diff options
| author | MinusGix <minusgix@gmail.com> | 2018-09-30 21:41:28 +0200 |
|---|---|---|
| committer | MinusGix <minusgix@gmail.com> | 2018-09-30 21:41:28 +0200 |
| commit | e7724e24fd97015b58c89d23c4478a01b6851c9f (patch) | |
| tree | ca9ebbee3dff1c271695412b3e800d8f25b49b10 /server | |
| parent | Made Admin password saved as a trip. (diff) | |
| download | hackchat-e7724e24fd97015b58c89d23c4478a01b6851c9f.tar.gz hackchat-e7724e24fd97015b58c89d23c4478a01b6851c9f.zip | |
Made admin pass stored as trip and handled by trip. Admin can now be an admin as long as they use the same password
Diffstat (limited to 'server')
| -rw-r--r-- | server/src/commands/core/join.js | 13 | ||||
| -rw-r--r-- | server/src/managers/config.js | 15 |
2 files changed, 17 insertions, 11 deletions
diff --git a/server/src/commands/core/join.js b/server/src/commands/core/join.js index 31bc3c1..21badaf 100644 --- a/server/src/commands/core/join.js +++ b/server/src/commands/core/join.js @@ -32,13 +32,12 @@ exports.parseNickname = (core, data) => { } let password = nickArray[1]; - if (userInfo.nick.toLowerCase() == core.config.adminName.toLowerCase()) { - if (password !== core.config.adminPass) { - return 'You are not the admin, liar!'; - } else { - userInfo.uType = 'admin'; - userInfo.trip = 'Admin'; - } + + if (hash(password + core.config.tripSalt) === core.config.adminTrip) { + userInfo.uType = 'admin'; + userInfo.trip = 'Admin'; + } else if (userInfo.nick.toLowerCase() == core.config.adminName.toLowerCase()) { // they've got the main-admin name while not being an admin + return 'You are not the admin, liar!'; } else if (password) { userInfo.trip = hash(password + core.config.tripSalt); } diff --git a/server/src/managers/config.js b/server/src/managers/config.js index 26d4ba2..97961ce 100644 --- a/server/src/managers/config.js +++ b/server/src/managers/config.js @@ -50,6 +50,8 @@ class ConfigManager { * @param {Object} optionalConfigs optional (non-core) module config */ getQuestions (currentConfig, optionalConfigs) { + let salt = null; // this is so it can be accessed from adminTrip. + // core server setup questions const questions = { properties: { @@ -59,6 +61,10 @@ class ConfigManager { default: currentConfig.tripSalt, hidden: true, replace: '*', + before: value => { + salt = value; + return salt; + } }, adminName: { pattern: /^"?[a-zA-Z0-9_]+"?$/, @@ -68,13 +74,14 @@ class ConfigManager { default: currentConfig.adminName, before: value => value.replace(/"/g, '') }, - adminPass: { + adminTrip: { type: 'string', - required: !currentConfig.adminPass, - default: currentConfig.adminPass, + required: !currentConfig.adminTrip, + default: currentConfig.adminTrip, hidden: true, replace: '*', - before: value => hash(value) + description: 'adminPass', + before: value => hash(value + salt) }, websocketPort: { type: 'number', |