slightly tweak account lib stuff

2022-12-31 20:12:22 +03:00 · 2022-12-31 20:12:22 +03:00 · 886a16468a
parent c9e1595185
commit 886a16468a
4 changed files with 9 additions and 16 deletions
--- a/src/endpoints/accounts/loginAccount.cr
+++ b/src/endpoints/accounts/loginAccount.cr
@ -16,7 +16,7 @@ CrystalGauntlet.endpoints["/accounts/loginGJAccount.php"] = ->(body : String): S
    bcrypt = Crypto::Bcrypt::Password.new(hash)

    if bcrypt.verify(password)
-      user_id = Accounts.get_user_id(account_id.to_s)
+      user_id = Accounts.get_user_id(account_id)
      "#{account_id},#{user_id}"
    else
      return "-12"
--- a/src/endpoints/levels/uploadLevel.cr
+++ b/src/endpoints/levels/uploadLevel.cr
@ -7,11 +7,10 @@ CrystalGauntlet.endpoints["/uploadGJLevel21.php"] = ->(body : String): String {
  puts params.inspect

  # todo: green user fixes? pretty please?
-  ext_id = Accounts.get_ext_id_from_params(params)
-  if !ext_id || !Accounts.verify_gjp(ext_id.to_i, params["gjp"])
+  user_id, account_id = Accounts.auth(params)
+  if !(user_id && account_id)
    return "-1"
  end
-  user_id = Accounts.get_user_id(ext_id)

  song_id = params["songID"] == "0" ? params["audioTrack"] : params["songID"]

--- a/src/endpoints/users/updateUser.cr
+++ b/src/endpoints/users/updateUser.cr
@ -8,13 +8,11 @@ CrystalGauntlet.endpoints["/updateGJUserScore22.php"] = ->(body : String): Strin
  params = URI::Params.parse(body)
  puts params.inspect

-  account_id = Accounts.get_account_id_from_params(params)
-  if !account_id || !Accounts.verify_gjp(account_id, params["gjp"])
+  user_id, account_id = Accounts.auth(params)
+  if !(user_id && account_id)
    return "-1"
  end

-  user_id = Accounts.get_user_id(account_id.to_s)
-
  # todo: prevent username change unless it's a capitalization change
  # todo: update account username casing w/ user username
  # todo: keep track of stat changes to look out for leaderboard cheating & whatnot
--- a/src/lib/accounts.cr
+++ b/src/lib/accounts.cr
@ -15,15 +15,11 @@ module CrystalGauntlet::Accounts
    end
  end

-  def get_ext_id_from_params(params : URI::Params) : String | Nil
+  def get_ext_id_from_params(params : URI::Params) : Int32 | Nil
    if params.has_key?("udid") && params["udid"] != ""
-      # todo: numeric id check
-      params["udid"]
-    elsif params.has_key?("accountID") && params["accountID"] != "" && params["accountID"] != "0"
-      # todo: validate password
-      params["accountID"]
+      params["udid"].to_i32?
    else
-      nil
+      get_account_id_from_params(params)
    end
  end

@ -41,7 +37,7 @@ module CrystalGauntlet::Accounts
    return user_id, ext_id.to_i
  end

-  def get_user_id(ext_id : String) : Int32
+  def get_user_id(ext_id : Int32) : Int32
    DATABASE.query("select id from users where udid = ? or account_id = ?", ext_id, ext_id) do |rs|
      if rs.move_next
        return rs.read(Int32)