login endpoint is real!!

readme.md

@@ -1,10 +1,8 @@
 # gdps-server
 
-a [Geometry Dash](https://store.steampowered.com/app/322170/Geometry_Dash/) server reimplementation in [Rust](https://rust-lang.org), focusing on 1:1 recreations of vanilla GD features
+a [Geometry Dash](https://store.steampowered.com/app/322170/Geometry_Dash/) server reimplementation in [Rust](https://rust-lang.org)
 
-_this project is in early stages. it is NOT production ready._
+this project is based off of (stolen from) the [crystal-gauntlet](https://git.oat.zone/oat/crystal-gauntlet) server
-
-_ONLY 2.2 is supported._
 
 ## why?
 
@@ -28,7 +26,7 @@ _these features are implemented_
 
 ### testing
 
-- run `cargo run run`
+- run `cargo run`
 
 ### building
 
@@ -36,5 +34,5 @@ _these features are implemented_
 
 ## todo
 
-- add login endpoint....... NOW!
+- cache hashed passwords
 - our passwords are a little insecure (`argon2(sha1(password + "mI29fmAnxgTs"))`) and there isnt anything we can do about this because gpj2 is forced like that!! thanks robtop!! (try and find a fix anyway lul)

src/endpoints/accounts.rs

@@ -1 +1,2 @@
+pub mod login_account;
 pub mod register_account;

src/endpoints/accounts/login_account.rs

@@ -0,0 +1,55 @@
+use password_auth::verify_password;
+use rocket::form::Form;
+use rocket::http::Status;
+use rocket::response::status;
+
+use diesel::prelude::*;
+
+use crate::helpers;
+use crate::db;
+
+#[derive(FromForm)]
+pub struct FromLoginAccount {
+    userName: String,
+    password: String
+}
+
+#[post("/memaddrefix/accounts/loginGJAccount.php", data = "<input>")]
+pub fn login_account(input: Form<FromLoginAccount>) -> status::Custom<&'static str> {
+    let connection = &mut db::establish_connection_pg();
+
+    if input.userName != helpers::clean::clean(input.userName.as_ref()) {
+        return status::Custom(Status::Ok, "-4")
+    }
+
+    if input.password.len() < 6 {
+        return status::Custom(Status::Ok, "-8")
+    }
+
+    if input.userName.len() < 3 {
+        return status::Custom(Status::Ok, "-9")
+    }
+
+    {
+        use crate::schema::accounts::dsl::*;
+
+        let account_id_gjp2_result = accounts
+            .select((id, gjp2))
+            .filter(username.eq(input.userName.clone()))
+            .get_result::<(i32, String)>(connection);
+
+        match account_id_gjp2_result {
+            Ok(account_id_gjp2) => {
+                let user_id = helpers::accounts::get_user_id_from_account_id(account_id_gjp2.0);
+
+                match verify_password(helpers::gjp2::get_gjp2(input.password.clone()).as_bytes(), account_id_gjp2.1.as_str()) {
+                    Ok(_) => return status::Custom(Status::Ok, 
+                        Box::leak(format!("{},{}", account_id_gjp2.0, user_id).into_boxed_str())
+                    ),
+                    Err(_) => return status::Custom(Status::Ok, "-11")
+                };
+            },
+            Err(_) => return status::Custom(Status::Ok, "-1")
+        }
+    }
+}

src/helpers.rs

@@ -1,2 +1,3 @@
-pub mod gjp2;
+pub mod accounts;
 pub mod clean;
+pub mod gjp2;

src/helpers/accounts.rs

@@ -0,0 +1,17 @@
+use diesel::prelude::*;
+
+use crate::db;
+
+pub fn get_user_id_from_account_id(ext_id: i32) -> i32 {
+    use crate::schema::users::dsl::*;
+
+    let connection = &mut db::establish_connection_pg();
+
+    let user_id = users
+        .filter(udid.eq(ext_id.to_string()).or(account_id.eq(ext_id)))
+        .select(id)
+        .get_result::<i32>(connection)
+        .expect("No user associated with account?!?!?");
+
+    user_id
+}

src/main.rs

@@ -21,6 +21,7 @@ fn rocket() -> _ {
     rocket::build().mount("/", routes![
         index, 
         
+        endpoints::accounts::login_account::login_account,
         endpoints::accounts::register_account::register_account
     ])
 }