. Passwords are hashed with SHA512 - Added MaximumLoginAttempts to configuration - Added /tphere * and /tphere all + - Added /auth-verify to verify and turn off the auth code system. Changes in API release 2.0.0.0: - Added update checker.