Make most requests use id instead of username

2026-05-27 19:41:30 +02:00 · 2026-05-27 19:41:30 +02:00 · 9e6d128839
commit 9e6d128839
parent 2979881908
2 changed files with 43 additions and 14 deletions
--- a/webroot/login/index.html
+++ b/webroot/login/index.html
@ -326,11 +326,15 @@
            
            if (res.startsWith("success:"))
            {
-                showBlahNotification(res);
+                let parts = res.split("|");
+                showBlahNotification(parts[0]);
                await delay(800);
                localStorage.setItem("username", loginUsername.value);
                localStorage.setItem("password", loginPassword.value);
                localStorage.setItem("host", loginHost.value);
+                if (parts.length > 1) {
+                    localStorage.setItem("id", parts[1]);
+                }

                await loadingFadeIn();
                
@ -428,6 +432,12 @@
                if (res.startsWith("success")) {
                    showBlahNotification(res);
                    await delay(1000);
+                    
+                    let resolvedId = await fetchAsync(`${url}/nametoid?u=${registerUsername.value}`);
+                    if (resolvedId && !resolvedId.startsWith("error:")) {
+                        localStorage.setItem("id", resolvedId.split(":")[0]);
+                    }
+
                    localStorage.setItem("username", registerUsername.value);
                    localStorage.setItem("password", registerPassword.value);
                    localStorage.setItem("host", registerHost.value);
--- a/webroot/main.js
+++ b/webroot/main.js
@ -78,14 +78,14 @@ function delay(time) {
    return new Promise(resolve => setTimeout(resolve, time));
 }

-async function packetEncPass(pass, key, username) {
-    return await encryptWithNonce(pass, key, getNonce(username, key));
+async function packetEncPass(pass, key, accountId) {
+    return await encryptWithNonce(pass, key, getNonce(accountId, key));
 }

-async function getNonce(username, key) {
+async function getNonce(accountId, key) {

    let nonce;
-    let fetchRes = await (await fetch(`${url}/nextnonce?u=${username}`)).text();
+    let fetchRes = await (await fetch(`${url}/nextnonce?id=${accountId}`)).text();

    try {
        nonce = await decryptString(fetchRes, key);
@ -264,7 +264,7 @@ async function fetchPost(url, value) {
        method: "POST",
        body: value,
        headers: {
-            "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(username, passwordHash))
+            "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(id, passwordHash))
        }
    });
    let data = await response.text();
@ -272,7 +272,7 @@ async function fetchPost(url, value) {
 }

 async function fetchPostEnc(url, value) {
-    let nonce = await getNonce(username, passwordHash);
+    let nonce = await getNonce(id, passwordHash);
    let response = await fetch(url, {
        method: "POST",
        body: await encryptWithNonce(value, passwordHash, nonce),
@ -297,7 +297,7 @@ async function fetchAsyncWAuth(url) {
    let response = await fetch(url, {
        method: "GET",
        headers: {
-            "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(username, passwordHash))
+            "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(id, passwordHash))
        }
    });

@ -310,16 +310,25 @@ async function getServerInfo(host) {
    return JSON.parse(await fetchAsync(`${prot}//${host}/_larpix/serverinfo`));
 }

-async function Auth(username, password) {
-    let passwordHash = await hashSHA3_512(password);
-    let response = await fetch(`${url}/auth?u=${username}`, {
+async function Auth(loginUsername, loginPassword) {
+    let resolvedId = await fetchAsync(`${url}/nametoid?u=${loginUsername}`);
+    if (!resolvedId || resolvedId.trim() === "" || resolvedId.startsWith("error:")) {
+        return "error:invalid.username.or.password";
+    }
+    let actualId = resolvedId.split(":")[0];
+
+    let passwordHash = await hashSHA3_512(loginPassword);
+    let response = await fetch(`${url}/auth?id=${actualId}`, {
        method: "GET",
        headers: {
-            "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(username, passwordHash))
+            "secret": await encryptWithNonce(passwordHash, passwordHash, await getNonce(actualId, passwordHash))
        }
    });

    let data = await response.text();
+    if (data.startsWith("success:")) {
+        data += "|" + actualId;
+    }
    return data;

 }
@ -327,9 +336,9 @@ async function Auth(username, password) {

 async function fetchEncrypted(request, body = "") {

-    let nonce = await getNonce(username, passwordHash);
+    let nonce = await getNonce(id, passwordHash);

-    let response = await fetch(`${url}/encryptedrequest?u=${username}`, {
+    let response = await fetch(`${url}/encryptedrequest?id=${id}`, {
        method: "POST",
        body: await encryptWithNonce(
            JSON.stringify({
@ -656,6 +665,7 @@ function getLang() {
    return (navigator.language || navigator.languages[0]);
 }

+var id = "";
 var password = "";
 var username = "";
 var passwordHash = "";
@ -670,8 +680,17 @@ async function mainJS() {
        lang = localStorage.getItem('lang');
    }

+    if (!id && username) {
+        let resolvedId = await fetchAsync(`${url}/nametoid?u=${username}`);
+        if (resolvedId && !resolvedId.startsWith("error:")) {
+            id = resolvedId.split(":")[0];
+            localStorage.setItem("id", id);
+        }
+    }
+
    await start();
 }
+id = localStorage.getItem('id');
 username = localStorage.getItem('username');
 password = localStorage.getItem('password');
 host = localStorage.getItem('host');