From 9cfe9520b462820b7d828a55ca057e409eec163d Mon Sep 17 00:00:00 2001
From: winter <99384603+hewoicvewse@users.noreply.github.com>
Date: Sat, 31 Dec 2022 02:34:55 +0900
Subject: [PATCH] some kind of security implemented

---
 src/accounts.cr                     | 10 ++++++++--
 src/endpoints/levels/uploadLevel.cr |  2 +-
 src/endpoints/users/updateUser.cr   |  4 ++++
 src/gjp.cr                          |  2 +-
 4 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/src/accounts.cr b/src/accounts.cr
index 9b7217e..a8a43ab 100644
--- a/src/accounts.cr
+++ b/src/accounts.cr
@@ -1,4 +1,5 @@
 require "uri"
+require "crypto/bcrypt/password"
 
 include CrystalGauntlet
 
@@ -19,13 +20,18 @@ module CrystalGauntlet::Accounts
   end
 
   def get_user_id(username : String, ext_id : String) : Int32
-    return 1
     DATABASE.query("select id from users where udid = ? or account_id = ?", ext_id, ext_id) do |rs|
-      if rs.column_count > 0
+      if rs.move_next
         return rs.read(Int32)
       else
         raise "no user associated with account?!"
       end
     end
   end
+
+  def verify_gjp(account_id : String, gjp : String) : Bool
+    hash = DATABASE.scalar("select password from accounts where id = ?", account_id).as(String)
+    bcrypt = Crypto::Bcrypt::Password.new(hash)
+    bcrypt.verify(GJP.decrypt(gjp))
+  end
 end
diff --git a/src/endpoints/levels/uploadLevel.cr b/src/endpoints/levels/uploadLevel.cr
index e5c125f..e0bcb9f 100644
--- a/src/endpoints/levels/uploadLevel.cr
+++ b/src/endpoints/levels/uploadLevel.cr
@@ -9,7 +9,7 @@ CrystalGauntlet.endpoints["/uploadGJLevel21.php"] = ->(body : String): String {
   puts params.inspect
 
   ext_id = Accounts.get_ext_id_from_params(params)
-  if ext_id == "-1"
+  if ext_id == "-1" || !Accounts.verify_gjp(ext_id, params["gjp"])
     return "-1"
   end
   user_id = Accounts.get_user_id(params["userName"], ext_id)
diff --git a/src/endpoints/users/updateUser.cr b/src/endpoints/users/updateUser.cr
index 57109fc..60975ed 100644
--- a/src/endpoints/users/updateUser.cr
+++ b/src/endpoints/users/updateUser.cr
@@ -9,6 +9,10 @@ CrystalGauntlet.endpoints["/updateGJUserScore22.php"] = ->(body : String): Strin
   puts params.inspect
 
   account_id = Accounts.get_ext_id_from_params(params)
+  if !Accounts.verify_gjp(account_id, params["gjp"])
+    return "-1"
+  end
+
   user_id = Accounts.get_user_id(params["userName"], account_id)
 
   DATABASE.exec("update users set username=?, stars=?, demons=?, coins=?, user_coins=?, diamonds=?, icon_type=?, color1=?, color2=?, cube=?, ship=?, ball=?, ufo=?, wave=?, robot=?, spider=?, explosion=?, special=?, glow=?, last_played=? where id=?", params["userName"], params["stars"], params["demons"], params["coins"], params["userCoins"], params["diamonds"], params["iconType"], params["color1"], params["color2"], params["accIcon"], params["accShip"], params["accBall"], params["accBird"], params["accDart"], params["accRobot"], params["accSpider"], params["accExplosion"], params["special"], params["accGlow"], Time.utc.to_s("%Y-%m-%d %H:%M:%S"), user_id)
diff --git a/src/gjp.cr b/src/gjp.cr
index c65a51b..a60578a 100644
--- a/src/gjp.cr
+++ b/src/gjp.cr
@@ -7,7 +7,7 @@ module CrystalGauntlet::GJP
   XOR_KEY = "37526"
 
   def decrypt(pass : String)
-    pwd = Base64.decode_string(pass.sub('_', '/').sub('-', '+'))
+    pwd = Base64.decode(pass.sub('_', '/').sub('-', '+'))
     decrypted = ""
 
     pwd.each.with_index() do |chr, index|