From 9cdf2b5902b692bed2d27c28bd51a506d052bbfb Mon Sep 17 00:00:00 2001
From: Simon Robertshaw <simon@hardwired.org.uk>
Date: Wed, 25 Jan 2012 00:57:39 +0000
Subject: [PATCH] Login complete (minus brokenness)

---
 src/client/Client.cpp    | 60 ++++++++++++++++++++++++++++++----------
 src/client/Client.h      |  2 +-
 src/client/HTTP.cpp      |  9 +++---
 src/client/HTTP.h        |  2 ++
 src/login/LoginModel.cpp | 13 ++-------
 5 files changed, 55 insertions(+), 31 deletions(-)

diff --git a/src/client/Client.cpp b/src/client/Client.cpp
index d0bfd978e..0070e65af 100644
--- a/src/client/Client.cpp
+++ b/src/client/Client.cpp
@@ -7,6 +7,7 @@
 
 #include "Config.h"
 #include "Client.h"
+#include "MD5.h"
 #include "Graphics.h"
 
 #include "interface/Point.h"
@@ -41,29 +42,60 @@ Client::~Client()
 
 LoginStatus Client::Login(string username, string password)
 {
+	lastError = "";
 	std::stringstream urlStream;
+	std::stringstream hashStream;
+	unsigned char cHashData[16];
+
+	//Build hash of username + password
+	struct md5_context md5;
+	md5_init(&md5);
+	md5_update(&md5, (unsigned char *)username.c_str(), username.length());
+	md5_update(&md5, (unsigned char *)"-", 1);
+	md5_update(&md5, (unsigned char *)password.c_str(), password.length());
+	md5_final(cHashData, &md5);
+	//Make sure hash is Hex
+	//char * cHashHex = (char *)malloc(33);
+	for(int i = 0; i < 16; i++)
+	{
+		hashStream << hexChars[cHashData[i]>>4] << hexChars[cHashData[i]&15];
+		//cHashHex[i*2] = hex[cHashData[i]>>4];
+		//cHashHex[i*2+1] = hex[cHashData[i]&15];
+	}
+	//cHashHex[32] = 0;
+
 	char * data;
 	int dataStatus, dataLength;
-	data = http_auth_get("http://" SERVER "/Login.json", (char*)username.c_str(), (char*)password.c_str(), NULL, &dataStatus, &dataLength);
+	char * postNames[] = { "Username", "Hash", NULL };
+	char * postDatas[] = { (char*)username.c_str(), (char*)hashStream.str().c_str() };
+	int postLengths[] = { username.length(), hashStream.str().length() };
+	data = http_multipart_post("http://" SERVER "/Login.json", postNames, postDatas, postLengths, NULL, NULL, NULL, &dataStatus, &dataLength);
+	//data = http_auth_get("http://" SERVER "/Login.json", (char*)username.c_str(), (char*)password.c_str(), NULL, &dataStatus, &dataLength);
 	std::cout << data << std::endl;
 	if(dataStatus == 200 && data)
 	{
-		std::istringstream dataStream(data);
-		json::Object objDocument;
-		json::Reader::Read(objDocument, dataStream);
-		json::Number tempStatus = objDocument["Status"];
+		try
+		{
+			std::istringstream dataStream(data);
+			json::Object objDocument;
+			json::Reader::Read(objDocument, dataStream);
+			json::Number tempStatus = objDocument["Status"];
 
-		free(data);
-		if(tempStatus.Value() == 1)
-		{
-			return LoginOkay;
+			free(data);
+			if(tempStatus.Value() == 1)
+			{
+				return LoginOkay;
+			}
+			else
+			{
+				json::String tempError = objDocument["Error"];
+				lastError = tempError.Value();
+				return LoginError;
+			}
 		}
-		else if(tempStatus.Value() == 0)
-		{
-			return LoginPasswordInvalid;
-		}
-		else
+		catch (json::Exception &e)
 		{
+			lastError = "Server responded with crap";
 			return LoginError;
 		}
 	}
diff --git a/src/client/Client.h b/src/client/Client.h
index 644fb06b9..ef6a35eab 100644
--- a/src/client/Client.h
+++ b/src/client/Client.h
@@ -12,7 +12,7 @@
 
 enum LoginStatus
 {
-	LoginPasswordInvalid, LoginUsernameInvalid, LoginOkay, LoginBanned, LoginError
+	LoginOkay, LoginError
 };
 
 class Client: public Singleton<Client>
diff --git a/src/client/HTTP.cpp b/src/client/HTTP.cpp
index 75145155f..a94ac73e1 100644
--- a/src/client/HTTP.cpp
+++ b/src/client/HTTP.cpp
@@ -679,7 +679,6 @@ char *http_simple_get(char *uri, int *ret, int *len)
 	}
 	return http_async_req_stop(ctx, ret, len);
 }
-static char hex[] = "0123456789abcdef";
 void http_auth_headers(void *ctx, char *user, char *pass, char *session_id)
 {
 	char *tmp;
@@ -702,8 +701,8 @@ void http_auth_headers(void *ctx, char *user, char *pass, char *session_id)
 			tmp = (char *)malloc(33);
 			for (i=0; i<16; i++)
 			{
-				tmp[i*2] = hex[hash[i]>>4];
-				tmp[i*2+1] = hex[hash[i]&15];
+				tmp[i*2] = hexChars[hash[i]>>4];
+				tmp[i*2+1] = hexChars[hash[i]&15];
 			}
 			tmp[32] = 0;
 			http_async_add_header(ctx, "X-Auth-Hash", tmp);
@@ -1032,8 +1031,8 @@ retry:
 			tmp = (char *)malloc(33);
 			for (i=0; i<16; i++)
 			{
-				tmp[i*2] = hex[hash[i]>>4];
-				tmp[i*2+1] = hex[hash[i]&15];
+				tmp[i*2] = hexChars[hash[i]>>4];
+				tmp[i*2+1] = hexChars[hash[i]&15];
 			}
 			tmp[32] = 0;
 			http_async_add_header(ctx, "X-Auth-Hash", tmp);
diff --git a/src/client/HTTP.h b/src/client/HTTP.h
index af0971c32..51b943809 100644
--- a/src/client/HTTP.h
+++ b/src/client/HTTP.h
@@ -20,6 +20,8 @@
 #ifndef HTTP_H
 #define HTTP_H
 
+static char hexChars[] = "0123456789abcdef";
+
 void http_init(char *proxy);
 void http_done(void);
 
diff --git a/src/login/LoginModel.cpp b/src/login/LoginModel.cpp
index 7940cf0d6..185df683b 100644
--- a/src/login/LoginModel.cpp
+++ b/src/login/LoginModel.cpp
@@ -24,17 +24,8 @@ void LoginModel::Login(string username, string password)
 		statusText = "Logged in";
 		loginStatus = true;
 		break;
-	case LoginPasswordInvalid:
-		statusText = "Username or Password incorrect";
-		break;
-	case LoginUsernameInvalid:
-		statusText = "Username incorrect";
-		break;
-	case LoginBanned:
-		statusText = "Banned: " + Client::Ref().GetLastError();
-		break;
-	default:
-		statusText = "Error";
+	case LoginError:
+		statusText = "Error: " + Client::Ref().GetLastError();
 		break;
 	}
 	notifyStatusChanged();