Add README

README.md

@@ -0,0 +1,40 @@
+# pep.py
+## Ripple's bancho server
+This is Ripple's bancho server. It handles:
+- Client login
+- Online users listing and statuses
+- Public and private chat
+- Spectator
+- Multiplayer
+- Fokabot
+
+## Requirements
+- Python 3.5
+- MySQLdb (`pip install mysqlclient` or `pip install mysql-python`)
+- Tornado (`pip install tornado`)
+- Bcrypt (`pip install bcrypt`)
+
+## How to set up pep.py
+First of all, install all the dependencies
+```
+$ pip install mysqlclient
+$ pip install tornado
+$ pip install bcrypt
+```
+then, run pep.py once to create the default config file and edit it
+```
+$ python3 pep.py
+$ nano config.ini
+```
+you can run pep.py by typing
+```
+$ python3 pep.py
+```
+
+## License
+
+```
+Copyright (C) The Ripple Developers - All Rights Reserved
+Unauthorized copying of this file, via any medium is strictly prohibited
+Proprietary and confidential
+```

constants/exceptions.py

@@ -71,3 +71,6 @@ class messageTooLongException(Exception):
 
 class userSilencedException(Exception):
 	pass
+
+class need2FAException(Exception):
+	pass

constants/serverPackets.py

@@ -29,6 +29,8 @@ def loginError():
 def needSupporter():
 	return packetHelper.buildPacket(packetIDs.server_userID, [[-6, dataTypes.sInt32]])
 
+def needVerification():
+	return packetHelper.buildPacket(packetIDs.server_userID, [[-8, dataTypes.sInt32]])
 
 """ Login packets """
 def userID(uid):

events/loginEvent.py

@@ -46,6 +46,11 @@ def handle(tornadoRequest):
 			# Banned
 			raise exceptions.loginBannedException()
 
+		# 2FA check
+		if userHelper.check2FA(userID, requestIP) == True:
+			log.warning("Need 2FA check for user {}".format(loginData[0]))
+			raise exceptions.need2FAException()
+
 		# No login errors!
 		# Log user IP
 		userHelper.IPLog(userID, requestIP)
@@ -167,11 +172,14 @@ def handle(tornadoRequest):
 	except exceptions.banchoMaintenanceException:
 		# Bancho is in maintenance mode
 		responseData += serverPackets.notification("Our bancho server is in maintenance mode. Please try to login again later.")
-		responseData += serverPackets.loginError()
+		responseData += serverPackets.loginFailed()
 	except exceptions.banchoRestartingException:
 		# Bancho is restarting
 		responseData += serverPackets.notification("Bancho is restarting. Try again in a few minutes.")
-		responseData += serverPackets.loginError()
+		responseData += serverPackets.loginFailed()
+	except exceptions.need2FAException:
+		# User tried to log in from unknown IP
+		responseData += serverPackets.needVerification()
 	finally:
 		# Console and discord log
 		msg = "Bancho login request from {} for user {} ({})".format(requestIP, loginData[0], "failed" if err == True else "success")

helpers/userHelper.py

@@ -333,3 +333,16 @@ def deleteBanchoSessions(userID, ip):
 		glob.db.execute("DELETE FROM bancho_sessions WHERE userid = %s AND ip = %s", [userID, ip])
 	except:
 		log.warning("Token for user: {} ip: {} doesn't exist".format(userID, ip))
+
+def is2FAEnabled(userID):
+	"""Returns True if 2FA is enable for this account"""
+	result = glob.db.fetch("SELECT id FROM 2fa_telegram WHERE userid = %s LIMIT 1", [userID])
+	return True if result is not None else False
+
+def check2FA(userID, ip):
+	"""Returns True if this IP is untrusted"""
+	if is2FAEnabled(userID) == False:
+		return False
+
+	result = glob.db.fetch("SELECT id FROM ip_user WHERE userid = %s AND ip = %s", [userID, ip])
+	return True if result is None else False