From d75d34d5f0d8793b5dd0ddf01340dccb30bc5600 Mon Sep 17 00:00:00 2001 From: kuroppoi <68156848+kuroppoi@users.noreply.github.com> Date: Fri, 29 Apr 2022 00:37:24 +0200 Subject: [PATCH] Auth token limit (#9) --- .../java/brainwine/gameserver/entity/player/Player.java | 7 +++++++ .../brainwine/gameserver/entity/player/PlayerManager.java | 2 ++ 2 files changed, 9 insertions(+) diff --git a/gameserver/src/main/java/brainwine/gameserver/entity/player/Player.java b/gameserver/src/main/java/brainwine/gameserver/entity/player/Player.java index 34b5de3..45f1d98 100644 --- a/gameserver/src/main/java/brainwine/gameserver/entity/player/Player.java +++ b/gameserver/src/main/java/brainwine/gameserver/entity/player/Player.java @@ -70,6 +70,7 @@ public class Player extends Entity implements CommandExecutor { public static final int MAX_SPEED_X = 12; public static final int MAX_SPEED_Y = 25; public static final int HEARTBEAT_TIMEOUT = 30000; + public static final int MAX_AUTH_TOKENS = 3; private static int dialogDiscriminator; @JacksonInject("documentId") @@ -531,6 +532,12 @@ public class Player extends Entity implements CommandExecutor { authTokens.clear(); } + protected void clearOldestAuthTokens() { + while(authTokens.size() > MAX_AUTH_TOKENS) { + authTokens.remove(0); + } + } + protected void addAuthToken(String authToken) { authTokens.add(authToken); } diff --git a/gameserver/src/main/java/brainwine/gameserver/entity/player/PlayerManager.java b/gameserver/src/main/java/brainwine/gameserver/entity/player/PlayerManager.java index b441d99..d8f9534 100644 --- a/gameserver/src/main/java/brainwine/gameserver/entity/player/PlayerManager.java +++ b/gameserver/src/main/java/brainwine/gameserver/entity/player/PlayerManager.java @@ -127,6 +127,8 @@ public class PlayerManager { return false; } + player.clearOldestAuthTokens(); + // Might not be very efficient... for(String hashedToken : player.getAuthTokens()) { if(BCrypt.checkpw(authToken, hashedToken)) {