Passwords
#1

Hello.I made a registration system but the password is saved as it is in the .ini files.Can you please tell me how to make it saved as a hash?
I added this on top of my script
Код:
native WP_Hash(_buffer[], len, const str[]);
So what to do next?
Reply
#2

Your registration system needs something similar to this.
pawn Код:
new hashPassword[129];
WP_Hash(hashPassword, 129, inputtext);
That will store the users password in a string called 'hashPassword'.

Then just use your saving system to store the players password in a file.

Using Y_INI's.
pawn Код:
INI_WriteString(File,"Password",hashPassword);
Is that what you wanted?
Reply
#3

What about the login.I figured out how to save the password as a hash but then when I try to login it says wrong password
Reply
#4

Load the hashed password and check if the two strings are equal.

pawn Код:
// Login via dialog (an example)
new hashPassword[129];
WP_Hash(hashPassword, 129, inputtext);

// Let's say PlayerInfo[playerid][pPassword] stores the loaded password.
if(!strcmp(hashPassword, PlayerInfo[playerid][pPassword], false))
{
    // correct password
}
else
{
    // wrong password
}
Reply
#5

Okay thank you
if you want you can PM me and when I reach 50 posts I will +rep you
Reply
#6

I did just like you told me but it's still not working.
Reply
#7

It works if you do it correctly. Show us the code.

By the way, you could debug it and see the results:
pawn Код:
// Let's say PlayerInfo[playerid][pPassword] stores the loaded password.
printf("Is \"%s\" same as \"%s\"?", hashPassword, PlayerInfo[playerid][pPassword]);
if(!strcmp(hashPassword, PlayerInfo[playerid][pPassword], false))
{
    // correct password
}
else
{
    // wrong password
}
Test it and show us what it prints to the console.
Reply
#8

This is my OnDialogResponse
Код:
public OnDialogResponse(playerid, dialogid, response, listitem, inputtext[])
{
    new string[124];
    switch(dialogid)
    {
    	case 1:
     	{
      		if(!response) return Kick(playerid);

			if(strlen(inputtext) < 6 || strlen(inputtext) > 32)
   			{
      			SendClientMessage(playerid, COL_GREY, "Please enter a password that is greater than 6 characters and less than 32 characters.");
         		ShowPlayerDialog(playerid, 1, DIALOG_STYLE_PASSWORD, "Welcome to "ServerName"", "Enter your desired password below to sucessfully register.", "Continue", "Cancel");
           		return 1;
             }
             else
             {
             	RegisterPlayer(playerid, inputtext);
              	PlayerVar[playerid][Authenticated] = 1;
               	format(PlayerVar[playerid][Name], MAX_PLAYER_NAME, GetPlayersNameWithUnderScore(playerid));
                new hashPassword[129];
				WP_Hash(hashPassword, 129, inputtext);
                format(PlayerVar[playerid][Accent], 32, "American");
                GetPlayerIp(playerid, PlayerVar[playerid][IP], 32);
                }
			}
                case 2:
                {
                	if(!response) return Kick(playerid);

					format(string, sizeof(string), "Users/%s.ini", GetPlayersNameWithUnderScore(playerid));
     				if(fexist(string))
         			{
         			new hashPassword[129];
					WP_Hash(hashPassword, 129, inputtext);

               if(!strcmp(hashPassword, PlayerVar[playerid][Password], false))
               			{
                  			INI_ParseFile(string, "LoadPlayer_%s", .bExtra = true, .extra = playerid);
                     		PlayerVar[playerid][Authenticated] = 1;
                       		LoginPlayer(playerid);
                         }
                         else
                         {
                         	SendClientMessage(playerid, COL_GREY, "The password you entered does not match.");
                          	ShowPlayerDialog(playerid, 2, DIALOG_STYLE_PASSWORD, "Welcome back to "ServerName"", "This account is registered, Please enter your password below to authenticate.", "Continue", "Cancel");
                         }
                     }
                }
			}
	return 1;
}
And this is When a player registers
Код:
stock RegisterPlayer(playerid, hashPassword[])
{
	new string[64];
 	format(string, sizeof(string), "Users/%s.ini", GetPlayersNameWithUnderScore(playerid));

	if(!fexist(string))
	{
		new INI:account = INI_Open(string);
 		INI_SetTag(account, "data");
  		INI_WriteString(account, "PlayerName", GetPlayersNameWithUnderScore(playerid));
     	INI_WriteString(account,"Password",hashPassword);
     	INI_WriteInt(account, "AdminLevel", PlayerVar[playerid][AdminLevel]);
     	INI_WriteInt(account, "VIPLevel", PlayerVar[playerid][VIPLevel]);
      	INI_WriteString(account, "AdminName", "None");
       	INI_WriteInt(account, "SkinID", PlayerVar[playerid][Skin]);
        INI_WriteFloat(account, "Health", PlayerVar[playerid][Health], 0);
        INI_WriteFloat(account, "Armour", PlayerVar[playerid][Armour], 0);
        INI_WriteFloat(account, "LastXPos", PlayerVar[playerid][LastPos][0], 10);
        INI_WriteFloat(account, "LastYPos", PlayerVar[playerid][LastPos][1], 10);
        INI_WriteFloat(account, "LastZPos", PlayerVar[playerid][LastPos][2], 10);
        INI_WriteInt(account, "OnHandMoney", PlayerVar[playerid][Money]);
        INI_WriteInt(account, "LastWorld", PlayerVar[playerid][LastWorld]);
        INI_WriteInt(account, "LastInterior", PlayerVar[playerid][LastInterior]);
        INI_WriteString(account, "Accent", "American");
        INI_WriteString(account, "LastIP", PlayerVar[playerid][IP]);
        INI_WriteInt(account, "Banned", PlayerVar[playerid][Banned]);
        INI_Close(account);

		PlayerVar[playerid][Skin] = 299;
		SetPlayerSkin(playerid, 299);
  		SetSpawnInfo(playerid, 0, NewbieSkin, NewbiePosX, NewbiePosY, NewbiePosZ,0, 0, 0, 0, 0, 0, 0);
    	SpawnPlayer(playerid);
     	SetPlayerVirtualWorld(playerid, NewbieWorld);
      	SetPlayerInterior(playerid, NewbieInt);
       	T_GivePlayerMoney(playerid, NewbieCash);
       	PlayerVar[playerid][Money] = NewbieCash;
	}
 	return 1;
}
Reply
#9

pawn Код:
RegisterPlayer(playerid, inputtext);
If you register with password "test", it will write to the file "test" for password. When it's time to login, you hash the password first and that's why they do not match.

Replace to:
pawn Код:
new hashPassword[129];
WP_Hash(hashPassword, 129, inputtext);
RegisterPlayer(playerid, hashPassword);
Reply
#10

Still not working...
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)