sxbx23
commented
4 years ago Edit: I can confirm it is an error with znote, I tried with Myacc and I could enter without any problem to the server
Closed sxbx23 closed 4 years ago
sxbx23
commented
4 years ago Edit: I can confirm it is an error with znote, I tried with Myacc and I could enter without any problem to the server
Znote
commented
4 years ago Fixed, OtservBR removed the 2FA column in their accounts table for some reason.
Costallat
commented
4 years ago The reason is that the column is related to some feature that is present only on the site / login.php that is not related yet with the server, as we could login on the server without 2FA, if you need that column you can add it back creating it on the installation of the site, but it would be nice to keep things separated, and use FK to reference the server tables. We are trying to keep DB only with things that we are using now.
Sorry for breaking that, but we are updating things and we will sometimes break things, if we were stopped in time and were just updating XML stuff, items, and other basic thigs that wouldn't happen but also no new features and improvements was going to be made, so sometimes we need to give two steps forward and one backward, but keep moving.
Znote
commented
4 years ago @Costallat
This also works on client (sample from how TFS 1.3 has it implemented):
https://github.com/otland/forgottenserver/blob/09befdca6ad2ce9f0d5c308705095d5693fc7fe8/src/iologindata.cpp#L120-L141
This is why I had Two-factor authentication enabled on Znote AAC for loginWebService. This did work before with the client, thats why I added it.
But I don't understand why OTBR community removed Two-factor Authentication system on OtservBR-global. It is a very nice authentication feature. When I look at your sources in iologindata.cpp I see you have removed it. (Since "initial commit", so I guess who to blame is on the old repo). This was implemented in official release of TFS 1.2.
Did CipSoft remove it on latest tibia client? You should probably add it as a security feature.
joseluis2g
commented
4 years ago @Znote cipbia did not removed the auth, its just this repo didnt added correctly how it should be.
Costallat
commented
4 years ago @Znote
Thanks for that, I will check that, last time I played on the Global it was version 8. So I thought that it was more related to the OTC than with official client, and how I didn't find any place using it, I decided to remove it.
@joseluis2g
Can you do a PR and add it properly? If you know that it's wrong, you could help us to fix it
Costallat
commented
4 years ago @joseluis2g We are still waiting your 'right' implementation of the 'auth field' or you are going to just consume and complains about things?
joseluis2g
commented
4 years ago sure but I dont use this AAC. maybe you dont understand how new protocols works as you said but TFS already has this implementation done with the modification of the session key data that now uses 4 strings instead of 2, so its not a problem of this great repo but clearly you didnt checked first and thats not a problem for sure. And yeah its also client related.
Costallat
commented
4 years ago Good, waiting your PR, don't need to be here, you can first fix the server and later fix it here. TFS fixed for old clients it needs to be update for newer.
Znote
commented
3 years ago @Costallat
Digged into TFS 1.2 sources, found these commits: Implementation (I think), db modifications and protocollogin authentication. https://github.com/otland/forgottenserver/commit/35691289b2b75c2983c19bf24906c6d723867485
gameserver authentication patch: https://github.com/otland/forgottenserver/commit/070b9eda88be1ef8d45ae858a206e288c398c79f
I think otservbr can skip the protocollogin patch (protocollogin not in use for client 12?) And apply the implementation and gameserver authentication.
Then, client 12 will ask for 2FA code when you login with email and password, and loginWebService (etc Znote AAC login.php) will pass that along so the player can connect (and re-authenticate) when they select a player to the gameserver.
I might give it a try, but promise nothing as I'm pretty bad at C++. :P
I installed Znote today and I'm getting this error when I try to log in to the server. The info in config.php, the ip , server name, serverpath, mysql, etc.. is all correct. I am using Uniserver XIV, OTservbrGlobal and Znote Acc downloaded today. the error appears even when the server is offline. that's why i think it's a znote's login error