From ac40c7a74c15e0f61ba5bfcb4c6a6fb39993a87c Mon Sep 17 00:00:00 2001 From: Melanie Date: Fri, 4 Sep 2009 07:48:09 +0100 Subject: Fully implement unencrypted auth token operations --- OpenSim/Data/IAuthenticationData.cs | 4 +++ OpenSim/Data/MySQL/MySQLAuthenticationData.cs | 52 +++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) (limited to 'OpenSim/Data') diff --git a/OpenSim/Data/IAuthenticationData.cs b/OpenSim/Data/IAuthenticationData.cs index f848716..7753e04 100644 --- a/OpenSim/Data/IAuthenticationData.cs +++ b/OpenSim/Data/IAuthenticationData.cs @@ -48,5 +48,9 @@ namespace OpenSim.Data bool Store(AuthenticationData data); bool SetDataItem(UUID principalID, string item, string value); + + bool SetToken(UUID principalID, string token, int lifetime); + + bool CheckToken(UUID principalID, string token, int lifetime); } } diff --git a/OpenSim/Data/MySQL/MySQLAuthenticationData.cs b/OpenSim/Data/MySQL/MySQLAuthenticationData.cs index 19575ec..1ee64ce 100644 --- a/OpenSim/Data/MySQL/MySQLAuthenticationData.cs +++ b/OpenSim/Data/MySQL/MySQLAuthenticationData.cs @@ -39,6 +39,7 @@ namespace OpenSim.Data.MySQL { private string m_Realm; private List m_ColumnNames = null; + private int m_LastExpire = 0; public MySqlAuthenticationData(string connectionString, string realm) : base(connectionString) @@ -153,5 +154,56 @@ namespace OpenSim.Data.MySQL return false; } + + public bool SetToken(UUID principalID, string token, int lifetime) + { + if (System.Environment.TickCount - m_LastExpire > 30000) + DoExpire(); + + MySqlCommand cmd = new MySqlCommand("insert into tokens (UUID, token, validity) values (?principalID, ?token, date_add(now(), interval ?lifetime minute))"); + cmd.Parameters.AddWithValue("?principalID", principalID.ToString()); + cmd.Parameters.AddWithValue("?token", token); + cmd.Parameters.AddWithValue("?lifetime", lifetime.ToString()); + + if (ExecuteNonQuery(cmd) > 0) + { + cmd.Dispose(); + return true; + } + + cmd.Dispose(); + return false; + } + + public bool CheckToken(UUID principalID, string token, int lifetime) + { + if (System.Environment.TickCount - m_LastExpire > 30000) + DoExpire(); + + MySqlCommand cmd = new MySqlCommand("update tokens set validity = date_add(now(), interval ?lifetime minute) where UUID = ?principalID and token = ?token and validity > now()"); + cmd.Parameters.AddWithValue("?principalID", principalID.ToString()); + cmd.Parameters.AddWithValue("?token", token); + cmd.Parameters.AddWithValue("?lifetime", lifetime.ToString()); + + if (ExecuteNonQuery(cmd) > 0) + { + cmd.Dispose(); + return true; + } + + cmd.Dispose(); + + return false; + } + + private void DoExpire() + { + MySqlCommand cmd = new MySqlCommand("delete from tokens where validity < now()"); + ExecuteNonQuery(cmd); + + cmd.Dispose(); + + m_LastExpire = System.Environment.TickCount; + } } } -- cgit v1.1 From 67f803c919324f49e21279faa43c9578b625529e Mon Sep 17 00:00:00 2001 From: Melanie Date: Fri, 4 Sep 2009 08:10:05 +0100 Subject: Add the new AuthStore to migrations. Update OpenSim.Server.ini --- OpenSim/Data/MySQL/MySQLAuthenticationData.cs | 3 +++ OpenSim/Data/MySQL/Resources/001_AuthStore.sql | 21 +++++++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 OpenSim/Data/MySQL/Resources/001_AuthStore.sql (limited to 'OpenSim/Data') diff --git a/OpenSim/Data/MySQL/MySQLAuthenticationData.cs b/OpenSim/Data/MySQL/MySQLAuthenticationData.cs index 1ee64ce..afd59bd 100644 --- a/OpenSim/Data/MySQL/MySQLAuthenticationData.cs +++ b/OpenSim/Data/MySQL/MySQLAuthenticationData.cs @@ -45,6 +45,9 @@ namespace OpenSim.Data.MySQL : base(connectionString) { m_Realm = realm; + + Migration m = new Migration(m_Connection, GetType().Assembly, "AuthStore"); + m.Update(); } public AuthenticationData Get(UUID principalID) diff --git a/OpenSim/Data/MySQL/Resources/001_AuthStore.sql b/OpenSim/Data/MySQL/Resources/001_AuthStore.sql new file mode 100644 index 0000000..c7e16fb --- /dev/null +++ b/OpenSim/Data/MySQL/Resources/001_AuthStore.sql @@ -0,0 +1,21 @@ +begin; + +CREATE TABLE `auth` ( + `UUID` char(36) NOT NULL, + `passwordHash` char(32) NOT NULL default '', + `passwordSalt` char(32) NOT NULL default '', + `webLoginKey` varchar(255) NOT NULL default '', + PRIMARY KEY (`UUID`) +) ENGINE=InnoDB; + +CREATE TABLE `tokens` ( + `UUID` char(36) NOT NULL, + `token` varchar(255) NOT NULL, + `validity` datetime NOT NULL, + UNIQUE KEY `uuid_token` (`UUID`,`token`), + KEY `UUID` (`UUID`), + KEY `token` (`token`), + KEY `validity` (`validity`) +) ENGINE=InnoDB; + +commit; -- cgit v1.1