Edited 'last' command to new beatmaps table structure
This commit is contained in:
		| @@ -80,3 +80,6 @@ class userRestrictedException(Exception): | ||||
|  | ||||
| class haxException(Exception): | ||||
| 	pass | ||||
|  | ||||
| class forceUpdateException(Exception): | ||||
| 	pass | ||||
|   | ||||
| @@ -528,7 +528,7 @@ def tillerinoAcc(fro, chan, message): | ||||
| def tillerinoLast(fro, chan, message): | ||||
| 	try: | ||||
| 		data = glob.db.fetch("""SELECT beatmaps.song_name as sn, scores.*, | ||||
| 			beatmaps.beatmap_id as bid, beatmaps.difficulty, beatmaps.max_combo as fc | ||||
| 			beatmaps.beatmap_id as bid, beatmaps.difficulty_std, beatmaps.difficulty_taiko, beatmaps.difficulty_ctb, beatmaps.difficulty_mania, beatmaps.max_combo as fc | ||||
| 		FROM scores | ||||
| 		LEFT JOIN beatmaps ON beatmaps.beatmap_md5=scores.beatmap_md5 | ||||
| 		LEFT JOIN users ON users.id = scores.userid | ||||
| @@ -538,6 +538,7 @@ def tillerinoLast(fro, chan, message): | ||||
| 		if data == None: | ||||
| 			return False | ||||
|  | ||||
| 		diffString = "difficulty_{}".format(gameModes.getGameModeForDB(data["play_mode"])) | ||||
| 		rank = generalFunctions.getRank(data["play_mode"], data["mods"], data["accuracy"],\ | ||||
| 			data["300_count"], data["100_count"], data["50_count"], data["misses_count"]) | ||||
|  | ||||
| @@ -555,7 +556,7 @@ def tillerinoLast(fro, chan, message): | ||||
| 			msg += ifFc | ||||
| 			msg += " | {0:.2f}%, {1}".format(data["accuracy"], rank.upper()) | ||||
| 			msg += " {{ {0} / {1} / {2} / {3} }}".format(data["300_count"], data["100_count"], data["50_count"], data["misses_count"]) | ||||
| 			msg += " | {0:.2f} stars".format(data["difficulty"]) | ||||
| 			msg += " | {0:.2f} stars".format(data[diffString]) | ||||
| 			return msg | ||||
|  | ||||
| 		msg = ifPlayer | ||||
| @@ -566,8 +567,8 @@ def tillerinoLast(fro, chan, message): | ||||
| 		msg += ifFc | ||||
| 		msg += " | {0:.2f}pp".format(data["pp"]) | ||||
|  | ||||
| 		stars = data["difficulty"] | ||||
| 		if data["mods"]: | ||||
| 		stars = data[diffString] | ||||
| 		if data["mods"] and data["play_mode"] == gameModes.std: | ||||
| 			token = glob.tokens.getTokenFromUsername(fro) | ||||
| 			if token == None: | ||||
| 				return False | ||||
|   | ||||
| @@ -18,3 +18,4 @@ ADMIN_MANAGE_PRIVILEGES = 2 << 15 | ||||
| ADMIN_SEND_ALERTS = 2 << 16 | ||||
| ADMIN_CHAT_MOD = 2 << 17 | ||||
| ADMIN_KICK_USERS = 2 << 18 | ||||
| USER_PENDING_VERIFICATION = 2 << 19 | ||||
|   | ||||
| @@ -14,6 +14,7 @@ from helpers import requestHelper | ||||
| from helpers import discordBotHelper | ||||
| from helpers import logHelper as log | ||||
| from helpers import chatHelper as chat | ||||
| from constants import privileges | ||||
|  | ||||
| def handle(tornadoRequest): | ||||
| 	# Data to return | ||||
| @@ -23,6 +24,10 @@ def handle(tornadoRequest): | ||||
| 	# Get IP from tornado request | ||||
| 	requestIP = tornadoRequest.getRequestIP() | ||||
|  | ||||
| 	# Avoid exceptions | ||||
| 	clientData = ["unknown", "unknown", "unknown", "unknown", "unknown"] | ||||
| 	osuVersion = "unknown" | ||||
|  | ||||
| 	# Split POST body so we can get username/password/hardware data | ||||
| 	# 2:-3 thing is because requestData has some escape stuff that we don't need | ||||
| 	loginData = str(tornadoRequest.request.body)[2:-3].split("\\n") | ||||
| @@ -34,6 +39,19 @@ def handle(tornadoRequest): | ||||
| 		if len(loginData) < 3: | ||||
| 			raise exceptions.haxException() | ||||
|  | ||||
| 		# Get HWID, MAC address and more | ||||
| 		# Structure (new line = "|", already split) | ||||
| 		# [0] osu! version | ||||
| 		# [1] plain mac addressed, separated by "." | ||||
| 		# [2] mac addresses hash set | ||||
| 		# [3] unique ID | ||||
| 		# [4] disk ID | ||||
| 		splitData = loginData[2].split("|") | ||||
| 		osuVersion = splitData[0] | ||||
| 		clientData = splitData[3].split(":")[:5] | ||||
| 		if len(clientData) < 4: | ||||
| 			raise exceptions.forceUpdateException() | ||||
|  | ||||
| 		# Try to get the ID from username | ||||
| 		username = str(loginData[0]) | ||||
| 		userID = userHelper.getID(username) | ||||
| @@ -46,7 +64,8 @@ def handle(tornadoRequest): | ||||
| 			raise exceptions.loginFailedException() | ||||
|  | ||||
| 		# Make sure we are not banned | ||||
| 		if userHelper.isBanned(userID) == True: | ||||
| 		priv = userHelper.getPrivileges(userID) | ||||
| 		if userHelper.isBanned(userID) == True and priv & privileges.USER_PENDING_VERIFICATION == 0: | ||||
| 			raise exceptions.loginBannedException() | ||||
|  | ||||
| 		# 2FA check | ||||
| @@ -55,6 +74,29 @@ def handle(tornadoRequest): | ||||
| 			raise exceptions.need2FAException() | ||||
|  | ||||
| 		# No login errors! | ||||
|  | ||||
| 		# Verify this user (if pending activation) | ||||
| 		firstLogin = False | ||||
| 		if priv & privileges.USER_PENDING_VERIFICATION > 0 or userHelper.hasVerifiedHardware(userID) == False: | ||||
| 			if userHelper.verifyUser(userID, clientData) == True: | ||||
| 				# Valid account | ||||
| 				log.info("Account {} verified successfully!".format(userID)) | ||||
| 				glob.verifiedCache[str(userID)] = 1 | ||||
| 				firstLogin = True | ||||
| 			else: | ||||
| 				# Multiaccount detected | ||||
| 				log.info("Account {} NOT verified!".format(userID)) | ||||
| 				glob.verifiedCache[str(userID)] = 0 | ||||
| 				raise exceptions.loginBannedException() | ||||
|  | ||||
| 		# Save HWID in db | ||||
| 		hwAllowed = userHelper.logHardware(userID, clientData, firstLogin) | ||||
| 		# This is false only if HWID is empty | ||||
| 		# if HWID is banned, we get restricted so there's no | ||||
| 		# need to deny bancho access | ||||
| 		if hwAllowed == False: | ||||
| 			raise exceptions.haxException() | ||||
|  | ||||
| 		# Log user IP | ||||
| 		userHelper.IPLog(userID, requestIP) | ||||
|  | ||||
| @@ -185,6 +227,12 @@ def handle(tornadoRequest): | ||||
| 	except exceptions.need2FAException: | ||||
| 		# User tried to log in from unknown IP | ||||
| 		responseData += serverPackets.needVerification() | ||||
| 	except exceptions.haxException: | ||||
| 		# Using oldoldold client, we can't check hw. Force update. | ||||
| 		# (we don't use enqueue because we don't have a token since login has failed) | ||||
| 		err = True | ||||
| 		responseData += serverPackets.forceUpdate() | ||||
| 		responseData += serverPackets.notification("Hory shitto, your client is TOO old! Nice preistoria! Please turn off the switcher and update it.") | ||||
| 	except: | ||||
| 		log.error("Unknown error!\n```\n{}\n{}```".format(sys.exc_info(), traceback.format_exc())) | ||||
| 	finally: | ||||
| @@ -192,8 +240,8 @@ def handle(tornadoRequest): | ||||
| 		if len(loginData) < 3: | ||||
| 			msg = "Invalid bancho login request from **{}** (insufficient POST data)".format(requestIP) | ||||
| 		else: | ||||
| 			msg = "Bancho login request from **{}** for user **{}** ({}) **({})**".format(requestIP, loginData[0], loginData[2], "failed" if err == True else "success") | ||||
| 		log.info(msg, True) | ||||
| 			msg = "Bancho login request from **{}** for user **{}** _({})_\n_Version: {}\nosu!.exe hash: {}\nMAC: {}\nUID: {}\nHWID: {}_\n".format(requestIP, loginData[0], "failed" if err == True else "success", osuVersion, clientData[0], clientData[2], clientData[3], clientData[4]) | ||||
| 		log.info(msg, "bunker") | ||||
|  | ||||
| 		# Return token string and data | ||||
| 		return (responseTokenString, responseData) | ||||
|   | ||||
							
								
								
									
										46
									
								
								handlers/apiVerifiedStatusHandler.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										46
									
								
								handlers/apiVerifiedStatusHandler.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,46 @@ | ||||
| from helpers import requestHelper | ||||
| from helpers import logHelper as log | ||||
| import json | ||||
| from objects import glob | ||||
| from constants import exceptions | ||||
|  | ||||
| class handler(requestHelper.asyncRequestHandler): | ||||
| 	def asyncGet(self): | ||||
| 		statusCode = 400 | ||||
| 		data = {"message": "unknown error"} | ||||
| 		try: | ||||
| 			# Check arguments | ||||
| 			if requestHelper.checkArguments(self.request.arguments, ["u"]) == False: | ||||
| 				raise exceptions.invalidArgumentsException() | ||||
|  | ||||
| 			# Get userID and its verified cache thing | ||||
| 			# -1: Not in cache | ||||
| 			# 0: Not verified (multiacc) | ||||
| 			# 1: Verified | ||||
| 			userID = self.get_argument("u") | ||||
| 			data["result"] = -1 if userID not in glob.verifiedCache else glob.verifiedCache[userID] | ||||
|  | ||||
| 			# Status code and message | ||||
| 			statusCode = 200 | ||||
| 			data["message"] = "ok" | ||||
| 		except exceptions.invalidArgumentsException: | ||||
| 			statusCode = 400 | ||||
| 			data["message"] = "missing required arguments" | ||||
| 		finally: | ||||
| 			# Add status code to data | ||||
| 			data["status"] = statusCode | ||||
|  | ||||
| 			# Send response | ||||
| 			self.add_header("Access-Control-Allow-Origin", "*") | ||||
| 			self.add_header("Content-Type", "application/json") | ||||
|  | ||||
| 			# jquery meme | ||||
| 			output = "" | ||||
| 			if "callback" in self.request.arguments: | ||||
| 				output += self.get_argument("callback")+"(" | ||||
| 			output += json.dumps(data) | ||||
| 			if "callback" in self.request.arguments: | ||||
| 				output += ")" | ||||
|  | ||||
| 			self.write(output) | ||||
| 			self.set_status(statusCode) | ||||
| @@ -59,3 +59,11 @@ def sendChatlog(message): | ||||
| 	message -- message to send | ||||
| 	""" | ||||
| 	sendDiscordMessage("chatlog", message, prefix="") | ||||
|  | ||||
| def sendCM(message): | ||||
| 	""" | ||||
| 	Send a message to #communitymanagers | ||||
|  | ||||
| 	message -- message to send | ||||
| 	""" | ||||
| 	sendDiscordMessage("cm", message) | ||||
|   | ||||
| @@ -1,21 +1,20 @@ | ||||
| from constants import bcolors | ||||
| from helpers import discordBotHelper | ||||
| from helpers import generalFunctions | ||||
| from helpers.systemHelper import runningUnderUnix | ||||
| from objects import glob | ||||
| from helpers import userHelper | ||||
| import time | ||||
| import os | ||||
| ENDL = "\n" if os.name == "posix" else "\r\n" | ||||
|  | ||||
| ENDL = "\n" if runningUnderUnix() else "\r\n" | ||||
|  | ||||
| def logMessage(message, alertType = "INFO", messageColor = bcolors.ENDC, discord = False, alertDev = False, of = None, stdout = True): | ||||
| def logMessage(message, alertType = "INFO", messageColor = bcolors.ENDC, discord = None, alertDev = False, of = None, stdout = True): | ||||
| 	""" | ||||
| 	Logs a message to stdout/discord/file | ||||
|  | ||||
| 	message -- message to log | ||||
| 	alertType -- can be any string. Standard types: INFO, WARNING and ERRORS. Defalt: INFO | ||||
| 	messageColor -- message color (see constants.bcolors). Default = bcolots.ENDC (no color) | ||||
| 	discord -- if True, the message will be logged on #bunker channel on discord. Default: False | ||||
| 	discord -- discord channel (bunker/cm/staff/general). Optional. Default = None | ||||
| 	alertDev -- if True, devs will receive an hl on discord. Default: False | ||||
| 	of -- if not None but a string, log the message to that file (inside .data folder). Eg: "warnings.txt" Default: None (don't log to file) | ||||
| 	stdout -- if True, print the message to stdout. Default: True | ||||
| @@ -52,8 +51,15 @@ def logMessage(message, alertType = "INFO", messageColor = bcolors.ENDC, discord | ||||
| 		print(finalMessageConsole) | ||||
|  | ||||
| 	# Log to discord if needed | ||||
| 	if discord == True: | ||||
| 		discordBotHelper.sendConfidential(message, alertDev) | ||||
| 	if discord != None: | ||||
| 		if discord == "bunker": | ||||
| 			discordBotHelper.sendConfidential(message, alertDev) | ||||
| 		elif discord == "cm": | ||||
| 			discordBotHelper.sendCM(message) | ||||
| 		elif discord == "staff": | ||||
| 			discordBotHelper.sendStaff(message) | ||||
| 		elif discord == "general": | ||||
| 			discordBotHelper.sendGeneral(message) | ||||
|  | ||||
| 	# Log to file if needed | ||||
| 	if of != None: | ||||
| @@ -64,32 +70,32 @@ def logMessage(message, alertType = "INFO", messageColor = bcolors.ENDC, discord | ||||
| 		finally: | ||||
| 			glob.fLocks.unlockFile(of) | ||||
|  | ||||
| def warning(message, discord = False, alertDev = False): | ||||
| def warning(message, discord = None, alertDev = False): | ||||
| 	""" | ||||
| 	Log a warning to stdout, warnings.log (always) and discord (optional) | ||||
|  | ||||
| 	message -- warning message | ||||
| 	discord -- if True, send warning to #bunker. Optional. Default = False. | ||||
| 	discord -- if not None, send message to that discord channel through schiavo. Optional. Default = None | ||||
| 	alertDev -- if True, send al hl to devs on discord. Optional. Default = False. | ||||
| 	""" | ||||
| 	logMessage(message, "WARNING", bcolors.YELLOW, discord, alertDev, "warnings.txt") | ||||
|  | ||||
| def error(message, discord = False, alertDev = True): | ||||
| def error(message, discord = None, alertDev = True): | ||||
| 	""" | ||||
| 	Log an error to stdout, errors.log (always) and discord (optional) | ||||
|  | ||||
| 	message -- error message | ||||
| 	discord -- if True, send error to #bunker. Optional. Default = False. | ||||
| 	discord -- if not None, send message to that discord channel through schiavo. Optional. Default = None | ||||
| 	alertDev -- if True, send al hl to devs on discord. Optional. Default = False. | ||||
| 	""" | ||||
| 	logMessage(message, "ERROR", bcolors.RED, discord, alertDev, "errors.txt") | ||||
|  | ||||
| def info(message, discord = False, alertDev = False): | ||||
| def info(message, discord = None, alertDev = False): | ||||
| 	""" | ||||
| 	Log an error to stdout (and info.log) | ||||
|  | ||||
| 	message -- info message | ||||
| 	discord -- if True, send error to #bunker. Optional. Default = False. | ||||
| 	discord -- if not None, send message to that discord channel through schiavo. Optional. Default = None | ||||
| 	alertDev -- if True, send al hl to devs on discord. Optional. Default = False. | ||||
| 	""" | ||||
| 	logMessage(message, "INFO", bcolors.ENDC, discord, alertDev, "info.txt") | ||||
|   | ||||
| @@ -392,7 +392,7 @@ def ban(userID): | ||||
| 	userID -- id of user | ||||
| 	""" | ||||
| 	banDateTime = int(time.time()) | ||||
| 	glob.db.execute("UPDATE users SET privileges = privileges & %s, ban_datetime = %s WHERE id = %s", [ ~(privileges.USER_NORMAL | privileges.USER_PUBLIC) , banDateTime, userID]) | ||||
| 	glob.db.execute("UPDATE users SET privileges = privileges & %s, ban_datetime = %s WHERE id = %s", [ ~(privileges.USER_NORMAL | privileges.USER_PUBLIC | privileges.USER_PENDING_VERIFICATION) , banDateTime, userID]) | ||||
|  | ||||
| def unban(userID): | ||||
| 	""" | ||||
| @@ -433,6 +433,15 @@ def getPrivileges(userID): | ||||
| 	else: | ||||
| 		return 0 | ||||
|  | ||||
| def setPrivileges(userID, priv): | ||||
| 	""" | ||||
| 	Set userID's privileges in db | ||||
|  | ||||
| 	userID -- id of user | ||||
| 	priv -- privileges number | ||||
| 	""" | ||||
| 	glob.db.execute("UPDATE users SET privileges = %s WHERE id = %s", [priv, userID]) | ||||
|  | ||||
| def isInPrivilegeGroup(userID, groupName): | ||||
| 	groupPrivileges = glob.db.fetch("SELECT privileges FROM privileges_groups WHERE name = %s", [groupName]) | ||||
| 	if groupPrivileges == None: | ||||
| @@ -444,3 +453,168 @@ def isInPrivilegeGroup(userID, groupName): | ||||
| 	else: | ||||
| 		userPrivileges = getPrivileges(userID) | ||||
| 	return (userPrivileges == groupPrivileges) or (userPrivileges == (groupPrivileges | privileges.USER_DONOR)) | ||||
|  | ||||
|  | ||||
| def appendNotes(userID, notes, addNl = True): | ||||
| 	""" | ||||
| 	Append "notes" to current userID's "notes for CM" | ||||
|  | ||||
| 	userID -- id of user | ||||
| 	notes -- text to append | ||||
| 	addNl -- if True, prepend \n to notes. Optional. Default: True. | ||||
| 	""" | ||||
| 	if addNl == True: | ||||
| 		notes = "\n"+notes | ||||
| 	glob.db.execute("UPDATE users SET notes=CONCAT(COALESCE(notes, ''),%s) WHERE id = %s", [notes, userID]) | ||||
|  | ||||
|  | ||||
| def logHardware(userID, hashes, activation = False): | ||||
| 	""" | ||||
| 	Hardware log | ||||
|  | ||||
| 	Peppy's botnet structure (new line = "|", already split) | ||||
| 	[0] osu! version | ||||
| 	[1] plain mac addressed, separated by "." | ||||
| 	[2] mac addresses hash set | ||||
| 	[3] unique ID | ||||
| 	[4] disk ID | ||||
|  | ||||
| 	return -- True if hw is not banned, otherwise false | ||||
| 	""" | ||||
| 	# Make sure the strings are not empty | ||||
| 	for i in hashes: | ||||
| 		if i == "": | ||||
| 			log.warning("Invalid hash set ({}) for user {} in HWID check".format(hashes, userID), "bunk") | ||||
| 			return False | ||||
|  | ||||
| 	# Run some HWID checks on that user if he is not restricted | ||||
| 	if isRestricted(userID) == False: | ||||
| 		# Get username | ||||
| 		username = getUsername(userID) | ||||
|  | ||||
| 		# Get the list of banned or restricted users that have logged in from this or similar HWID hash set | ||||
| 		banned = glob.db.fetchAll("""SELECT users.id as userid, hw_user.occurencies, users.username FROM hw_user | ||||
| 						LEFT JOIN users ON users.id = hw_user.userid | ||||
| 						WHERE hw_user.userid != %(userid)s | ||||
| 						AND (IF(%(mac)s!='b4ec3c4334a0249dae95c284ec5983df', hw_user.mac = %(mac)s, 0) OR hw_user.unique_id = %(uid)s OR hw_user.disk_id = %(diskid)s) | ||||
| 						AND (users.privileges & 3 != 3)""", { | ||||
| 							"userid": userID, | ||||
| 							"mac": hashes[2], | ||||
| 							"uid": hashes[3], | ||||
| 							"diskid": hashes[4], | ||||
| 						}) | ||||
|  | ||||
| 		for i in banned: | ||||
| 			# Get the total numbers of logins | ||||
| 			total = glob.db.fetch("SELECT COUNT(*) AS count FROM hw_user WHERE userid = %s LIMIT 1", [userID]) | ||||
| 			# and make sure it is valid | ||||
| 			if total == None: | ||||
| 				continue | ||||
| 			total = total["count"] | ||||
|  | ||||
| 			# Calculate 10% of total | ||||
| 			perc = (total*10)/100 | ||||
|  | ||||
| 			if i["occurencies"] >= perc: | ||||
| 				# If the banned user has logged in more than 10% of the times from this user, restrict this user | ||||
| 				restrict(userID) | ||||
| 				appendNotes(userID, "-- Logged in from HWID ({hwid}) used more than 10% from user {banned} ({bannedUserID}), who is banned/restricted.".format( | ||||
| 					hwid=hashes[2:5], | ||||
| 					banned=i["username"], | ||||
| 					bannedUserID=i["userid"] | ||||
| 				)) | ||||
| 				log.warning("**{user}** ({userID}) has been restricted because he has logged in from HWID _({hwid})_ used more than 10% from banned/restricted user **{banned}** ({bannedUserID}), **possible multiaccount**.".format( | ||||
| 					user=username, | ||||
| 					userID=userID, | ||||
| 					hwid=hashes[2:5], | ||||
| 					banned=i["username"], | ||||
| 					bannedUserID=i["userid"] | ||||
| 				), "cm") | ||||
|  | ||||
| 	# Update hash set occurencies | ||||
| 	glob.db.execute(""" | ||||
| 				INSERT INTO hw_user (id, userid, mac, unique_id, disk_id, occurencies) VALUES (NULL, %s, %s, %s, %s, 1) | ||||
| 				ON DUPLICATE KEY UPDATE occurencies = occurencies + 1 | ||||
| 				""", [userID, hashes[2], hashes[3], hashes[4]]) | ||||
|  | ||||
| 	# Optionally, set this hash as 'used for activation' | ||||
| 	if activation == True: | ||||
| 		glob.db.execute("UPDATE hw_user SET activated = 1 WHERE userid = %s AND mac = %s AND unique_id = %s AND disk_id = %s", [userID, hashes[2], hashes[3], hashes[4]]) | ||||
|  | ||||
| 	# Access granted, abbiamo impiegato 3 giorni | ||||
| 	# We grant access even in case of login from banned HWID | ||||
| 	# because we call restrict() above so there's no need to deny the access. | ||||
| 	return True | ||||
|  | ||||
|  | ||||
| def resetPendingFlag(userID, success=True): | ||||
| 	""" | ||||
| 	Remove pending flag from an user. | ||||
|  | ||||
| 	userID -- ID of the user | ||||
| 	success -- if True, set USER_PUBLIC and USER_NORMAL flags too | ||||
| 	""" | ||||
| 	glob.db.execute("UPDATE users SET privileges = privileges & %s WHERE id = %s LIMIT 1", [~privileges.USER_PENDING_VERIFICATION, userID]) | ||||
| 	if success == True: | ||||
| 		glob.db.execute("UPDATE users SET privileges = privileges | %s WHERE id = %s LIMIT 1", [(privileges.USER_PUBLIC | privileges.USER_NORMAL), userID]) | ||||
|  | ||||
| def verifyUser(userID, hashes): | ||||
| 	# Check for valid hash set | ||||
| 	for i in hashes: | ||||
| 		if i == "": | ||||
| 			log.warning("Invalid hash set ({}) for user {} while verifying the account".format(str(hashes), userID), "bunk") | ||||
| 			return False | ||||
|  | ||||
| 	# Get username | ||||
| 	username = getUsername(userID) | ||||
|  | ||||
| 	# Make sure there are no other accounts activated with this exact mac/unique id/hwid | ||||
| 	match = glob.db.fetchAll("SELECT userid FROM hw_user WHERE (IF(%(mac)s != 'b4ec3c4334a0249dae95c284ec5983df', mac = %(mac)s, 0) OR unique_id = %(uid)s OR disk_id = %(diskid)s) AND userid != %(userid)s AND activated = 1 LIMIT 1", { | ||||
| 		"mac": hashes[2], | ||||
| 		"uid": hashes[3], | ||||
| 		"diskid": hashes[4], | ||||
| 		"userid": userID | ||||
| 	}) | ||||
|  | ||||
| 	if match: | ||||
| 		# This is a multiaccount, restrict other account and ban this account | ||||
|  | ||||
| 		# Get original userID and username (lowest ID) | ||||
| 		originalUserID = match[0]["userid"] | ||||
| 		originalUsername = getUsername(originalUserID) | ||||
|  | ||||
| 		# Ban this user and append notes | ||||
| 		ban(userID)	# this removes the USER_PENDING_VERIFICATION flag too | ||||
| 		appendNotes(userID, "-- {}'s multiaccount ({}), found HWID match while verifying account ({})".format(originalUsername, originalUserID, hashes[2:5])) | ||||
| 		appendNotes(originalUserID, "-- Has created multiaccount {} ({})".format(username, userID)) | ||||
|  | ||||
| 		# Restrict the original | ||||
| 		restrict(originalUserID) | ||||
|  | ||||
| 		# Discord message | ||||
| 		log.warning("User **{originalUsername}** ({originalUserID}) has been restricted because he has created multiaccount **{username}** ({userID}). The multiaccount has been banned.".format( | ||||
| 			originalUsername=originalUsername, | ||||
| 			originalUserID=originalUserID, | ||||
| 			username=username, | ||||
| 			userID=userID | ||||
| 		), "cm") | ||||
|  | ||||
| 		# Disallow login | ||||
| 		return False | ||||
| 	else: | ||||
| 		# No matches found, set USER_PUBLIC and USER_NORMAL flags and reset USER_PENDING_VERIFICATION flag | ||||
| 		resetPendingFlag(userID) | ||||
| 		log.info("User **{}** ({}) has verified his account with hash set _{}_".format(username, userID, hashes[2:5]), "cm") | ||||
|  | ||||
| 		# Allow login | ||||
| 		return True | ||||
|  | ||||
| def hasVerifiedHardware(userID): | ||||
| 	""" | ||||
| 	userID -- id of the user | ||||
| 	return -- True if hwid activation data is in db, otherwise false | ||||
| 	""" | ||||
| 	data = glob.db.fetch("SELECT id FROM hw_user WHERE userid = %s AND activated = 1 LIMIT 1", [userID]) | ||||
| 	if data != None: | ||||
| 		return True | ||||
| 	return False | ||||
|   | ||||
| @@ -22,6 +22,7 @@ matches = matchList.matchList() | ||||
| restarting = False | ||||
| pool = None | ||||
| fLocks = fileLocks.fileLocks() | ||||
| verifiedCache = {} | ||||
| cloudflare = False | ||||
|  | ||||
| debug = False | ||||
|   | ||||
							
								
								
									
										2
									
								
								pep.py
									
									
									
									
									
								
							
							
						
						
									
										2
									
								
								pep.py
									
									
									
									
									
								
							| @@ -30,6 +30,7 @@ from handlers import apiIsOnlineHandler | ||||
| from handlers import apiOnlineUsersHandler | ||||
| from handlers import apiServerStatusHandler | ||||
| from handlers import ciTriggerHandler | ||||
| from handlers import apiVerifiedStatusHandler | ||||
|  | ||||
| from irc import ircserver | ||||
|  | ||||
| @@ -40,6 +41,7 @@ def make_app(): | ||||
| 		(r"/api/v1/onlineUsers", apiOnlineUsersHandler.handler), | ||||
| 		(r"/api/v1/serverStatus", apiServerStatusHandler.handler), | ||||
| 		(r"/api/v1/ciTrigger", ciTriggerHandler.handler), | ||||
| 		(r"/api/v1/verifiedStatus", apiVerifiedStatusHandler.handler), | ||||
| 	]) | ||||
|  | ||||
| if __name__ == "__main__": | ||||
|   | ||||
		Reference in New Issue
	
	Block a user