From 9e6d128839dba923017396839521a7815459d21c Mon Sep 17 00:00:00 2001 From: olcxja Date: Wed, 27 May 2026 19:41:30 +0200 Subject: [PATCH] Make most requests use id instead of username --- webroot/login/index.html | 12 ++++++++++- webroot/main.js | 45 ++++++++++++++++++++++++++++------------ 2 files changed, 43 insertions(+), 14 deletions(-) diff --git a/webroot/login/index.html b/webroot/login/index.html index 46dbbaec..f08c07e8 100644 --- a/webroot/login/index.html +++ b/webroot/login/index.html @@ -326,11 +326,15 @@ if (res.startsWith("success:")) { - showBlahNotification(res); + let parts = res.split("|"); + showBlahNotification(parts[0]); await delay(800); localStorage.setItem("username", loginUsername.value); localStorage.setItem("password", loginPassword.value); localStorage.setItem("host", loginHost.value); + if (parts.length > 1) { + localStorage.setItem("id", parts[1]); + } await loadingFadeIn(); @@ -428,6 +432,12 @@ if (res.startsWith("success")) { showBlahNotification(res); await delay(1000); + + let resolvedId = await fetchAsync(`${url}/nametoid?u=${registerUsername.value}`); + if (resolvedId && !resolvedId.startsWith("error:")) { + localStorage.setItem("id", resolvedId.split(":")[0]); + } + localStorage.setItem("username", registerUsername.value); localStorage.setItem("password", registerPassword.value); localStorage.setItem("host", registerHost.value); diff --git a/webroot/main.js b/webroot/main.js index d45d8087..163520fc 100644 --- a/webroot/main.js +++ b/webroot/main.js @@ -78,14 +78,14 @@ function delay(time) { return new Promise(resolve => setTimeout(resolve, time)); } -async function packetEncPass(pass, key, username) { - return await encryptWithNonce(pass, key, getNonce(username, key)); +async function packetEncPass(pass, key, accountId) { + return await encryptWithNonce(pass, key, getNonce(accountId, key)); } -async function getNonce(username, key) { +async function getNonce(accountId, key) { let nonce; - let fetchRes = await (await fetch(`${url}/nextnonce?u=${username}`)).text(); + let fetchRes = await (await fetch(`${url}/nextnonce?id=${accountId}`)).text(); try { nonce = await decryptString(fetchRes, key); @@ -264,7 +264,7 @@ async function fetchPost(url, value) { method: "POST", body: value, headers: { - "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(username, passwordHash)) + "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(id, passwordHash)) } }); let data = await response.text(); @@ -272,7 +272,7 @@ async function fetchPost(url, value) { } async function fetchPostEnc(url, value) { - let nonce = await getNonce(username, passwordHash); + let nonce = await getNonce(id, passwordHash); let response = await fetch(url, { method: "POST", body: await encryptWithNonce(value, passwordHash, nonce), @@ -297,7 +297,7 @@ async function fetchAsyncWAuth(url) { let response = await fetch(url, { method: "GET", headers: { - "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(username, passwordHash)) + "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(id, passwordHash)) } }); @@ -310,16 +310,25 @@ async function getServerInfo(host) { return JSON.parse(await fetchAsync(`${prot}//${host}/_larpix/serverinfo`)); } -async function Auth(username, password) { - let passwordHash = await hashSHA3_512(password); - let response = await fetch(`${url}/auth?u=${username}`, { +async function Auth(loginUsername, loginPassword) { + let resolvedId = await fetchAsync(`${url}/nametoid?u=${loginUsername}`); + if (!resolvedId || resolvedId.trim() === "" || resolvedId.startsWith("error:")) { + return "error:invalid.username.or.password"; + } + let actualId = resolvedId.split(":")[0]; + + let passwordHash = await hashSHA3_512(loginPassword); + let response = await fetch(`${url}/auth?id=${actualId}`, { method: "GET", headers: { - "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(username, passwordHash)) + "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(actualId, passwordHash)) } }); let data = await response.text(); + if (data.startsWith("success:")) { + data += "|" + actualId; + } return data; } @@ -327,9 +336,9 @@ async function Auth(username, password) { async function fetchEncrypted(request, body = "") { - let nonce = await getNonce(username, passwordHash); + let nonce = await getNonce(id, passwordHash); - let response = await fetch(`${url}/encryptedrequest?u=${username}`, { + let response = await fetch(`${url}/encryptedrequest?id=${id}`, { method: "POST", body: await encryptWithNonce( JSON.stringify({ @@ -656,6 +665,7 @@ function getLang() { return (navigator.language || navigator.languages[0]); } +var id = ""; var password = ""; var username = ""; var passwordHash = ""; @@ -670,8 +680,17 @@ async function mainJS() { lang = localStorage.getItem('lang'); } + if (!id && username) { + let resolvedId = await fetchAsync(`${url}/nametoid?u=${username}`); + if (resolvedId && !resolvedId.startsWith("error:")) { + id = resolvedId.split(":")[0]; + localStorage.setItem("id", id); + } + } + await start(); } +id = localStorage.getItem('id'); username = localStorage.getItem('username'); password = localStorage.getItem('password'); host = localStorage.getItem('host');