Various changes to support authname being stored inside the authext.

[irc/quakenet/newserv.git] / chanserv / authcmds / login.c

diff --git a/chanserv/authcmds/login.c b/chanserv/authcmds/login.c
index 5a8d1b579cfb9d587d4c8bb8fd9464c56a213047..9599de10732400e62cd812a8912b2938cb69486b 100644 (file)
--- a/chanserv/authcmds/login.c
+++ b/chanserv/authcmds/login.c
@@ -2,11 +2,19 @@
  *
  *
  * CMDNAME: login
- * CMDLEVEL: QCMD_SECURE | QCMD_NOTAUTHED
+ * CMDLEVEL: QCMD_SECURE | QCMD_NOTAUTHED | QCMD_ALIAS
  * CMDARGS: 2
  * CMDDESC: Authenticates you on the bot.
  * CMDFUNC: csa_doauth
  * CMDPROTO: int csa_doauth(void *source, int cargc, char **cargv);
+ * CMDHELP: Usage: LOGIN <username> <password>
+ * CMDHELP: Authenticates you on the bot, where:
+ * CMDHELP: username - your username
+ * CMDHELP: password - your password
+ * CMDHELP: If you do not have a username and password, see HELLO.
+ * CMDHELP: Note: due to the sensitive nature of this command, you must send the message
+ * CMDHELP: to Q@CServe.quakenet.org when using it.
+ * CMDHELP: Note: the preferred way to authenticate is to use the /AUTH command.
  */
 
 #include "../chanserv.h"
@@ -18,11 +26,13 @@
 int csa_auth(void *source, int cargc, char **cargv, CRAlgorithm alg) {
   reguser *rup;
   activeuser *aup;
-  nick *sender=source;
+  nick *sender=source, *onp;
   char userhost[USERLEN+HOSTLEN+2];
   int challenge=0;
   char *authtype = "AUTH";
   authname *anp;
+  int toomanyauths=0;
+  time_t now;
 
   if (alg) {
     challenge=1;
@@ -39,7 +49,7 @@ int csa_auth(void *source, int cargc, char **cargv, CRAlgorithm alg) {
   if (aup->authattempts > MAXAUTHATTEMPT) {
     if ((aup->authattempts % 100) == 0)
       chanservwallmessage("Warning: User %s!%s@%s attempted to auth %d times. Last attempt: %s %s %s",
-        sender->nick, sender->ident, sender->host->name->content, authtype, cargv[0], cargv[1]);
+        sender->nick, sender->ident, sender->host->name->content, aup->authattempts, authtype, cargv[0], cargv[1]);
     chanservstdmessage(sender, QM_AUTHFAIL);
     cs_log(sender,"%s FAIL too many auth attempts (last attempt: %s %s %s)", authtype, authtype, cargv[0], cargv[1]); 
     return CMD_ERROR;
@@ -65,7 +75,39 @@ int csa_auth(void *source, int cargc, char **cargv, CRAlgorithm alg) {
     }
   }
 
-  rup->lastauth=time(NULL);
+  /* This should never fail but do something other than crashing if it does. */
+  if (!(anp=findauthname(rup->ID))) {
+    chanservstdmessage(sender, QM_AUTHFAIL);
+    return CMD_ERROR;
+  }
+
+  /* Check for too many auths.  Don't return immediately, since we will still warn
+   * other users on the acct in this case. */
+  if (!UHasHelperPriv(rup) && !UIsNoAuthLimit(rup)) {
+    if (anp->usercount >= MAXAUTHCOUNT) {
+      chanservstdmessage(sender, QM_TOOMANYAUTHS);
+      toomanyauths=1;
+    }
+  }
+  
+  for (onp=anp->nicks;onp;onp=onp->nextbyauthname) {
+    if (toomanyauths) {
+      chanservstdmessage(onp, QM_OTHERUSERAUTHEDLIMIT, sender->nick, sender->ident, sender->host->name->content, MAXAUTHCOUNT);
+    } else {
+      chanservstdmessage(onp, QM_OTHERUSERAUTHED, sender->nick, sender->ident, sender->host->name->content);
+    }
+  }
+  
+  if (toomanyauths)
+    return CMD_ERROR;
+
+  /* Guarantee a unique auth timestamp for each account */
+  now=time(NULL);
+  if (rup->lastauth < now) 
+    rup->lastauth=now;
+  else
+    rup->lastauth++;
+
   sprintf(userhost,"%s@%s",sender->ident,sender->host->name->content);
   if (rup->lastuserhost)
     freesstring(rup->lastuserhost);
@@ -80,46 +122,24 @@ int csa_auth(void *source, int cargc, char **cargv, CRAlgorithm alg) {
     rup->suspendreason=0;
   }
   
-  if (UIsNeedAuth(rup))
-    rup->flags&=~(QUFLAG_NEEDAUTH);
   csdb_updateuser(rup);
   
-  if (UIsDelayedGline(rup)) {
-    /* delayed-gline - schedule the user's squelching */
-    deleteschedule(NULL, &chanservdgline, (void*)rup); /* icky, but necessary unless we stick more stuff in reguser structure */
-    scheduleoneshot(time(NULL)+rand()%900, &chanservdgline, (void*)rup);
-  } else if (UIsGline(rup)) {
-    /* instant-gline - lets be lazy and set a schedule expiring now :) */
-    deleteschedule(NULL, &chanservdgline, (void*)rup); /* icky, but necessary unless we stick more stuff in reguser structure */
-    scheduleoneshot(time(NULL), &chanservdgline, (void*)rup);
-  } else if (UIsSuspended(rup)) {
+  if (UIsSuspended(rup)) {
     /* plain suspend */
     chanservstdmessage(sender, QM_AUTHSUSPENDED);
     if(rup->suspendreason)
       chanservstdmessage(sender, QM_REASON, rup->suspendreason->content);
-    if (rup->suspendexp) {
-      struct tm* tmp;
-      char buf[200];
-      
-      tmp=gmtime(&(rup->suspendexp));
-      strftime(buf, 15, "%d/%m/%y %H:%M", tmp);
-      chanservstdmessage(sender, QM_EXPIRES, buf);
-    }
+    if (rup->suspendexp)
+      chanservstdmessage(sender, QM_EXPIRES, rup->suspendexp);
     return CMD_ERROR;
   }
   
-  if (!UHasHelperPriv(rup) && !UIsNoAuthLimit(rup)) {
-    anp=findauthname(rup->ID);
-    if (!anp || (anp->usercount >= MAXAUTHCOUNT)) {
-      chanservstdmessage(sender, QM_TOOMANYAUTHS);
-      return CMD_ERROR;
-    }
-  }
   
   chanservstdmessage(sender, QM_AUTHOK, rup->username);
 
   cs_log(sender,"%s OK username %s", authtype,rup->username);
-  localusersetaccountwithuserid(sender, rup->username, rup->ID);;
+
+  localusersetaccount(sender, rup->username, rup->ID, cs_accountflagmap(rup), rup->lastauth);
 
   return CMD_OK;
 }