Lama3L9R/lsp-yggdrasil
Lama3L9R
/
lsp-yggdrasil
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

修复 Bugs
continuous-integration/drone/push Build is failing Details

This commit is contained in:
Qumolama.d 2022-07-14 04:06:35 +08:00
parent 5f52abba97
commit 9fb90bef0e
Signed by: Lama3L9R
GPG Key ID: 1762AFC05157CE18
4 changed files with 79 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/index.js
View File

@ -125,6 +125,7 @@ export const setup = async () => {
server.route(SessionServerRoutings.profile)
server.route(SessionServerRoutings.profiles)
server.route(WebAPIRoutings.CORS_BYPASS)
server.route(WebAPIRoutings.meta)
server.route(WebAPIRoutings.status)
server.route(WebAPIRoutings.telegramBind)

36
src/models/player.js
View File

@ -87,21 +87,33 @@ export async function getPlayerSerialization(player) {
}
if(player.textures.skin && player.textures.skin != 0) { // Must be '!=' if this change to '!==' will never works
textures.textures.SKIN = {
url: await getSignedUrl(s3Instance, new GetObjectCommand({
Bucket: config.storage.bucket,
Key: player.textures.skin
}), { expiresIn: 3 * 24 * 60 * 60 }) // 3 days
}
if(player.textures.skin.indexOf("http") === -1) {
textures.textures.SKIN = {
url: await getSignedUrl(s3Instance, new GetObjectCommand({
Bucket: config.storage.bucket,
Key: player.textures.skin
}), { expiresIn: 3 * 24 * 60 * 60 }) // 3 days
}
} else {
textures.textures.SKIN = {
url: player.textures.skin
}
}
}
if(player.textures.cape && player.textures.cape != 0) { // Must be '!=' if this change to '!==' will never works
textures.textures.CAPE = {
url: await getSignedUrl(s3Instance, new GetObjectCommand({
Bucket: config.storage.bucket,
Key: player.textures.cape
}), { expiresIn: 3 * 24 * 60 * 60 }) // 3 days
}
if(player.textures.cape.indexOf("http") === -1) {
textures.textures.CAPE = {
url: await getSignedUrl(s3Instance, new GetObjectCommand({
Bucket: config.storage.bucket,
Key: player.textures.cape
}), { expiresIn: 3 * 24 * 60 * 60 }) // 3 days
}
} else {
textures.textures.CAPE = {
url: player.textures.cape
}
}
}
const val = Buffer.from(JSON.stringify(textures)).toString('base64')

62
src/routes/web-api.js
View File

@ -28,14 +28,14 @@ const identifiers = new Map()
async function identifierValidator(req, rep) {
const identifier = req.headers['x-lsp-identifier']
if(!identifier) {
return await rep.code(400).send({
return await rep.code(200).send({
err: 1.143688,
msg: "请求格式不正确"
})
}
if(!identifiers.has(identifier)) {
return await rep.code(401).send({
return await rep.code(200).send({
err: 0.456914,
msg: "用户不存在"
})
@ -43,7 +43,7 @@ async function identifierValidator(req, rep) {
const {t, uuid} = identifiers.get(identifier)
if(t < Date.now()) {
return await rep.code(401).send({
return await rep.code(200).send({
err: 1.143688,
msg: "令牌超时"
})
@ -146,14 +146,14 @@ export const login = {
const { username, password, createToken } = req.body;
const user = await Player.findOne({ email: username, password: createHash("sha256").update(password).digest('hex') });
if (!user) {
return rep.code(401).send({
return rep.code(200).send({
err: 1.143688,
msg: "用户名或密码错误"
});
}
if(user.permissions.indexOf("login") === -1) {
return await rep.code(401).send({
return await rep.code(200).send({
err: 0.337187,
msg: "泻药,宁滴账号已被封禁"
});
@ -261,14 +261,14 @@ export const register = {
{ email: email }, { username: username }
] })
if (user) {
return await rep.code(401).send({
return await rep.code(200).send({
err: 1.143688,
msg: "用户名已存在"
})
}
if(username == 0 || password == 0 || email == 0 || telegramId == 0) {
return await rep.code(401).send({
if(username == 0 || password == 0 || email == 0 || invitationCode == 0 || validationCode == 0) {
return await rep.code(200).send({
err: 1.143688,
msg: "用户名/密码/邮箱/telegramId不能为空"
})
@ -296,17 +296,23 @@ export const register = {
v -> Signature
*/
const { p, n, t, v } = JSON.parse(crypto.privateDecrypt(server.keys.privateKey, Buffer.from(invitationCode)).toString())
const raw = Buffer.from(invitationCode, 'base64').toString().split(';').filter(it => it.indexOf('=') >= 0)
const fields = new Map()
raw.forEach(kvPair => {
const [k, v] = kvPair.split('=', 2)
req.log.info(`k: ${k} v: ${v}`)
if(!crypto.createVerify('rsa-sha1').update(Buffer.from(invitationCode)).verify(server.keys.publicKey, Buffer.from(v, 'hex'))) {
return await rep.code(401).send({
fields.set(k, v)
})
if(!crypto.createVerify('rsa-sha1').update(Buffer.from(invitationCode)).verify(server.keys.publicKey, Buffer.from(validationCode, 'hex'))) {
return await rep.code(200).send({
err: 1.143688,
msg: "邀请码验证失败!非法邀请码!"
})
}
if(t !== email) {
return await rep.code(401).send({
if(fields.get('t') !== email) {
return await rep.code(200).send({
err: 1.143688,
msg: "邀请码验证失败!这邀请码不属于你!"
})
@ -321,8 +327,8 @@ export const register = {
registerDate: Date.now(),
permissions: ['login'],
binding: {
platform: p,
username: n,
platform: fields.get('p'),
username: fields.get('n'),
verified: true,
}
});
@ -411,7 +417,7 @@ export const uploadTexture = {
const { type } = req.params
if(type !== 'skin' && type !== 'cape') {
rep.code(400).send({
rep.code(200).send({
err: 1.143688,
msg: "请求格式不正确"
})
@ -452,7 +458,7 @@ export const uploadTexture = {
await rep.code(200).send({
err: 1.048596,
msg: ""
msg: JSON.stringify(update)
})
}
}
@ -615,4 +621,24 @@ export const status = {
}
})
}
}
export const CORS_BYPASS = {
method: "OPTIONS",
url: "/*",
schema: {
summary: "跨域访问",
description: "跨域访问",
tags: [ "webapi" ],
response: {
200: {
type: "null"
},
},
},
preHandler: getOverridePreHandler("/*"),
handler: getOverrideHandler("/*") ?? function(req, rep) {
rep.header("Access-Control-Allow-Origin", "*").code(200).send()
}
}

18
src/telegram/player-commands.js
View File

@ -21,10 +21,10 @@ const adminCreateInvitation = () => {
const player = await Player.findOne({ 'binding.platform': 'telegram', 'binding.username': ctx.message.from.username })
if(!player || player.permissions.indexOf('admin') === -1) {
return ctx.reply('配钥匙吗?什么?你配?哦不你不配!')
return ctx.reply('配钥匙吗?什么?你配?你配几把?')
}
const [invitation, v] = makeInvitation(args[0], args[1], args[2] || 'telegram')
const [invitation, v] = makeInvitation(args[0], args[2], args[1] || 'telegram')
ctx.replyWithMarkdownV2('邀请码:\n```' + invitation + '```\n\n验证码\n```' + v + "```")
})
}
@ -54,7 +54,7 @@ const adminRevokeBan = () => {
const player = await Player.findOne({ 'binding.platform': 'telegram', 'binding.username': ctx.message.from.username })
if(!player || player.permissions.indexOf('admin') === -1) {
return ctx.reply('配钥匙吗?什么?你配?哦不你不配!')
return ctx.reply('配钥匙吗?什么?你配?你配几把?')
}
const args = ctx.update.message.text.split(' ').slice(1)
@ -100,12 +100,14 @@ const userCreateInvitation = () => {
t(o): "email",
}
*/
const templete = "p=$0;n=$1;t=$2"
const makeInvitation = (username, platform, email) => {
const invitation = crypto.publicEncrypt(server.keys.publicKey, Buffer.from(JSON.stringify({
p: platform,
n: username,
t: email,
}))).toString('hex')
let i = templete.replace('$0', platform)
.replace('$1', username)
.replace('$2', email)
i = i.padEnd(i.length + 3 - i.length % 3, ';')
const invitation = Buffer.from(i).toString('base64')
const v = crypto.createSign('RSA-SHA1').update(invitation).sign(server.keys.privateKey, 'hex')
return [invitation, v]