phaneron/Kelsidavis-WoWee
1
0
Fork 0
mirror of https://github.com/Kelsidavis/WoWee.git synced 2026-03-23 15:50:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 41

Store password hash instead of plaintext for login persistence

Browse source 
Save SHA1(UPPER(user):UPPER(pass)) hash to login.cfg instead of the
plaintext password. On subsequent logins, use the stored hash directly
with a new authenticateWithHash() method that bypasses password hashing.
The password field shows a placeholder when using a stored hash.
This commit is contained in:
Kelsi 2026-02-05 15:09:16 -08:00
parent de8c195eaf
commit 669d89c108
6 changed files with 107 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

26
src/auth/auth_handler.cpp
View file

@ -93,6 +93,32 @@ void AuthHandler::authenticate(const std::string& user, const std::string& pass)
sendLogonChallenge();
}
void AuthHandler::authenticateWithHash(const std::string& user, const std::vector<uint8_t>& authHash) {
if (!isConnected()) {
LOG_ERROR("Cannot authenticate: not connected to auth server");
fail("Not connected");
return;
}
if (state != AuthState::CONNECTED) {
LOG_ERROR("Cannot authenticate: invalid state");
fail("Invalid state");
return;
}
LOG_INFO("Starting authentication for user (with hash): ", user);
username = user;
password.clear();
// Initialize SRP with pre-computed hash
srp = std::make_unique<SRP>();
srp->initializeWithHash(username, authHash);
// Send LOGON_CHALLENGE
sendLogonChallenge();
}
void AuthHandler::sendLogonChallenge() {
LOG_DEBUG("Sending LOGON_CHALLENGE");