Switched to SharpChat authentication instead of hooking into the Misuzu database.

2022-07-06 17:11:49 +00:00 · 2022-07-06 17:11:49 +00:00 · 088531a620
parent 0005813d4b
commit 088531a620
3 changed files with 41 additions and 73 deletions
--- a/config.example.ini
+++ b/config.example.ini
@ -1,8 +1,3 @@
-[PDO]
-dsn = https://www.php.net/manual/en/ref.pdo-mysql.connection.php
-username = mariadb username
-password = mariadb password
-
 [Database]
 dsn = "mariadb://user:password@:unix:/eeprom?socket=/var/run/mysqld/mysqld.sock&charset=utf8mb4&init=SET SESSION time_zone = '+00:00', sql_mode = 'STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION'"

@ -12,7 +7,8 @@ clients[] = \EEPROM\Auth\MisuzuAuth
 clients[] = \EEPROM\Auth\SockChatAuth

 [Misuzu]
-config = /path/to/misuzu/config.ini
+secret = woomy
+endpoint = https://flashii.net/_sockchat/verify

 [Nabucco]
 secret = secret key
--- a/src/Auth/MisuzuAuth.php
+++ b/src/Auth/MisuzuAuth.php
@ -2,65 +2,57 @@
 namespace EEPROM\Auth;

 use EEPROM\Config;
-use EEPROM\DB;
-use PDO;
-use PDOException;
 use Index\Serialisation\Serialiser;

 class MisuzuAuth implements AuthInterface {
-    private static $database = null;
+    private $endPoint = '';
+    private $secretKey = '';

-    public function getDatabase(): PDO {
-        if(self::$database !== null)
-            return self::$database;
-
-        $configPath = Config::get('Misuzu', 'config', '');
-
-        if(!is_file($configPath))
-            throw new \Exception('Cannot find Misuzu configuration.');
-
-        $config = parse_ini_file($configPath, true)['Database'];
-        $dsn = ($config['driver'] ?? 'mysql') . ':';
-
-        foreach($config as $key => $value) {
-            if($key === 'driver' || $key === 'username' || $key === 'password')
-                continue;
-            if($key === 'database')
-                $key = 'dbname';
-
-            $dsn .= $key . '=' . $value . ';';
-        }
-
-        try {
-            self::$database = new PDO($dsn, $config['username'], $config['password'], DB::FLAGS);
-        } catch(PDOException $ex) {
-            throw new \Exception('Unable to connect to Misuzu database.');
-        }
-
-        return self::$database;
+    public function __construct() {
+        $this->endPoint = Config::get('Misuzu', 'endpoint', '');
+        $this->secretKey = Config::get('Misuzu', 'secret', '');
    }

    public function getName(): string { return 'Misuzu'; }

    public function verifyToken(string $token): int {
-        $packed = Serialiser::uriBase64()->deserialise($token, true);
-        $packed = str_pad($packed, 37, "\x00");
+        $packed = str_pad(Serialiser::uriBase64()->deserialise($token, true), 37, "\x00");
        $unpacked = unpack('Cversion/Nuser/H64token', $packed);

-        if($unpacked['version'] !== 1)
-            return -1;
+        if(isset($unpacked['version']) && $unpacked['version'] === 1
+            && isset($unpacked['user']) && $unpacked['user'] > 0) {
+            $loginRequest = [
+                'user_id' => $unpacked['user'],
+                'token' => 'SESS:' . $token,
+                'ip' => $_SERVER['REMOTE_ADDR'],
+            ];
+            $loginSignature = hash_hmac('sha256', implode('#', $loginRequest), $this->secretKey);
+            $login = curl_init($this->endPoint);
+            curl_setopt_array($login, [
+                CURLOPT_AUTOREFERER => false,
+                CURLOPT_FAILONERROR => false,
+                CURLOPT_FOLLOWLOCATION => true,
+                CURLOPT_HEADER => false,
+                CURLOPT_POST => true,
+                CURLOPT_POSTFIELDS => json_encode($loginRequest),
+                CURLOPT_RETURNTRANSFER => true,
+                CURLOPT_TCP_FASTOPEN => true,
+                CURLOPT_CONNECTTIMEOUT => 2,
+                CURLOPT_MAXREDIRS => 2,
+                CURLOPT_PROTOCOLS => CURLPROTO_HTTPS,
+                CURLOPT_TIMEOUT => 5,
+                CURLOPT_USERAGENT => 'mc.flashii.net',
+                CURLOPT_HTTPHEADER => [
+                    'Content-Type: application/json',
+                    'X-SharpChat-Signature: ' . $loginSignature,
+                ],
+            ]);
+            $userInfo = json_decode(curl_exec($login));
+            curl_close($login);

-        $getUserId = $this->getDatabase()->prepare('
-            SELECT `user_id`
-            FROM `msz_sessions`
-            WHERE `user_id` = :user
-            AND `session_key` = :token
-            AND `session_expires` > NOW()
-        ');
-        $getUserId->bindValue('user', $unpacked['user']);
-        $getUserId->bindValue('token', $unpacked['token']);
-        $getUserId->execute();
+            return $userInfo->user_id;
+        }

-        return (int)$getUserId->fetchColumn();
+        return 0;
    }
 }
--- a/src/DB.php
+++ b/src/DB.php
@ -1,20 +0,0 @@
-<?php
-namespace EEPROM;
-
-use PDO;
-
-final class DB {
-    public const FLAGS = [
-        PDO::ATTR_CASE => PDO::CASE_NATURAL,
-        PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
-        PDO::ATTR_ORACLE_NULLS => PDO::NULL_NATURAL,
-        PDO::ATTR_STRINGIFY_FETCHES => false,
-        PDO::ATTR_EMULATE_PREPARES => false,
-        PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
-        PDO::MYSQL_ATTR_INIT_COMMAND => "
-            SET SESSION
-                sql_mode = 'STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION',
-                time_zone = '+00:00';
-        ",
-    ];
-}