- included code samples for basic login filtering
- included a command-line database import script
This commit is contained in:
Leslie Krause 2018-07-02 16:53:00 -04:00
parent df42508ef6
commit 31875ec9e5
3 changed files with 149 additions and 2 deletions

View File

@ -8,11 +8,15 @@ and #6783 and #4451).
Auth Redux is intended to be compatible with all versions of Minetest 0.4.14+. Auth Redux is intended to be compatible with all versions of Minetest 0.4.14+.
https://forum.minetest.net/viewtopic.php?f=9&t=20393
Revision History Revision History
---------------------- ----------------------
Version 2.1b (28-Jun-2018) Version 2.1b (30-Jun-2018)
- initial beta version - initial beta version
- included code samples for basic login filtering
- included a command-line database import script
Installation Installation
---------------------- ----------------------
@ -20,7 +24,8 @@ Installation
1) Unzip the archive into the mods directory of your game 1) Unzip the archive into the mods directory of your game
2) Rename the auth_rx-master directory to "auth_rx" 2) Rename the auth_rx-master directory to "auth_rx"
3) Create an empty file named "auth.dbx" within the respective world directory 3) Create an empty file named "auth.dbx" within the respective world directory
4) Create an empty file named "greenlistmt" within the respective world directory 4) Create an empty file named "greenlist.mt" within the respective world directory
5) Execute the provided "convert.awk" script (refer to instructions)
Source Code License Source Code License
---------------------- ----------------------

64
convert.awk Executable file
View File

@ -0,0 +1,64 @@
#!/bin/awk -f
# Database Import Script for Auth Redux (by Leslie Krause)
#
# STEP 1: Run this script from within the world directory and redirect output to "auth.db"
# awk -f auth.txt > auth.db
# STEP 2: Rename 'auth.txt' to 'auth.bak' or move to a different location for safekeeping
function error( msg ) {
print( msg " at line " NR " in " FILENAME "." ) > "/dev/stderr"
}
BEGIN {
FS = ":";
# set default values for new database fields
approved_addrs = "";
oldlogin = -1;
lifetime = 0;
total_failures = 0;
total_attempts = 0;
total_sessions = 0;
# output the database header
# TODO: perhaps add? strftime( "%Y-%m-%d %H:%M:%S" )
print "auth_rx/2.1 @0"
}
NF != 4 {
error( "Malformed record" )
next
}
{
username = $1;
password = $2;
assigned_privs = $3;
newlogin = $4;
if( !match( username, "^[a-zA-Z0-9_-]+$" ) ) {
error( "Invalid username field" )
next
}
if( !match( newlogin, "^[0-9]+$" ) && newlogin != -1 ) {
error( "Invalid last_login field" )
next
}
# Database File Format
# --------------------
# username
# password
# oldlogin
# newlogin
# lifetime
# total_sessions
# total_attempts
# total_failures
# approved_addrs
# assigned_privs
print( username ":" password ":" oldlogin ":" newlogin ":" lifetime ":" total_sessions ":" total_attempts ":" total_failures ":" approved_addrs ":" assigned_privs );
}

78
samples.mt Normal file
View File

@ -0,0 +1,78 @@
#####################################################################
#
# disallow new players whenever server is overloaded
#
#####################################################################
try "There are too many players online right now."
fail all
if $is_new eq $true
if $cur_users gt 20
continue
#####################################################################
#
# only allow administrator access (by username or IP address)
#
#####################################################################
pass any
if $addr eq "172.16.100.1"
if $addr eq "172.16.100.2"
if $name eq "admin"
continue
#####################################################################
#
# block a range of IP addresses using wildcards
#
#####################################################################
try "This subnet is blocked by the administrator."
fail any
if $addr is "192.88.99.*"
if $addr is "203.0.113.*"
if $addr is "192.168.*.*"
continue
pass now
#####################################################################
#
# only allow access from whitelisted users
#
#####################################################################
try "The account '$name' is not permitted to join this server."
pass any
if $name eq "admin"
when @whitelist.txt eq $name
continue
fall now
#####################################################################
#
# never allow access from blacklisted users
#
#####################################################################
try "The account '$name' is not permitted to join this server."
fail all
when @blacklist.txt eq $name
continue
pass now
#####################################################################
#
# notify users that the server is unavailable right now
#
#####################################################################
try "The server is temporarily offline for maintenance."
fail now