From 77ad5979634cdfc35e9d9ade5bdf4afa598ff52f Mon Sep 17 00:00:00 2001
From: reidlab <reidlab325@gmail.com>
Date: Sun, 27 Aug 2023 21:39:54 -0700
Subject: [PATCH] login endpoint is real!!

---
 readme.md                               | 10 ++---
 src/endpoints/accounts.rs               |  1 +
 src/endpoints/accounts/login_account.rs | 55 +++++++++++++++++++++++++
 src/helpers.rs                          |  5 ++-
 src/helpers/accounts.rs                 | 17 ++++++++
 src/main.rs                             |  1 +
 6 files changed, 81 insertions(+), 8 deletions(-)
 create mode 100644 src/endpoints/accounts/login_account.rs
 create mode 100644 src/helpers/accounts.rs

diff --git a/readme.md b/readme.md
index 767df3b..5072b14 100644
--- a/readme.md
+++ b/readme.md
@@ -1,10 +1,8 @@
 # gdps-server
 
-a [Geometry Dash](https://store.steampowered.com/app/322170/Geometry_Dash/) server reimplementation in [Rust](https://rust-lang.org), focusing on 1:1 recreations of vanilla GD features
+a [Geometry Dash](https://store.steampowered.com/app/322170/Geometry_Dash/) server reimplementation in [Rust](https://rust-lang.org)
 
-_this project is in early stages. it is NOT production ready._
-
-_ONLY 2.2 is supported._
+this project is based off of (stolen from) the [crystal-gauntlet](https://git.oat.zone/oat/crystal-gauntlet) server
 
 ## why?
 
@@ -28,7 +26,7 @@ _these features are implemented_
 
 ### testing
 
-- run `cargo run run`
+- run `cargo run`
 
 ### building
 
@@ -36,5 +34,5 @@ _these features are implemented_
 
 ## todo
 
-- add login endpoint....... NOW!
+- cache hashed passwords
 - our passwords are a little insecure (`argon2(sha1(password + "mI29fmAnxgTs"))`) and there isnt anything we can do about this because gpj2 is forced like that!! thanks robtop!! (try and find a fix anyway lul)
\ No newline at end of file
diff --git a/src/endpoints/accounts.rs b/src/endpoints/accounts.rs
index a335f67..fca82a6 100644
--- a/src/endpoints/accounts.rs
+++ b/src/endpoints/accounts.rs
@@ -1 +1,2 @@
+pub mod login_account;
 pub mod register_account;
\ No newline at end of file
diff --git a/src/endpoints/accounts/login_account.rs b/src/endpoints/accounts/login_account.rs
new file mode 100644
index 0000000..c8e0f01
--- /dev/null
+++ b/src/endpoints/accounts/login_account.rs
@@ -0,0 +1,55 @@
+use password_auth::verify_password;
+use rocket::form::Form;
+use rocket::http::Status;
+use rocket::response::status;
+
+use diesel::prelude::*;
+
+use crate::helpers;
+use crate::db;
+
+#[derive(FromForm)]
+pub struct FromLoginAccount {
+    userName: String,
+    password: String
+}
+
+#[post("/memaddrefix/accounts/loginGJAccount.php", data = "<input>")]
+pub fn login_account(input: Form<FromLoginAccount>) -> status::Custom<&'static str> {
+    let connection = &mut db::establish_connection_pg();
+
+    if input.userName != helpers::clean::clean(input.userName.as_ref()) {
+        return status::Custom(Status::Ok, "-4")
+    }
+
+    if input.password.len() < 6 {
+        return status::Custom(Status::Ok, "-8")
+    }
+
+    if input.userName.len() < 3 {
+        return status::Custom(Status::Ok, "-9")
+    }
+
+    {
+        use crate::schema::accounts::dsl::*;
+
+        let account_id_gjp2_result = accounts
+            .select((id, gjp2))
+            .filter(username.eq(input.userName.clone()))
+            .get_result::<(i32, String)>(connection);
+
+        match account_id_gjp2_result {
+            Ok(account_id_gjp2) => {
+                let user_id = helpers::accounts::get_user_id_from_account_id(account_id_gjp2.0);
+
+                match verify_password(helpers::gjp2::get_gjp2(input.password.clone()).as_bytes(), account_id_gjp2.1.as_str()) {
+                    Ok(_) => return status::Custom(Status::Ok, 
+                        Box::leak(format!("{},{}", account_id_gjp2.0, user_id).into_boxed_str())
+                    ),
+                    Err(_) => return status::Custom(Status::Ok, "-11")
+                };
+            },
+            Err(_) => return status::Custom(Status::Ok, "-1")
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/helpers.rs b/src/helpers.rs
index 1302a7d..96f8dc1 100644
--- a/src/helpers.rs
+++ b/src/helpers.rs
@@ -1,2 +1,3 @@
-pub mod gjp2;
-pub mod clean;
\ No newline at end of file
+pub mod accounts;
+pub mod clean;
+pub mod gjp2;
\ No newline at end of file
diff --git a/src/helpers/accounts.rs b/src/helpers/accounts.rs
new file mode 100644
index 0000000..95d1230
--- /dev/null
+++ b/src/helpers/accounts.rs
@@ -0,0 +1,17 @@
+use diesel::prelude::*;
+
+use crate::db;
+
+pub fn get_user_id_from_account_id(ext_id: i32) -> i32 {
+    use crate::schema::users::dsl::*;
+
+    let connection = &mut db::establish_connection_pg();
+
+    let user_id = users
+        .filter(udid.eq(ext_id.to_string()).or(account_id.eq(ext_id)))
+        .select(id)
+        .get_result::<i32>(connection)
+        .expect("No user associated with account?!?!?");
+
+    user_id
+}
\ No newline at end of file
diff --git a/src/main.rs b/src/main.rs
index fead183..aca3f2b 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -21,6 +21,7 @@ fn rocket() -> _ {
     rocket::build().mount("/", routes![
         index, 
         
+        endpoints::accounts::login_account::login_account,
         endpoints::accounts::register_account::register_account
     ])
 }
\ No newline at end of file