zdm/envoy
zdm
/
envoy
Archived
3
Fork 0
Code Issues 22 Pull Requests Releases 1 Wiki Activity

Improved Login security

This commit is contained in:
delvh 2020-04-10 15:53:30 +02:00
parent cba20900ba
commit 53bde70529
2 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.project
View File

@ -21,12 +21,12 @@
</arguments> </arguments>
</buildCommand> </buildCommand>
<buildCommand> <buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name> <name>org.hibernate.eclipse.console.hibernateBuilder</name>
<arguments> <arguments>
</arguments> </arguments>
</buildCommand> </buildCommand>
<buildCommand> <buildCommand>
<name>org.hibernate.eclipse.console.hibernateBuilder</name> <name>org.eclipse.m2e.core.maven2Builder</name>
<arguments> <arguments>
</arguments> </arguments>
</buildCommand> </buildCommand>

10
src/main/java/envoy/server/processors/LoginCredentialProcessor.java
View File

@ -93,21 +93,21 @@ public class LoginCredentialProcessor implements ObjectProcessor<LoginCredential
// Checking if user is already online // Checking if user is already online
if (connectionManager.isOnline(user.getID())) { if (connectionManager.isOnline(user.getID())) {
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.ALREADY_ONLINE)); writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.INTERNAL_ERROR));
return null; return null;
} }
// Evaluating the correctness of the password hash // Evaluating the correctness of the password hash
if (!Arrays.equals(credentials.getPasswordHash(), user.getPasswordHash())) { if (!Arrays.equals(credentials.getPasswordHash(), user.getPasswordHash())) {
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.WRONG_PASSWORD)); writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.WRONG_PASSWORD_OR_USER));
return null; return null;
} }
return user; return user;
} catch (NoResultException e) { } catch (NoResultException e) {
// Checking if user exists // Checking if user exists
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.USER_DOES_NOT_EXIST)); writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.INTERNAL_ERROR));
} catch (InputMismatchException e) { } catch (InputMismatchException e) {
// Checking if the given password hash is correct // Checking if the given password hash is correct
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.WRONG_PASSWORD)); writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.WRONG_PASSWORD_OR_USER));
} }
return null; return null;
} }
@ -127,7 +127,7 @@ public class LoginCredentialProcessor implements ObjectProcessor<LoginCredential
// Checking that no user already has this identifier // Checking that no user already has this identifier
PersistenceManager.getInstance().getUserByName(credentials.getIdentifier()); PersistenceManager.getInstance().getUserByName(credentials.getIdentifier());
// this code only gets executed if this user already exists // this code only gets executed if this user already exists
writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.USER_EXISTS_ALREADY)); writeProxy.write(socketID, new HandshakeRejectionEvent(HandshakeRejectionEvent.INTERNAL_ERROR));
return null; return null;
} catch (NoResultException e) { } catch (NoResultException e) {
// Creation of a new user // Creation of a new user