mirror of
https://git.sanhost.net/sanasol/hytale-f2p
synced 2026-03-01 02:41:46 -03:00
feat: identity protection UI, duplicate guards, name-lock enforcement (v2.4.6)
- Add password set/change/remove with loading states and double-click prevention - Add protected identity deletion flow (server-side password removal first) - Add restore flow for password-protected UUIDs (verify password before saving) - Add UUID duplicate checks in setUuidForUser (prevent accidental overwrites) - Add name-locked error handling in launch flow (server enforces registered name) - Sync shield icon across all identity mutation paths - Refresh identity dropdown after all password/identity operations - Propagate force flag through IPC for legitimate overwrites Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
sanasol
@@ -529,7 +529,7 @@ function getAllUuidMappingsArray() {
|
||||
* Validates UUID format before saving
|
||||
* Preserves original case of username
|
||||
*/
|
||||
function setUuidForUser(username, uuid) {
|
||||
function setUuidForUser(username, uuid, { force = false } = {}) {
|
||||
const { validate: validateUuid } = require('uuid');
|
||||
|
||||
if (!username || typeof username !== 'string' || !username.trim()) {
|
||||
@@ -543,15 +543,29 @@ function setUuidForUser(username, uuid) {
|
||||
const displayName = username.trim();
|
||||
const normalizedLookup = displayName.toLowerCase();
|
||||
|
||||
// 1. Update UUID store (source of truth)
|
||||
// 1. Check for existing entries — reject overwrite unless forced
|
||||
migrateUuidStoreIfNeeded();
|
||||
const uuidStore = loadUuidStore();
|
||||
const storeKey = Object.keys(uuidStore).find(k => k.toLowerCase() === normalizedLookup);
|
||||
if (storeKey && uuidStore[storeKey] !== uuid && !force) {
|
||||
console.log(`[Config] Rejected UUID overwrite for "${displayName}": existing ${uuidStore[storeKey]}, attempted ${uuid}`);
|
||||
return { success: false, error: 'duplicate', existingUuid: uuidStore[storeKey] };
|
||||
}
|
||||
// Check if UUID already used by a different name
|
||||
if (!force) {
|
||||
const existingByUuid = Object.entries(uuidStore).find(([k, v]) => v.toLowerCase() === uuid.toLowerCase() && k.toLowerCase() !== normalizedLookup);
|
||||
if (existingByUuid) {
|
||||
console.log(`[Config] Rejected duplicate UUID for "${displayName}": UUID ${uuid} already used by "${existingByUuid[0]}"`);
|
||||
return { success: false, error: 'uuid_in_use', existingUsername: existingByUuid[0] };
|
||||
}
|
||||
}
|
||||
|
||||
// 2. Update UUID store (source of truth)
|
||||
if (storeKey) delete uuidStore[storeKey];
|
||||
uuidStore[displayName] = uuid;
|
||||
saveUuidStore(uuidStore);
|
||||
|
||||
// 2. Update config.json (backward compat)
|
||||
// 3. Update config.json (backward compat)
|
||||
const config = loadConfig();
|
||||
const userUuids = config.userUuids || {};
|
||||
const existingKey = Object.keys(userUuids).find(k => k.toLowerCase() === normalizedLookup);
|
||||
@@ -560,7 +574,7 @@ function setUuidForUser(username, uuid) {
|
||||
saveConfig({ userUuids });
|
||||
|
||||
console.log(`[Config] UUID set for "${displayName}": ${uuid}`);
|
||||
return uuid;
|
||||
return { success: true, uuid };
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -619,7 +633,7 @@ function resetCurrentUserUuid() {
|
||||
const { v4: uuidv4 } = require('uuid');
|
||||
const newUuid = uuidv4();
|
||||
|
||||
return setUuidForUser(username, newUuid);
|
||||
return setUuidForUser(username, newUuid, { force: true });
|
||||
}
|
||||
|
||||
// =============================================================================
|
||||
|
||||
@@ -82,6 +82,12 @@ async function fetchAuthTokens(uuid, name, password) {
|
||||
err.usernameTaken = true;
|
||||
throw err;
|
||||
}
|
||||
if (response.status === 403 && errBody.name_locked) {
|
||||
const err = new Error(`This UUID is locked to username "${errBody.registeredName}". Change your identity name to match.`);
|
||||
err.nameLocked = true;
|
||||
err.registeredName = errBody.registeredName;
|
||||
throw err;
|
||||
}
|
||||
throw new Error(`Auth server returned ${response.status}`);
|
||||
}
|
||||
|
||||
@@ -123,7 +129,7 @@ async function fetchAuthTokens(uuid, name, password) {
|
||||
return { identityToken, sessionToken };
|
||||
} catch (error) {
|
||||
// Re-throw authentication errors — must not fall back to local tokens
|
||||
if (error.passwordRequired || error.lockedOut || error.usernameTaken) {
|
||||
if (error.passwordRequired || error.lockedOut || error.usernameTaken || error.nameLocked) {
|
||||
throw error;
|
||||
}
|
||||
console.error('Failed to fetch auth tokens:', error.message);
|
||||
@@ -694,7 +700,7 @@ async function launchGameWithVersionCheck(playerNameOverride = null, progressCal
|
||||
progressCallback(`Error: ${error.message}`, -1, null, null, null);
|
||||
}
|
||||
// Re-throw authentication errors so IPC handler can return proper flags
|
||||
if (error.passwordRequired || error.lockedOut || error.usernameTaken) {
|
||||
if (error.passwordRequired || error.lockedOut || error.usernameTaken || error.nameLocked) {
|
||||
throw error;
|
||||
}
|
||||
// Always return an error response instead of throwing
|
||||
|
||||
Reference in New Issue
Block a user