58 lines
1.9 KiB
C#
58 lines
1.9 KiB
C#
using System.Text.Json.Serialization;
|
|
using SPTarkov.Server.Core.Models.Eft.Common;
|
|
using SPTarkov.DI.Annotations;
|
|
using SPTarkov.Server.Core.Callbacks;
|
|
using SPTarkov.Server.Core.DI;
|
|
using SPTarkov.Server.Core.Models.Eft.Launcher;
|
|
using SPTarkov.Server.Core.Routers.Static;
|
|
using SPTarkov.Server.Core.Utils;
|
|
|
|
namespace PersonalAuthMod;
|
|
|
|
|
|
|
|
[Injectable(TypePriority = OnLoadOrder.PostSptModLoader + 100)]
|
|
public class AuthRouter : StaticRouter
|
|
{
|
|
public AuthRouter(
|
|
JsonUtil jsonUtil,
|
|
LauncherCallbacks launcherCallbacks,
|
|
ProfileCallbacks profileCallbacks,
|
|
DatabaseManager dbManager
|
|
) : base(jsonUtil,
|
|
[
|
|
// Get Profile (Filter / Validate)
|
|
new RouteAction<LoginRequestData>(
|
|
"/launcher/profile/get",
|
|
async (url, info, sessionID, _) =>
|
|
{
|
|
if (!dbManager.ValidateSession(sessionID))
|
|
return "FAILED";
|
|
|
|
var sessionUser = dbManager.GetUsernameBySession(sessionID);
|
|
// info.Username is typically passed by launcher. Verify it matches.
|
|
if (!string.IsNullOrEmpty(info.Username) && sessionUser != info.Username)
|
|
{
|
|
return "FAILED";
|
|
}
|
|
|
|
return await launcherCallbacks.Get(url, info, sessionID);
|
|
}
|
|
),
|
|
// Remove Profile (Protect)
|
|
new RouteAction<RemoveProfileData>(
|
|
"/launcher/profile/remove",
|
|
async (url, info, sessionID, _) =>
|
|
{
|
|
if (!dbManager.ValidateSession(sessionID)) return "FAILED";
|
|
|
|
// Also verify the user owns the profile being removed.
|
|
// Assuming sessionID is the "access token", calls to Remove need a valid session.
|
|
return await launcherCallbacks.RemoveProfile(url, info, sessionID);
|
|
}
|
|
)
|
|
])
|
|
{
|
|
}
|
|
}
|