Commit aa599cff authored by Andrei Mihu's avatar Andrei Mihu
Browse files

Discrete authentication error response code and message for banned accounts.

parent 7eeab3d4

CHANGELOG.md

+1 −0
Original line number Diff line number Diff line
@@ -14,6 +14,7 @@ The format is based on [keep a changelog](http://keepachangelog.com) and this pr 
- Update protocol definitions to remove warnings from stricter Go package import paths. See [here](https://developers.google.com/protocol-buffers/docs/reference/go-generated#package).

- Move some Go packages to be internal.

- Improved rank caching strategy.

- Discrete authentication error response code and message for banned accounts.



## [2.13.0] - 2020-08-31

### Added

server/core_authenticate.go

+10 −10
Original line number Diff line number Diff line
@@ -67,7 +67,7 @@ func AuthenticateApple(ctx context.Context, logger *zap.Logger, db *sql.DB, clie 
		// Check if it's disabled.

		if dbDisableTime.Status == pgtype.Present && dbDisableTime.Time.Unix() != 0 {

			logger.Info("User account is disabled.", zap.String("appleID", profile.ID), zap.String("username", username), zap.Bool("create", create))

			return "", "", false, status.Error(codes.Unauthenticated, "Error finding or creating user account.")

			return "", "", false, status.Error(codes.PermissionDenied, "User account banned.")

		}



		return dbUserID, dbUsername, false, nil
@@ -128,7 +128,7 @@ func AuthenticateCustom(ctx context.Context, logger *zap.Logger, db *sql.DB, cus 
		// Check if it's disabled.

		if dbDisableTime.Status == pgtype.Present && dbDisableTime.Time.Unix() != 0 {

			logger.Info("User account is disabled.", zap.String("customID", customID), zap.String("username", username), zap.Bool("create", create))

			return "", "", false, status.Error(codes.Unauthenticated, "Error finding or creating user account.")

			return "", "", false, status.Error(codes.PermissionDenied, "User account banned.")

		}



		return dbUserID, dbUsername, false, nil
@@ -197,7 +197,7 @@ func AuthenticateDevice(ctx context.Context, logger *zap.Logger, db *sql.DB, dev 
		// Check if it's disabled.

		if dbDisableTime.Status == pgtype.Present && dbDisableTime.Time.Unix() != 0 {

			logger.Info("User account is disabled.", zap.String("deviceID", deviceID), zap.String("username", username), zap.Bool("create", create))

			return "", "", false, status.Error(codes.Unauthenticated, "Error finding or creating user account.")

			return "", "", false, status.Error(codes.PermissionDenied, "User account banned.")

		}



		return dbUserID, dbUsername, false, nil
@@ -296,7 +296,7 @@ func AuthenticateEmail(ctx context.Context, logger *zap.Logger, db *sql.DB, emai 
		// Check if it's disabled.

		if dbDisableTime.Status == pgtype.Present && dbDisableTime.Time.Unix() != 0 {

			logger.Info("User account is disabled.", zap.String("email", email), zap.String("username", username), zap.Bool("create", create))

			return "", "", false, status.Error(codes.Unauthenticated, "Error finding or creating user account.")

			return "", "", false, status.Error(codes.PermissionDenied, "User account banned.")

		}



		// Check if password matches.
@@ -364,7 +364,7 @@ func AuthenticateUsername(ctx context.Context, logger *zap.Logger, db *sql.DB, u 
	// Check if it's disabled.

	if dbDisableTime.Status == pgtype.Present && dbDisableTime.Time.Unix() != 0 {

		logger.Info("User account is disabled.", zap.String("username", username))

		return "", status.Error(codes.Unauthenticated, "Error finding or creating user account.")

		return "", status.Error(codes.PermissionDenied, "User account banned.")

	}



	// Check if the account has a password.
@@ -410,7 +410,7 @@ func AuthenticateFacebook(ctx context.Context, logger *zap.Logger, db *sql.DB, c 
		// Check if it's disabled.

		if dbDisableTime.Status == pgtype.Present && dbDisableTime.Time.Unix() != 0 {

			logger.Info("User account is disabled.", zap.String("facebookID", facebookProfile.ID), zap.String("username", username), zap.Bool("create", create))

			return "", "", false, status.Error(codes.Unauthenticated, "Error finding or creating user account.")

			return "", "", false, status.Error(codes.PermissionDenied, "User account banned.")

		}



		return dbUserID, dbUsername, false, nil
@@ -476,7 +476,7 @@ func AuthenticateFacebookInstantGame(ctx context.Context, logger *zap.Logger, db 
		// Check if it's disabled.

		if dbDisableTime.Status == pgtype.Present && dbDisableTime.Time.Unix() != 0 {

			logger.Info("User account is disabled.", zap.String("facebookInstantGameID", facebookInstantGameID), zap.String("username", username), zap.Bool("create", create))

			return "", "", false, status.Error(codes.Unauthenticated, "Error finding or creating user account.")

			return "", "", false, status.Error(codes.PermissionDenied, "User account banned.")

		}



		return dbUserID, dbUsername, false, nil
@@ -542,7 +542,7 @@ func AuthenticateGameCenter(ctx context.Context, logger *zap.Logger, db *sql.DB, 
		// Check if it's disabled.

		if dbDisableTime.Status == pgtype.Present && dbDisableTime.Time.Unix() != 0 {

			logger.Info("User account is disabled.", zap.String("gameCenterID", playerID), zap.String("username", username), zap.Bool("create", create))

			return "", "", false, status.Error(codes.Unauthenticated, "Error finding or creating user account.")

			return "", "", false, status.Error(codes.PermissionDenied, "User account banned.")

		}



		return dbUserID, dbUsername, false, nil
@@ -624,7 +624,7 @@ func AuthenticateGoogle(ctx context.Context, logger *zap.Logger, db *sql.DB, cli 
		// Check if it's disabled.

		if dbDisableTime.Status == pgtype.Present && dbDisableTime.Time.Unix() != 0 {

			logger.Info("User account is disabled.", zap.String("googleID", googleProfile.Sub), zap.String("username", username), zap.Bool("create", create))

			return "", "", false, status.Error(codes.Unauthenticated, "Error finding or creating user account.")

			return "", "", false, status.Error(codes.PermissionDenied, "User account banned.")

		}



		// Check if the display name or avatar received from Google have values but the DB does not.
@@ -716,7 +716,7 @@ func AuthenticateSteam(ctx context.Context, logger *zap.Logger, db *sql.DB, clie 
		// Check if it's disabled.

		if dbDisableTime.Status == pgtype.Present && dbDisableTime.Time.Unix() != 0 {

			logger.Info("User account is disabled.", zap.Error(err), zap.String("steamID", steamID), zap.String("username", username), zap.Bool("create", create))

			return "", "", false, status.Error(codes.Unauthenticated, "Error finding or creating user account.")

			return "", "", false, status.Error(codes.PermissionDenied, "User account banned.")

		}



		return dbUserID, dbUsername, false, nil