Closed sxbx23 closed 4 years ago
Edit: I can confirm it is an error with znote, I tried with Myacc and I could enter without any problem to the server
Fixed, OtservBR removed the 2FA column in their accounts table for some reason.
The reason is that the column is related to some feature that is present only on the site / login.php that is not related yet with the server, as we could login on the server without 2FA, if you need that column you can add it back creating it on the installation of the site, but it would be nice to keep things separated, and use FK to reference the server tables. We are trying to keep DB only with things that we are using now.
Sorry for breaking that, but we are updating things and we will sometimes break things, if we were stopped in time and were just updating XML stuff, items, and other basic thigs that wouldn't happen but also no new features and improvements was going to be made, so sometimes we need to give two steps forward and one backward, but keep moving.
@Costallat
This also works on client (sample from how TFS 1.3 has it implemented):
https://github.com/otland/forgottenserver/blob/09befdca6ad2ce9f0d5c308705095d5693fc7fe8/src/iologindata.cpp#L120-L141
This is why I had Two-factor authentication enabled on Znote AAC for loginWebService. This did work before with the client, thats why I added it.
But I don't understand why OTBR community removed Two-factor Authentication system on OtservBR-global. It is a very nice authentication feature. When I look at your sources in iologindata.cpp I see you have removed it. (Since "initial commit", so I guess who to blame is on the old repo). This was implemented in official release of TFS 1.2.
Did CipSoft remove it on latest tibia client? You should probably add it as a security feature.
@Znote cipbia did not removed the auth, its just this repo didnt added correctly how it should be.
@Znote
Thanks for that, I will check that, last time I played on the Global it was version 8. So I thought that it was more related to the OTC than with official client, and how I didn't find any place using it, I decided to remove it.
@joseluis2g
Can you do a PR and add it properly? If you know that it's wrong, you could help us to fix it
@joseluis2g We are still waiting your 'right' implementation of the 'auth field' or you are going to just consume and complains about things?
sure but I dont use this AAC. maybe you dont understand how new protocols works as you said but TFS already has this implementation done with the modification of the session key data that now uses 4 strings instead of 2, so its not a problem of this great repo but clearly you didnt checked first and thats not a problem for sure. And yeah its also client related.
Good, waiting your PR, don't need to be here, you can first fix the server and later fix it here. TFS fixed for old clients it needs to be update for newer.
@Costallat
Digged into TFS 1.2 sources, found these commits: Implementation (I think), db modifications and protocollogin authentication. https://github.com/otland/forgottenserver/commit/35691289b2b75c2983c19bf24906c6d723867485
gameserver authentication patch: https://github.com/otland/forgottenserver/commit/070b9eda88be1ef8d45ae858a206e288c398c79f
I think otservbr can skip the protocollogin patch (protocollogin not in use for client 12?) And apply the implementation and gameserver authentication.
Then, client 12 will ask for 2FA code when you login with email and password, and loginWebService (etc Znote AAC login.php) will pass that along so the player can connect (and re-authenticate) when they select a player to the gameserver.
I might give it a try, but promise nothing as I'm pretty bad at C++. :P
I installed Znote today and I'm getting this error when I try to log in to the server. The info in config.php, the ip , server name, serverpath, mysql, etc.. is all correct. I am using Uniserver XIV, OTservbrGlobal and Znote Acc downloaded today. the error appears even when the server is offline. that's why i think it's a znote's login error