from helpers import * from passlib.hash import pbkdf2_sha256 as crypt from basecommands import simplecommand import time import threading from login_secrets import * #Don't forget to make login_secrets aswell import mysqlhack from com.ziclix.python.sql import zxJDBC from java.lang import Runnable wait_time = 30 #seconds admin_perm = "utils.loginsecurity.admin" min_pass_length = 8 blocked_events = ["block.BlockBreakEvent", "block.BlockPlaceEvent", "player.PlayerMoveEvent","player.AsyncPlayerChatEvent"] logging_in = {} def matches(password,user): thread = threading.Thread(target=matches_thread, args = (password,user)) thread.start() def matches_thread(password, user): hashed = get_pass(uid(user)) if crypt.verify(password, hashed): if user.getName() in logging_in: del logging_in[user.getName()] msg(user, "&aLogged in successfully!") else: if user.getName() in logging_in: msg(user, "&cInvalid password") @simplecommand("cgpass", usage = " ", description = "Changes your password", senderLimit = 0, helpNoargs = True) def change_pass_command(sender, command, label, args): if sender.getName() in logging_in: return "&cYou are not logged in" if not len(args) == 2: return "&cInvalid arguments" password = args[0] new_password = args[1] uuid = uid(sender) if is_registered(uuid): change_pass(uuid, crypt.encrypt(new_password, rounds=200000, salt_size=16)) return "&aPassword changed" return "&cYou are not registered" @simplecommand("login", usage = "", description = "Logs you in if matches your password.", senderLimit = 0, helpNoargs = True) def login_command(sender, command, label, args): password = args[0] matches(password, sender) @simplecommand("register", usage = "", description = "Registers you with . Next time you join, log in with /login", senderLimit = 0, helpNoargs = True) def register_command(sender, command, label, args): if len(args) > 1: return "&cPassword can only be one word!" uuid = uid(sender) if is_registered(uuid): return "&cYou are already registered!" password = args[0] if len(password) < min_pass_length: return "&cThe password has to be made up of at least %s characters!" % min_pass_length create_pass(uuid, password) return "&cPassword set. Use /login upon join." @simplecommand("rmpass", description = "Removes your password if the password matches", senderLimit = 0, amax = 0, helpNoargs = False) def rmpass_command(sender, command, label, args): if sender.getName() in logging_in: return "&cYou are not logged in" if not is_registered(uid(sender)): return "&cYou are not registered!" if not sender.getName() in logging_in: delete_pass(uid(sender)) return "&aPassword removed successfully. You will not be prompted anymore." return "&cFailed to remove password, please contact a staff member" @simplecommand("rmotherpass", aliases = ["lacrmpass"], usage = "", description = "Removes password of and sends them a notification", helpNoargs = True) def rmotherpass_command(sender, command, label, args): if sender.getName() in logging_in: return "&cYou are not logged in" if not sender.hasPermission(admin_perm): noperm(sender) return user = server.getOfflinePlayer(args[0]) if is_registered(uid(user)): delete_pass(uid(user)) runas(server.getConsoleSender(), colorify("mail send %s &cYour password was reset by a staff member. Use &6/register&c to set a new one." % user.getName())) return "&aPassword of %s reset successfully" % user.getName() return "&cThat player could not be found (or is not registered)" def change_pass(uuid, pw): conn = zxJDBC.connect(mysql_database, mysql_user, mysql_pass, "com.mysql.jdbc.Driver") curs = conn.cursor() curs.execute("UPDATE secret SET pass = ? WHERE uuid = ?", (pw,uuid,)) conn.commit() curs.close() conn.close() def get_pass(uuid): conn = zxJDBC.connect(mysql_database, mysql_user, mysql_pass, "com.mysql.jdbc.Driver") curs = conn.cursor() curs.execute("SELECT pass FROM secret WHERE uuid = ?", (uuid,)) results = curs.fetchall() curs.close() conn.close() return results[0][0] def create_pass(uuid,pw): thread = threading.Thread(target=create_pass_thread, args=(uuid,pw)) thread.start() def create_pass_thread(uuid, pw): pw = crypt.encrypt(pw, rounds=200000, salt_size=16) conn = zxJDBC.connect(mysql_database, mysql_user, mysql_pass, "com.mysql.jdbc.Driver") curs = conn.cursor() curs.execute("INSERT INTO secret VALUES (?,?)", (uuid,pw,)) conn.commit() curs.close() conn.close() def is_registered(uuid): conn = zxJDBC.connect(mysql_database, mysql_user, mysql_pass, "com.mysql.jdbc.Driver") curs = conn.cursor() curs.execute("SELECT EXISTS(SELECT * FROM secret WHERE uuid = ?)", (uuid,)) results = curs.fetchall() curs.close() conn.close() if results[0][0] == 1: return True return False def delete_pass(uuid): conn = zxJDBC.connect(mysql_database, mysql_user, mysql_pass, "com.mysql.jdbc.Driver") curs = conn.cursor() curs.execute("DELETE FROM secret WHERE uuid = ?", (uuid,)) conn.commit() curs.close() conn.close() @hook.event("player.PlayerJoinEvent", "high") def on_join(event): user = event.getPlayer() if is_registered(uid(user)): msg(event.getPlayer(), "&6You will be disconnected after 60 seconds if you don't &alogin") msg(user, "&cUse /login ") logging_in[user.getName()] = time.time() @hook.event("player.PlayerQuitEvent", "high") def on_quit(event): if event.getPlayer().getName() in logging_in: del logging_in[event.getPlayer().getName()] ##Threading start class kick_class(Runnable): def __init__(self, player): self.player = player def run(self): if self.player.isOnline(): self.player.kickPlayer(colorify("&aLogin timed out")) def kick_thread(): while True: time.sleep(1) now = time.time() for name, jointime in logging_in.iteritems(): if now - jointime > wait_time: player = server.getPlayer(name) kick = kick_class(player) server.getScheduler().runTask(server.getPluginManager().getPlugin("RedstonerUtils"), kick) if name in logging_in: del logging_in[name] break thread = threading.Thread(target = kick_thread) thread.daemon = True thread.start() ##Threading end for blocked_event in blocked_events: @hook.event(blocked_event, "high") def on_blocked_event(event): user = event.getPlayer() if user.getName() in logging_in: event.setCancelled(True)