def handle(tornadoRequest):
# Data to return
responseToken = None
responseTokenString = "ayy"
responseData = bytes()
# Get IP from tornado request
requestIP = tornadoRequest.getRequestIP()
# Avoid exceptions
clientData = ["unknown", "unknown", "unknown", "unknown", "unknown"]
osuVersion = "unknown"
# Split POST body so we can get username/password/hardware data
# 2:-3 thing is because requestData has some escape stuff that we don't need
loginData = str(tornadoRequest.request.body)[2:-3].split("\\n")
try:
# Make sure loginData is valid
if len(loginData) < 3:
raise exceptions.invalidArgumentsException()
# Get HWID, MAC address and more
# Structure (new line = "|", already split)
# [0] osu! version
# [1] plain mac addressed, separated by "."
# [2] mac addresses hash set
# [3] unique ID
# [4] disk ID
splitData = loginData[2].split("|")
osuVersion = splitData[0] # osu! version
timeOffset = int(splitData[1]) # timezone
showCity = int(splitData[2]) # allow to show city
clientData = splitData[3].split(":")[:5] # security hash
blockNonFriendPM = int(splitData[4]) # allow PM
if len(clientData) < 4:
raise exceptions.forceUpdateException()
# Try to get the ID from username
username = str(loginData[0])
userID = userUtils.getID(username)
if not userID:
# Invalid username
raise exceptions.loginFailedException()
if not userUtils.checkLogin(userID, loginData[1]):
# Invalid password
raise exceptions.loginFailedException()
# Make sure we are not banned or locked
priv = userUtils.getPrivileges(userID)
if userUtils.isBanned(
userID) and priv & privileges.USER_PENDING_VERIFICATION == 0:
raise exceptions.loginBannedException()
if userUtils.isLocked(
userID) and priv & privileges.USER_PENDING_VERIFICATION == 0:
raise exceptions.loginLockedException()
# 2FA check
if userUtils.check2FA(userID, requestIP):
log.warning("Need 2FA check for user {}".format(loginData[0]))
raise exceptions.need2FAException()
# No login errors!
# Verify this user (if pending activation)
firstLogin = False
if priv & privileges.USER_PENDING_VERIFICATION > 0 or not userUtils.hasVerifiedHardware(
userID):
if userUtils.verifyUser(userID, clientData):
# Valid account
log.info("Account ID {} verified successfully!".format(userID))
glob.verifiedCache[str(userID)] = 1
firstLogin = True
else:
# Multiaccount detected
log.info("Account ID {} NOT verified!".format(userID))
glob.verifiedCache[str(userID)] = 0
raise exceptions.loginBannedException()
# Save HWID in db for multiaccount detection
hwAllowed = userUtils.logHardware(userID, clientData, firstLogin)
# This is false only if HWID is empty
# if HWID is banned, we get restricted so there's no
# need to deny bancho access
if not hwAllowed:
raise exceptions.haxException()
# Log user IP
userUtils.logIP(userID, requestIP)
# Log user osuver
kotrikhelper.setUserLastOsuVer(userID, osuVersion)
# Delete old tokens for that user and generate a new one
isTournament = "tourney" in osuVersion
numericVersion = re.sub(r'[^0-9.]', '', osuVersion)
if not isTournament:
glob.tokens.deleteOldTokens(userID)
if numericVersion < glob.conf.config["server"]["osuminver"]:
raise exceptions.forceUpdateException()
responseToken = glob.tokens.addToken(userID,
requestIP,
timeOffset=timeOffset,
tournament=isTournament)
responseTokenString = responseToken.token
# Check restricted mode (and eventually send message)
responseToken.checkRestricted()
# Send message if donor expires soon
if responseToken.privileges & privileges.USER_DONOR > 0:
expireDate = userUtils.getDonorExpire(responseToken.userID)
if expireDate - int(time.time()) <= 86400 * 3:
expireDays = round((expireDate - int(time.time())) / 86400)
expireIn = "{} days".format(
expireDays) if expireDays > 1 else "less than 24 hours"
responseToken.enqueue(
serverPackets.notification(
"Your donor tag expires in {}! When your donor tag expires, you won't have any of the donor privileges, like yellow username, custom badge and discord custom role and username color! If you wish to keep supporting Ripple and you don't want to lose your donor privileges, you can donate again by clicking on 'Support us' on Ripple's website."
.format(expireIn)))
# Deprecate telegram 2fa and send alert
if userUtils.deprecateTelegram2Fa(userID):
responseToken.enqueue(
serverPackets.notification(
"As stated on our blog, Telegram 2FA has been deprecated on 29th June 2018. Telegram 2FA has just been disabled from your account. If you want to keep your account secure with 2FA, please enable TOTP-based 2FA from our website https://ripple.moe. Thank you for your patience."
))
# Set silence end UNIX time in token
responseToken.silenceEndTime = userUtils.getSilenceEnd(userID)
# Get only silence remaining seconds
silenceSeconds = responseToken.getSilenceSecondsLeft()
# Get supporter/GMT
userGMT = False
if not userUtils.isRestricted(userID):
userSupporter = True
else:
userSupporter = False
userTournament = False
if responseToken.admin:
userGMT = True
if responseToken.privileges & privileges.USER_TOURNAMENT_STAFF > 0:
userTournament = True
# Server restarting check
if glob.restarting:
raise exceptions.banchoRestartingException()
"""
if userUtils.checkIfFlagged(userID):
responseToken.enqueue(serverPackets.notification("Staff suspect you of cheat! You have 5 days to make a full pc startup liveplay, or you will get restricted and you'll have to wait a month to appeal!"))
"""
# Check If today is 4/20 (Peppy Day)
if today == peppyday:
if glob.conf.extra["mode"]["peppyday"]:
responseToken.enqueue(
serverPackets.notification(
"Everyone on today will have peppy as their profile picture! Have fun on peppy day"
))
# Send login notification before maintenance message
if glob.banchoConf.config["loginNotification"] != "":
responseToken.enqueue(
serverPackets.notification(
glob.banchoConf.config["loginNotification"]))
# Maintenance check
if glob.banchoConf.config["banchoMaintenance"]:
if not userGMT:
# We are not mod/admin, delete token, send notification and logout
glob.tokens.deleteToken(responseTokenString)
raise exceptions.banchoMaintenanceException()
else:
# We are mod/admin, send warning notification and continue
responseToken.enqueue(
serverPackets.notification(
"Bancho is in maintenance mode. Only mods/admins have full access to the server.\nType !system maintenance off in chat to turn off maintenance mode."
))
# BAN CUSTOM CHEAT CLIENTS
# 0Ainu = First Ainu build
# b20190326.2 = Ainu build 2 (MPGH PAGE 10)
# b20190401.22f56c084ba339eefd9c7ca4335e246f80 = Ainu Aoba's Birthday Build
# b20190906.1 = Unknown Ainu build? (unreleased, I think)
# b20191223.3 = Unknown Ainu build? (Taken from most users osuver in cookiezi.pw)
# b20190226.2 = hqOsu (hq-af)
if glob.conf.extra["mode"]["anticheat"]:
# Ainu Client 2020 update
if tornadoRequest.request.headers.get("ainu") == "happy":
log.info(
"Account ID {} tried to use Ainu (Cheat) Client 2020!".
format(userID))
if userUtils.isRestricted(userID):
responseToken.enqueue(
serverPackets.notification(
"You're banned because you're currently using Ainu Client... Happy New Year 2020 and Enjoy your restriction :)"
))
#if glob.conf.config["discord"]["enable"] == True:
webhook = aobaHelper.Webhook(
glob.conf.config["discord"]["anticheat"],
color=0xadd8e6,
footer="Man... this is worst player. [ Login Gate AC ]"
)
webhook.set_title(
title="Catched some cheater Account ID {}".format(
userID))
webhook.set_desc(
"{} tried to use Ainu (Cheat) Client 2020! AGAIN!!!".
format(username))
log.info("Sent to webhook {} DONE!!".format(
glob.conf.config["discord"]["enable"]))
aobaHelper.Webhook.post()
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
#if glob.conf.config["discord"]["enable"] == True:
webhook = aobaHelper.Webhook(
glob.conf.config["discord"]["anticheat"],
color=0xadd8e6,
footer="Man... this is worst player. [ Login Gate AC ]"
)
webhook.set_title(
title="Catched some cheater Account ID {}".format(
userID))
webhook.set_desc(
"{} tried to use Ainu (Cheat) Client 2020 and got restricted!"
.format(username))
log.info("Sent to webhook {} DONE!!".format(
glob.conf.config["discord"]["enable"]))
webhook.post()
raise exceptions.loginCheatClientsException()
# Ainu Client 2019
elif aobaHelper.getOsuVer(userID) in [
"0Ainu", "b20190326.2",
"b20190401.22f56c084ba339eefd9c7ca4335e246f80",
"b20190906.1", "b20191223.3"
]:
log.info(
"Account ID {} tried to use Ainu (Cheat) Client!".format(
userID))
if userUtils.isRestricted(userID):
responseToken.enqueue(
serverPackets.notification(
"You're banned because you're currently using Ainu Client. Enjoy your restriction :)"
))
#if glob.conf.config["discord"]["enable"] == True:
webhook = aobaHelper.Webhook(
glob.conf.config["discord"]["anticheat"],
color=0xadd8e6,
footer="Man... this is worst player. [ Login Gate AC ]"
)
webhook.set_title(
title="Catched some cheater Account ID {}".format(
userID))
webhook.set_desc(
"{} tried to use Ainu (Cheat) Client! AGAIN!!!".format(
username))
log.info("Sent to webhook {} DONE!!".format(
glob.conf.config["discord"]["enable"]))
webhook.post()
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
#if glob.conf.config["discord"]["enable"] == True:
webhook = aobaHelper.Webhook(
glob.conf.config["discord"]["anticheat"],
color=0xadd8e6,
footer="Man... this is worst player. [ Login Gate AC ]"
)
webhook.set_title(
title="Catched some cheater Account ID {}".format(
userID))
webhook.set_desc(
"{} tried to use Ainu (Cheat) Client and got restricted!"
.format(username))
log.info("Sent to webhook {} DONE!!".format(
glob.conf.config["discord"]["enable"]))
webhook.post()
raise exceptions.loginCheatClientsException()
# hqOsu
elif aobaHelper.getOsuVer(userID) == "b20190226.2":
log.info("Account ID {} tried to use hqOsu!".format(userID))
if userUtils.isRestricted(userID):
responseToken.enqueue(
serverPackets.notification(
"Trying to use hqOsu in here? Well... No, sorry. We don't allow cheats here. Go play https://cookiezi.pw or others cheat server."
))
#if glob.conf.config["discord"]["enable"] == True:
webhook = aobaHelper.Webhook(
glob.conf.config["discord"]["anticheat"],
color=0xadd8e6,
footer="Man... this is worst player. [ Login Gate AC ]"
)
webhook.set_title(
title="Catched some cheater Account ID {}".format(
userID))
webhook.set_desc(
"{} tried to use hqOsu! AGAIN!!!".format(username))
log.info("Sent to webhook {} DONE!!".format(
glob.conf.config["discord"]["enable"]))
webhook.post()
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
#if glob.conf.config["discord"]["enable"] == True:
webhook = aobaHelper.Webhook(
glob.conf.config["discord"]["anticheat"],
color=0xadd8e6,
footer="Man... this is worst player. [ Login Gate AC ]"
)
webhook.set_title(
title="Catched some cheater Account ID {}".format(
userID))
webhook.set_desc(
"{} tried to use hqOsu and got restricted!".format(
username))
log.info("Sent to webhook {} DONE!!".format(
glob.conf.config["discord"]["enable"]))
webhook.post()
raise exceptions.loginCheatClientsException()
# Send all needed login packets
responseToken.enqueue(serverPackets.silenceEndTime(silenceSeconds))
responseToken.enqueue(serverPackets.userID(userID))
responseToken.enqueue(serverPackets.protocolVersion())
responseToken.enqueue(
serverPackets.userSupporterGMT(userSupporter, userGMT,
userTournament))
responseToken.enqueue(serverPackets.userPanel(userID, True))
responseToken.enqueue(serverPackets.userStats(userID, True))
# Channel info end (before starting!?! wtf bancho?)
responseToken.enqueue(serverPackets.channelInfoEnd())
# Default opened channels
# TODO: Configurable default channels
chat.joinChannel(token=responseToken, channel="#osu")
chat.joinChannel(token=responseToken, channel="#announce")
# Join admin channel if we are an admin
if responseToken.admin:
chat.joinChannel(token=responseToken, channel="#admin")
# Output channels info
for key, value in glob.channels.channels.items():
if value.publicRead and not value.hidden:
responseToken.enqueue(serverPackets.channelInfo(key))
# Send friends list
responseToken.enqueue(serverPackets.friendList(userID))
# Send main menu icon
if glob.banchoConf.config["menuIcon"] != "":
responseToken.enqueue(
serverPackets.mainMenuIcon(glob.banchoConf.config["menuIcon"]))
# Send online users' panels
with glob.tokens:
for _, token in glob.tokens.tokens.items():
if not token.restricted:
responseToken.enqueue(serverPackets.userPanel(
token.userID))
# Get location and country from ip.zxq.co or database
if glob.localize:
# Get location and country from IP
latitude, longitude = locationHelper.getLocation(requestIP)
if userID == 1000:
latitude, longitude = 34.676143, 133.938883
countryLetters = locationHelper.getCountry(requestIP)
country = countryHelper.getCountryID(countryLetters)
else:
# Set location to 0,0 and get country from db
log.warning("Location skipped")
latitude = 0
longitude = 0
countryLetters = "XX"
country = countryHelper.getCountryID(userUtils.getCountry(userID))
# Set location and country
responseToken.setLocation(latitude, longitude)
responseToken.country = country
# Set country in db if user has no country (first bancho login)
if userUtils.getCountry(userID) == "XX":
userUtils.setCountry(userID, countryLetters)
# Send to everyone our userpanel if we are not restricted or tournament
if not responseToken.restricted:
glob.streams.broadcast("main", serverPackets.userPanel(userID))
# Set reponse data to right value and reset our queue
responseData = responseToken.queue
responseToken.resetQueue()
except exceptions.loginFailedException:
# Login failed error packet
# (we don't use enqueue because we don't have a token since login has failed)
responseData += serverPackets.loginFailed()
except exceptions.invalidArgumentsException:
# Invalid POST data
# (we don't use enqueue because we don't have a token since login has failed)
responseData += serverPackets.loginFailed()
responseData += serverPackets.notification(
"I see what you're doing...")
except exceptions.loginBannedException:
# Login banned error packet
responseData += serverPackets.loginBanned()
except exceptions.loginLockedException:
# Login banned error packet
responseData += serverPackets.loginLocked()
except exceptions.loginCheatClientsException:
# Banned for logging in with cheats
responseData += serverPackets.loginCheats()
except exceptions.banchoMaintenanceException:
# Bancho is in maintenance mode
responseData = bytes()
if responseToken is not None:
responseData = responseToken.queue
responseData += serverPackets.notification(
"Our bancho server is in maintenance mode. Please try to login again later."
)
responseData += serverPackets.loginFailed()
except exceptions.banchoRestartingException:
# Bancho is restarting
responseData += serverPackets.notification(
"Bancho is restarting. Try again in a few minutes.")
responseData += serverPackets.loginFailed()
except exceptions.need2FAException:
# User tried to log in from unknown IP
responseData += serverPackets.needVerification()
except exceptions.haxException:
# Uh...
responseData += serverPackets.notification("Your HWID is banned.")
responseData += serverPackets.loginFailed()
except exceptions.forceUpdateException:
# This happens when you:
# - Using older build than config set
# - Using oldoldold client, we don't have client data. Force update.
# (we don't use enqueue because we don't have a token since login has failed)
responseData += serverPackets.forceUpdate()
except:
log.error("Unknown error!\n```\n{}\n{}```".format(
sys.exc_info(), traceback.format_exc()))
finally:
# Console and discord log
if len(loginData) < 3:
log.info(
"Invalid bancho login request from **{}** (insufficient POST data)"
.format(requestIP), "bunker")
# Return token string and data
return responseTokenString, responseData
def handle(tornadoRequest):
# I wanna benchmark!
t = Timer()
t.start()
# Data to return
responseToken = None
responseTokenString = ""
responseData = bytearray()
# Get IP from tornado request
requestIP = tornadoRequest.getRequestIP()
# Avoid exceptions
clientData = ("unknown", "unknown", "unknown", "unknown", "unknown")
osuVersion = "unknown"
# Split POST body so we can get username/password/hardware data
# 2:-3 thing is because requestData has some escape stuff that we don't need
loginData = str(tornadoRequest.request.body)[2:-3].split("\\n")
try:
# Make sure loginData is valid
if len(loginData) < 3:
log.error("Login error (invalid login data)!")
raise exceptions.invalidArgumentsException()
# Get HWID, MAC address and more
# Structure (new line = "|", already split)
# [0] osu! version
# [1] plain mac addressed, separated by "."
# [2] mac addresses hash set
# [3] unique ID
# [4] disk ID
splitData = loginData[2].split("|")
osuVersion = splitData[0]
timeOffset = int(splitData[1])
clientData = splitData[3].split(":")[:5]
if len(clientData) < 4:
raise exceptions.forceUpdateException()
# Try to get the ID from username
username = str(loginData[0])
safe_username = username.rstrip().replace(" ", "_").lower()
# Set stuff from single query rather than many userUtils calls.
user_db = glob.db.fetch(
"SELECT id, privileges, silence_end, donor_expire, frozen, "
"firstloginafterfrozen, freezedate FROM users "
"WHERE username_safe = %s LIMIT 1", (safe_username, ))
if not user_db:
# Invalid username
log.error(f"Login failed for user {username} (user not found)!")
responseData += serverPackets.notification(
"RealistikOsu: This user does not exist!")
raise exceptions.loginFailedException()
userID = user_db["id"]
priv = int(user_db["privileges"])
silence_end = int(user_db["silence_end"])
donor_expire = int(user_db["donor_expire"])
if not verify_password(userID, loginData[1]):
# Invalid password
log.error(f"Login failed for user {username} (invalid password)!")
responseData += serverPackets.notification(
"RealistikOsu: Invalid password!")
raise exceptions.loginFailedException()
# Make sure we are not banned or locked
if (not priv & 3 > 0) and (
not priv & privileges.USER_PENDING_VERIFICATION):
log.error(f"Login failed for user {username} (user is banned)!")
raise exceptions.loginBannedException()
# No login errors!
# Verify this user (if pending activation)
firstLogin = False
if priv & privileges.USER_PENDING_VERIFICATION or not userUtils.hasVerifiedHardware(
userID):
if userUtils.verifyUser(userID, clientData):
# Valid account
log.info(f"Account {userID} verified successfully!")
glob.verifiedCache[str(userID)] = 1
firstLogin = True
else:
# Multiaccount detected
log.info(f"Account {userID} NOT verified!")
glob.verifiedCache[str(userID)] = 0
raise exceptions.loginBannedException()
# Save HWID in db for multiaccount detection
hwAllowed = userUtils.logHardware(userID, clientData, firstLogin)
# This is false only if HWID is empty
# if HWID is banned, we get restricted so there's no
# need to deny bancho access
if not hwAllowed:
raise exceptions.haxException()
# Log user IP
userUtils.logIP(userID, requestIP)
# Log user osuver
glob.db.execute("UPDATE users SET osuver = %s WHERE id = %s LIMIT 1",
[osuVersion, userID])
# Delete old tokens for that user and generate a new one
isTournament = "tourney" in osuVersion
if not isTournament:
glob.tokens.deleteOldTokens(userID)
responseToken = glob.tokens.addToken(userID,
requestIP,
timeOffset=timeOffset,
tournament=isTournament)
responseTokenString = responseToken.token
# Check restricted mode (and eventually send message)
# Cache this for less db queries
user_restricted = (priv & privileges.USER_NORMAL
) and not (priv & privileges.USER_PUBLIC)
if user_restricted: responseToken.setRestricted()
#responseToken.checkRestricted()
# Check if frozen
frozen = user_db["frozen"]
present = datetime.now()
readabledate = datetime.utcfromtimestamp(
user_db["freezedate"]).strftime('%d-%m-%Y %H:%M:%S')
date2 = datetime.utcfromtimestamp(
user_db["freezedate"]).strftime('%d/%m/%Y')
date3 = present.strftime('%d/%m/%Y')
passed = date2 < date3
if frozen and not passed:
responseToken.enqueue(
serverPackets.notification(
f"The RealistikOsu staff team has found you suspicious and would like to request a liveplay. You have until {readabledate} (UTC) to provide a liveplay to the staff team. This can be done via the RealistikCentral Discord server. Failure to provide a valid liveplay will result in your account being automatically restricted."
))
elif frozen and passed:
responseToken.enqueue(FREEZE_RES_NOTIF)
userUtils.restrict(responseToken.userID)
#we thank unfrozen people
if not frozen and user_db["firstloginafterfrozen"]:
responseToken.enqueue(UNFREEZE_NOTIF)
glob.db.execute(
f"UPDATE users SET firstloginafterfrozen = 0 WHERE id = {userID}"
)
# Send message if donor expires soon
if responseToken.privileges & privileges.USER_DONOR:
if donor_expire - int(time.time()) <= 86400 * 3:
expireDays = round((donor_expire - int(time.time())) / 86400)
expireIn = "{} days".format(
expireDays) if expireDays > 1 else "less than 24 hours"
responseToken.enqueue(
serverPackets.notification(
"Your supporter status expires in {}! Following this, you will lose your supporter privileges (such as the further profile customisation options, name changes or profile wipes) and will not be able to access supporter features. If you wish to keep supporting RealistikOsu and you don't want to lose your donor privileges, you can donate again by clicking on 'Donate' on our website."
.format(expireIn)))
# Get only silence remaining seconds
responseToken.silenceEndTime = silence_end
silenceSeconds = responseToken.getSilenceSecondsLeft()
# Get supporter/GMT
userGMT = False
userSupporter = not user_restricted
userTournament = False
userGMT = responseToken.admin
userTournament = bool(responseToken.privileges
& privileges.USER_TOURNAMENT_STAFF)
# Server restarting check
if glob.restarting: raise exceptions.banchoRestartingException()
# Maintenance check
if glob.banchoConf.config["banchoMaintenance"]:
if not userGMT:
# We are not mod/admin, delete token, send notification and logout
glob.tokens.deleteToken(responseTokenString)
raise exceptions.banchoMaintenanceException()
else:
# We are mod/admin, send warning notification and continue
responseToken.enqueue(
serverPackets.notification(
"Bancho is in maintenance mode. Only mods/admins have full access to the server.\nType !system maintenance off in chat to turn off maintenance mode."
))
# BAN CUSTOM CHEAT CLIENTS
# 0Ainu = First Ainu build
# b20190326.2 = Ainu build 2 (MPGH PAGE 10)
# b20190401.22f56c084ba339eefd9c7ca4335e246f80 = Ainu Aoba's Birthday Build
# b20191223.3 = Unknown Ainu build? (Taken from most users osuver in cookiezi.pw)
# b20190226.2 = hqOsu (hq-af)
# TODO: Rewrite this mess
# Ainu Client 2020 update
if tornadoRequest.request.headers.get("ainu"):
log.info(f"Account {userID} tried to use Ainu Client 2020!")
if user_restricted:
responseToken.enqueue(
serverPackets.notification(
"Note: AINU CLIENT IS DETECTED EVERYWHERE... ITS CREATORS LITERALLY ADDED A WAY TO EASILY DETECT."
))
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
userUtils.appendNotes(
userID, "User restricted on login for Ainu Client 2020.")
raise exceptions.loginCheatClientsException()
# Ainu Client 2019
elif osuVersion in ("0Ainu", "b20190326.2",
"b20190401.22f56c084ba339eefd9c7ca4335e246f80",
"b20191223.3"):
log.info(f"Account {userID} tried to use Ainu Client!")
if user_restricted:
responseToken.enqueue(
serverPackets.notification(
"Note: AINU CLIENT IS DETECTED EVERYWHERE..."))
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
userUtils.appendNotes(
userID,
"User restricted on login for Ainu Client 2019 (or older)."
)
raise exceptions.loginCheatClientsException()
# hqOsu
elif osuVersion == "b20190226.2":
log.info(f"Account {userID} tried to use hqOsu!")
if user_restricted:
responseToken.enqueue(serverPackets.notification("Comedian."))
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
userUtils.appendNotes(
userID, "User restricted on login for HQOsu (normal).")
raise exceptions.loginCheatClientsException()
#hqosu legacy
elif osuVersion == "b20190716.5":
log.info(f"Account {userID} tried to use hqOsu legacy!")
if user_restricted:
responseToken.enqueue(serverPackets.notification("Comedian."))
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
userUtils.appendNotes(
userID, "User restricted on login for HQOsu (legacy).")
raise exceptions.loginCheatClientsException()
# Budget Hacked client.
elif osuVersion.startswith("skoot"):
if user_restricted:
responseToken.enqueue(serverPackets.notification("Comedian."))
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
userUtils.appendNotes(userID, "Wack 2016 Scooter client.")
raise exceptions.loginCheatClientsException()
# Blanket cover for most retard clients, force update.
elif osuVersion[0] != "b":
glob.tokens.deleteToken(userID)
raise exceptions.haxException()
# Send all needed login packets
responseToken.enqueue(
bytearray(serverPackets.silenceEndTime(
silenceSeconds)) + # Fast addition
serverPackets.userID(userID) +
serverPackets.protocolVersion() + serverPackets.userSupporterGMT(
userSupporter, userGMT, userTournament) +
serverPackets.userPanel(userID, True) +
serverPackets.userStats(userID, True) +
serverPackets.channelInfoEnd())
# Default opened channels
# TODO: Configurable default channels
chat.joinChannel(token=responseToken, channel="#osu")
chat.joinChannel(token=responseToken, channel="#announce")
# Join admin channel if we are an admin
if responseToken.admin:
chat.joinChannel(token=responseToken, channel="#admin")
# Output channels info
for key, value in glob.channels.channels.items():
if value.publicRead and not value.hidden:
responseToken.enqueue(serverPackets.channelInfo(key))
# Send friends list
responseToken.enqueue(serverPackets.friendList(userID))
# Send main menu icon
if glob.banchoConf.config["menuIcon"] != "":
responseToken.enqueue(
serverPackets.mainMenuIcon(glob.banchoConf.config["menuIcon"]))
# Send online users' panels
with glob.tokens:
for _, token in glob.tokens.tokens.items():
if not token.restricted:
responseToken.enqueue(serverPackets.userPanel(
token.userID))
# Localise the user based off IP.
# Get location and country from IP
latitude, longitude, countryLetters = get_full(requestIP)
country = geo_helper.getCountryID(countryLetters)
# Set location and country
responseToken.setLocation(latitude, longitude)
responseToken.country = country
# Set country in db if user has no country (first bancho login)
if userUtils.getCountry(userID) == "XX":
userUtils.setCountry(userID, countryLetters)
# Send to everyone our userpanel if we are not restricted or tournament
if not responseToken.restricted:
glob.streams.broadcast("main", serverPackets.userPanel(userID))
#creating notification
t.end()
t_str = t.time_str()
online_users = len(glob.tokens.tokens)
# Wylie has his own quote he gets to enjoy only himself lmfao. UPDATE: Electro gets it too.
if userID in (4674, 3277):
quote = "I lost an S because I saw her lewd"
# Ced also gets his own AS HE DOESNT WANT TO CHECK FAST SPEED.
elif userID == 1002:
quote = "juSt Do iT"
# Me and relesto are getting one as well lmao. UPDATE: Sky and Aochi gets it too lmao.
elif userID in (1000, 1180, 3452, 4812):
quote = (
f"Hello I'm RealistikBot! The server's official bot to assist you, "
"if you want to know what I can do just type !help")
else:
quote = random.choice(glob.banchoConf.config['Quotes'])
notif = f"""- Online Users: {online_users}\n- {quote}"""
if responseToken.admin: notif += f"\n- Elapsed: {t_str}!"
responseToken.enqueue(serverPackets.notification(notif))
log.info(f"Authentication attempt took {t_str}!")
# Set reponse data to right value and reset our queue
responseData = responseToken.fetch_queue()
except exceptions.loginFailedException:
# Login failed error packet
# (we don't use enqueue because we don't have a token since login has failed)
responseData += serverPackets.loginFailed()
except exceptions.invalidArgumentsException:
# Invalid POST data
# (we don't use enqueue because we don't have a token since login has failed)
responseData += serverPackets.loginFailed()
responseData += serverPackets.notification("I have eyes y'know?")
except exceptions.loginBannedException:
# Login banned error packet
responseData += serverPackets.loginBanned()
except exceptions.loginLockedException:
# Login banned error packet
responseData += serverPackets.loginLocked()
except exceptions.loginCheatClientsException:
# Banned for logging in with cheats
responseData += serverPackets.loginCheats()
except exceptions.banchoMaintenanceException:
# Bancho is in maintenance mode
responseData = bytes()
if responseToken is not None:
responseData = responseToken.fetch_queue()
responseData += serverPackets.notification(
"Our bancho server is in maintenance mode. Please try to login again later."
)
responseData += serverPackets.loginFailed()
except exceptions.banchoRestartingException:
# Bancho is restarting
responseData += serverPackets.notification(
"Bancho is restarting. Try again in a few minutes.")
responseData += serverPackets.loginFailed()
except exceptions.need2FAException:
# User tried to log in from unknown IP
responseData += serverPackets.needVerification()
except exceptions.haxException:
# Using oldoldold client, we don't have client data. Force update.
# (we don't use enqueue because we don't have a token since login has failed)
responseData += serverPackets.forceUpdate()
responseData += serverPackets.notification("What...")
except:
log.error("Unknown error!\n```\n{}\n{}```".format(
sys.exc_info(), traceback.format_exc()))
finally:
# Console and discord log
if len(loginData) < 3:
log.info(
"Invalid bancho login request from **{}** (insufficient POST data)"
.format(requestIP), "bunker")
# Return token string and data
return responseTokenString, bytes(responseData)
def handle(tornadoRequest):
country = userID = osuVersion = requestIP = ""
atitude = longitude = 0
clientData = []
# Data to return
responseToken = None
responseTokenString = "ayy"
responseData = bytes()
def saveLoginRecord(status, note=""):
userUtils.saveLoginRecord(userID,
osuVersion,
requestIP,
status,
countryHelper.getCountryLetters(country),
latitude,
longitude,
clientData=clientData,
note=note)
# Get IP from tornado request
requestIP = tornadoRequest.getRequestIP()
# Avoid exceptions
clientData = ["unknown", "unknown", "unknown", "unknown", "unknown"]
osuVersion = "unknown"
# Split POST body so we can get username/password/hardware data
loginData = tornadoRequest.request.body.decode('utf-8')[:-1].split('\n')
try:
# Make sure loginData is valid
if len(loginData) < 3:
raise exceptions.invalidArgumentsException()
# Get HWID, MAC address and more
# Structure (new line = "|", already split)
# [0] osu! version
# [1] plain mac addressed, separated by "."
# [2] mac addresses hash set
# [3] unique ID
# [4] disk ID
splitData = loginData[2].split("|")
osuVersion = splitData[0]
osuVersionID = "".join(
filter(str.isdigit, (osuVersion.split(".") or [""])[0])) or 0
timeOffset = int(splitData[1])
clientData = splitData[3].split(":")[:5]
# old client?
if len(clientData) < 4:
raise exceptions.forceUpdateException()
# self client?
selfClient = len([
i for i in glob.conf.config["client"]["buildnames"].replace(
" ", "").split(",") if i and i in osuVersion
]) > 0
# smaller than minversion: refuse login
if selfClient and osuVersionID < glob.conf.config["client"][
"minversion"]:
raise exceptions.forceUpdateException()
# Try to get the ID from username
username = str(loginData[0])
userID = userUtils.getID(username)
if not userID:
# Invalid username
raise exceptions.loginFailedException()
if not userUtils.checkLogin(userID, loginData[1]):
# Invalid password
raise exceptions.loginFailedException()
# Make sure we are not banned or locked
priv = userUtils.getPrivileges(userID)
if userUtils.isBanned(
userID) and priv & privileges.USER_PENDING_VERIFICATION == 0:
raise exceptions.loginBannedException()
if userUtils.isLocked(
userID) and priv & privileges.USER_PENDING_VERIFICATION == 0:
raise exceptions.loginLockedException()
# 2FA check
if userUtils.check2FA(userID, requestIP):
log.warning("Need 2FA check for user {}".format(loginData[0]))
raise exceptions.need2FAException()
# No login errors!
# Verify this user (if pending activation)
firstLogin = False
if priv & privileges.USER_PENDING_VERIFICATION > 0 or not userUtils.hasVerifiedHardware(
userID):
if userUtils.verifyUser(userID, clientData):
# Valid account
log.info("Account {} verified successfully!".format(userID))
glob.verifiedCache[str(userID)] = 1
firstLogin = True
else:
# Multiaccount detected
log.info("Account {} NOT verified!".format(userID))
glob.verifiedCache[str(userID)] = 0
raise exceptions.loginBannedException()
# Save HWID in db for multiaccount detection
hwAllowed = userUtils.logHardware(userID, clientData, firstLogin)
# This is false only if HWID is empty
# if HWID is banned, we get restricted so there's no
# need to deny bancho access
if not hwAllowed:
raise exceptions.haxException()
# Log user IP
userUtils.logIP(userID, requestIP)
# Log user osuver
kotrikhelper.setUserLastOsuVer(userID, osuVersion)
log.info("User {}({}) login, client ver: {}, ip: {}".format(
username, userID, osuVersion, requestIP))
# Delete old tokens for that user and generate a new one
isTournament = "tourney" in osuVersion
if not isTournament:
glob.tokens.deleteOldTokens(userID)
responseToken = glob.tokens.addToken(userID,
requestIP,
timeOffset=timeOffset,
tournament=isTournament)
responseTokenString = responseToken.token
# Check restricted mode (and eventually send message)
responseToken.checkRestricted()
# Send message if donor expires soon
if responseToken.privileges & privileges.USER_DONOR > 0:
responseToken.enqueue(serverPackets.notification("欢迎您,高贵的撒泼特"))
#expireDate = userUtils.getDonorExpire(responseToken.userID)
#if expireDate-int(time.time()) <= 86400*3:
# expireDays = round((expireDate-int(time.time()))/86400)
# expireIn = "{} days".format(expireDays) if expireDays > 1 else "less than 24 hours"
# responseToken.enqueue(serverPackets.notification("Your donor tag expires in {}! When your donor tag expires, you won't have any of the donor privileges, like yellow username, custom badge and discord custom role and username color! If you wish to keep supporting Ripple and you don't want to lose your donor privileges, you can donate again by clicking on 'Support us' on Ripple's website.".format(expireIn)))
# Deprecate telegram 2fa and send alert
if userUtils.deprecateTelegram2Fa(userID):
responseToken.enqueue(
serverPackets.notification(
"As stated on our blog, Telegram 2FA has been deprecated on 29th June 2018. Telegram 2FA has just been disabled from your account. If you want to keep your account secure with 2FA, please enable TOTP-based 2FA from our website https://ripple.moe. Thank you for your patience."
))
# If the client version used is lower than stable, but still greater than minversion: tip
if selfClient and osuVersionID < glob.conf.config["client"][
"stableversion"]:
responseToken.enqueue(
serverPackets.notification(
"客户端有更新!请到osu!Kafuu官网:https://old.kafuu.pro 或 官方群(955377404)下载并使用最新客户端。\n不过您可以继续使用此客户端,直到它过期(可能很快)。所以请您最好尽快升级。"
))
# Set silence end UNIX time in token
responseToken.silenceEndTime = userUtils.getSilenceEnd(userID)
# Get only silence remaining seconds
silenceSeconds = responseToken.getSilenceSecondsLeft()
# Get supporter/GMT
userGMT = False
if not userUtils.isRestricted(userID):
userSupporter = True
else:
userSupporter = False
userTournament = False
if responseToken.admin:
userGMT = True
if responseToken.privileges & privileges.USER_TOURNAMENT_STAFF > 0:
userTournament = True
# Server restarting check
if glob.restarting:
raise exceptions.banchoRestartingException()
# Send login notification before maintenance message
loginNotification = glob.banchoConf.config["loginNotification"]
#creating notification
OnlineUsers = int(
glob.redis.get("ripple:online_users").decode("utf-8"))
Notif = "- Online Users: {}\n- {}".format(
OnlineUsers, loginNotification
) # - {random.choice(glob.banchoConf.config['Quotes'])}
responseToken.enqueue(serverPackets.notification(Notif))
# Maintenance check
if glob.banchoConf.config["banchoMaintenance"]:
if not userGMT:
# We are not mod/admin, delete token, send notification and logout
glob.tokens.deleteToken(responseTokenString)
raise exceptions.banchoMaintenanceException()
else:
# We are mod/admin, send warning notification and continue
responseToken.enqueue(
serverPackets.notification(
"Bancho is in maintenance mode. Only mods/admins have full access to the server.\nType !system maintenance off in chat to turn off maintenance mode."
))
# BAN CUSTOM CHEAT CLIENTS
# 0Ainu = First Ainu build
# b20190326.2 = Ainu build 2 (MPGH PAGE 10)
# b20190401.22f56c084ba339eefd9c7ca4335e246f80 = Ainu Aoba's Birthday Build
# b20191223.3 = Unknown Ainu build? (Taken from most users osuver in cookiezi.pw)
# b20190226.2 = hqOsu (hq-af)
if True:
# Ainu Client 2020 update
if tornadoRequest.request.headers.get("ainu") == "happy":
log.info(f"Account {userID} tried to use Ainu Client 2020!")
if userUtils.isRestricted(userID):
responseToken.enqueue(
serverPackets.notification(
"Ainu client... Really? Welp enjoy your ban! -Realistik"
))
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
raise exceptions.loginCheatClientsException()
# Ainu Client 2019
elif aobaHelper.getOsuVer(userID) in [
"0Ainu", "b20190326.2",
"b20190401.22f56c084ba339eefd9c7ca4335e246f80",
"b20191223.3"
]:
log.info(f"Account {userID} tried to use Ainu Client!")
if userUtils.isRestricted(userID):
responseToken.enqueue(
serverPackets.notification(
"Ainu client... Really? Welp enjoy your ban! -Realistik"
))
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
raise exceptions.loginCheatClientsException()
# hqOsu
elif aobaHelper.getOsuVer(userID) == "b20190226.2":
log.info(f"Account {userID} tried to use hqOsu!")
if userUtils.isRestricted(userID):
responseToken.enqueue(
serverPackets.notification(
"Trying to use hqOsu in here? Well... No, sorry. We don't allow cheats here. Go play on Aminosu."
))
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
raise exceptions.loginCheatClientsException()
#hqosu legacy
elif aobaHelper.getOsuVer(userID) == "b20190716.5":
log.info(f"Account {userID} tried to use hqOsu legacy!")
if userUtils.isRestricted(userID):
responseToken.enqueue(
serverPackets.notification(
"Trying to play with HQOsu Legacy? Cute..."))
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
raise exceptions.loginCheatClientsException()
# Send all needed login packets
responseToken.enqueue(serverPackets.silenceEndTime(silenceSeconds))
responseToken.enqueue(serverPackets.userID(userID))
responseToken.enqueue(serverPackets.protocolVersion())
responseToken.enqueue(
serverPackets.userSupporterGMT(userSupporter, userGMT,
userTournament))
responseToken.enqueue(serverPackets.userPanel(userID, True))
responseToken.enqueue(serverPackets.userStats(userID, True))
# Channel info end (before starting!?! wtf bancho?)
responseToken.enqueue(serverPackets.channelInfoEnd())
# Default opened channels
# TODO: Configurable default channels
chat.joinChannel(token=responseToken, channel="#osu")
chat.joinChannel(token=responseToken, channel="#announce")
# Join admin channel if we are an admin
if responseToken.admin:
chat.joinChannel(token=responseToken, channel="#admin")
# Output channels info
for key, value in glob.channels.channels.items():
if value.publicRead and not value.hidden:
responseToken.enqueue(serverPackets.channelInfo(key))
# Send friends list
responseToken.enqueue(serverPackets.friendList(userID))
# Send main menu icon
if glob.banchoConf.config["menuIcon"] != "":
responseToken.enqueue(
serverPackets.mainMenuIcon(glob.banchoConf.config["menuIcon"]))
# Send online users' panels
with glob.tokens:
for _, token in glob.tokens.tokens.items():
if not token.restricted:
responseToken.enqueue(serverPackets.userPanel(
token.userID))
# Get location and country from ip.zxq.co or database
if glob.localize:
# Get location and country from IP
latitude, longitude = locationHelper.getLocation(requestIP)
countryLetters = locationHelper.getCountry(requestIP)
country = countryHelper.getCountryID(countryLetters)
else:
# Set location to 0,0 and get country from db
log.warning("Location skipped")
countryLetters = "XX"
country = countryHelper.getCountryID(userUtils.getCountry(userID))
saveLoginRecord("success")
# Set location and country
responseToken.setLocation(latitude, longitude)
responseToken.country = country
# Set country in db if user has no country (first bancho login)
if userUtils.getCountry(userID) == "XX":
userUtils.setCountry(userID, countryLetters)
# Send to everyone our userpanel if we are not restricted or tournament
if not responseToken.restricted:
glob.streams.broadcast("main", serverPackets.userPanel(userID))
# Set reponse data to right value and reset our queue
responseData = responseToken.queue
responseToken.resetQueue()
except exceptions.loginFailedException:
# Login failed error packet
# (we don't use enqueue because we don't have a token since login has failed)
responseData += serverPackets.loginFailed()
saveLoginRecord("failed", note="Error packet")
except exceptions.invalidArgumentsException:
# Invalid POST data
# (we don't use enqueue because we don't have a token since login has failed)
responseData += serverPackets.loginFailed()
responseData += serverPackets.notification(
"I see what you're doing...")
saveLoginRecord("failed", note="Invalid POST data")
except exceptions.loginBannedException:
# Login banned error packet
responseData += serverPackets.loginBanned()
saveLoginRecord("failed", note="Banned")
except exceptions.loginLockedException:
# Login banned error packet
responseData += serverPackets.loginLocked()
saveLoginRecord("failed", note="Locked")
except exceptions.loginCheatClientsException:
# Banned for logging in with cheats
responseData += serverPackets.loginCheats()
saveLoginRecord("failed", note="Logging with cheats")
except exceptions.banchoMaintenanceException:
# Bancho is in maintenance mode
responseData = bytes()
if responseToken != None:
responseData = responseToken.queue
responseData += serverPackets.notification(
"Our bancho server is in maintenance mode. Please try to login again later."
)
responseData += serverPackets.loginFailed()
saveLoginRecord("failed", note="Bancho is in maintenance mode")
except exceptions.banchoRestartingException:
# Bancho is restarting
responseData += serverPackets.notification(
"Bancho is restarting. Try again in a few minutes.")
responseData += serverPackets.loginFailed()
saveLoginRecord("failed", note="Bancho is restarting")
except exceptions.need2FAException:
# User tried to log in from unknown IP
responseData += serverPackets.needVerification()
saveLoginRecord("failed", note="Need 2FA")
except exceptions.forceUpdateException:
# Using oldoldold client, we don't have client data. Force update.
# (we don't use enqueue because we don't have a token since login has failed)
# responseData += serverPackets.forceUpdate()
responseData += serverPackets.notification(
"您当前所使用的客户端({})太旧了,请到osu!Kafuu官网:https://old.kafuu.pro 或 官方群(955377404)下载并使用最新客户端登录。"
.format(osuVersion))
saveLoginRecord("failed", note="Too old client: {}".format(osuVersion))
except exceptions.haxException:
responseData += serverPackets.notification("what")
responseData += serverPackets.loginFailed()
saveLoginRecord("failed", note="Not HWinfo")
except:
log.error("Unknown error!\n```\n{}\n{}```".format(
sys.exc_info(), traceback.format_exc()))
saveLoginRecord("failed", note="unknown error")
finally:
# Console and discord log
if len(loginData) < 3:
log.info(
"Invalid bancho login request from **{}** (insufficient POST data)"
.format(requestIP), "bunker")
saveLoginRecord("failed", note="insufficient POST data")
# Return token string and data
print(responseData)
return responseTokenString, responseData
def handle(tornadoRequest):
# Data to return
responseToken = None
responseTokenString = "ayy"
responseData = bytes()
# Get IP from tornado request
requestIP = tornadoRequest.getRequestIP()
# Avoid exceptions
clientData = ["unknown", "unknown", "unknown", "unknown", "unknown"]
osuVersion = "unknown"
# Split POST body so we can get username/password/hardware data
# 2:-3 thing is because requestData has some escape stuff that we don't need
loginData = str(tornadoRequest.request.body)[2:-3].split("\\n")
try:
# Make sure loginData is valid
if len(loginData) < 3:
raise exceptions.invalidArgumentsException()
# Get HWID, MAC address and more
# Structure (new line = "|", already split)
# [0] osu! version
# [1] plain mac addressed, separated by "."
# [2] mac addresses hash set
# [3] unique ID
# [4] disk ID
splitData = loginData[2].split("|")
osuVersion = splitData[0]
timeOffset = int(splitData[1])
clientData = splitData[3].split(":")[:5]
if len(clientData) < 4:
raise exceptions.forceUpdateException()
if len(splitData) > 4:
ignoreDM = bool(int(splitData[4]))
else:
ignoreDM = False
# Try to get the ID from username
username = str(loginData[0])
userID = userUtils.getID(username)
if not userID:
# Invalid username
raise exceptions.loginFailedException()
if not userUtils.checkLogin(userID, loginData[1]):
# Invalid password
raise exceptions.loginFailedException()
if not eligible.tryLogin(userID):
raise exceptions.loginFailedException()
# Make sure we are not banned or locked
priv = userUtils.getPrivileges(userID)
if userUtils.isBanned(userID) and not (
priv & privileges.USER_PENDING_VERIFICATION):
raise exceptions.loginBannedException()
if userUtils.isLocked(userID) and not (
priv & privileges.USER_PENDING_VERIFICATION):
raise exceptions.loginLockedException()
# 2FA check
if userUtils.check2FA(userID, requestIP):
log.warning("Need 2FA check for user {}".format(loginData[0]))
raise exceptions.need2FAException()
# No login errors!
# Verify this user (if pending activation)
firstLogin = False
if priv & privileges.USER_PENDING_VERIFICATION or not userUtils.hasVerifiedHardware(
userID):
if userUtils.verifyUser(userID, clientData):
# Valid account
log.info("Account ID {} verified successfully!".format(userID))
glob.verifiedCache[str(userID)] = 1
firstLogin = True
else:
# Multiaccount detected
log.info("Account ID {} NOT verified!".format(userID))
glob.verifiedCache[str(userID)] = 0
raise exceptions.loginBannedException()
# Save HWID in db for multiaccount detection
hwAllowed = userUtils.logHardware(userID, clientData, firstLogin)
# This is false only if HWID is empty
# if HWID is banned, we get restricted so there's no
# need to deny bancho access
if not hwAllowed:
raise exceptions.haxException()
# Log user IP
userUtils.logIP(userID, requestIP)
# Log user osuver
kotrikhelper.setUserLastOsuVer(userID, osuVersion)
# Delete old tokens for that user and generate a new one
isTournament = "tourney" in osuVersion
if not isTournament:
glob.tokens.deleteOldTokens(userID)
responseToken = glob.tokens.addToken(userID,
requestIP,
timeOffset=timeOffset,
tournament=isTournament,
ignoreDM=ignoreDM)
responseTokenString = responseToken.token
# Check restricted mode (and eventually send message)
responseToken.checkRestricted()
# Send message if donor expires soon
# Silence the noise for perma-donor mode.
if (not responseToken.privileges & privileges.ADMIN_MANAGE_BEATMAPS
) and responseToken.privileges & privileges.USER_DONOR:
expireDate = userUtils.getDonorExpire(responseToken.userID)
if expireDate - int(time.time()) <= 86400 * 3:
expireDays = round((expireDate - int(time.time())) / 86400)
expireIn = "{} days".format(
expireDays) if expireDays > 1 else "less than 24 hours"
responseToken.enqueue(
serverPackets.notification(
"Your donor tag expires in {}! When your donor tag expires, you won't have any of the donor privileges, like yellow username, custom badge and discord custom role and username color! If you wish to keep supporting Datenshi and you don't want to lose your donor privileges, you can donate again by clicking on 'Support us' on Datenshi's website."
.format(expireIn)))
# Deprecate telegram 2fa and send alert
if userUtils.deprecateTelegram2Fa(userID):
responseToken.enqueue(
serverPackets.notification(
"As stated on our blog, Telegram 2FA has been deprecated on 29th June 2018. Telegram 2FA has just been disabled from your account. If you want to keep your account secure with 2FA, please enable TOTP-based 2FA from our website https://ripple.moe. Thank you for your patience."
))
# Set silence end UNIX time in token
responseToken.silenceEndTime = userUtils.getSilenceEnd(userID)
# Get only silence remaining seconds
silenceSeconds = responseToken.getSilenceSecondsLeft()
# Get supporter/GMT
userGMT = False
if not userUtils.isRestricted(userID):
userSupporter = True
else:
userSupporter = False
userTournament = False
if responseToken.admin:
userGMT = True
if responseToken.privileges & privileges.USER_TOURNAMENT_STAFF:
userTournament = True
# Server restarting check
if glob.restarting:
raise exceptions.banchoRestartingException()
def lildemon_list_over_pp():
a = 'VANILLA RELAX'.split()
b = 'std taiko ctb mania'.split()
c = []
for d in range(len(a)):
m = [userUtils.getUserStats, userUtils.getUserStatsRx][d]
for e in range(len(b)):
j = userUtils.noPPLimit(userID, e, d)
if d == 1 and e == 3:
continue
f, g, h, i = userUtils.obtainPPLimit(userID,
e,
relax=(d == 1),
modded=False)
k = j & 2
l = m(userID, e)
if l['pp'] >= i and not k:
c.append((a[d], b[e], l['pp'], i))
return c
# Little demon
lildemon_overpp = lildemon_list_over_pp()
if lildemon_overpp:
responseToken.enqueue(
serverPackets.notification(
"Hi fellow little demon! Did you forgot to submit yourself to the guild? I'm afraid you may not be able to advance with it."
))
responseToken.enqueue(
serverPackets.notification(
"To consider further little demon training, here I jotted down some of your achievements!\n\n{}"
.format("\n".join("{}:{} {:d}/{:d}".format(*ldop)
for ldop in lildemon_overpp))))
# Send login notification before maintenance message
if glob.banchoConf.config["loginNotification"] != "":
responseToken.enqueue(
serverPackets.notification(
glob.banchoConf.config["loginNotification"]))
# Maintenance check
if glob.banchoConf.config["banchoMaintenance"]:
if not userGMT:
# We are not mod/admin, delete token, send notification and logout
glob.tokens.deleteToken(responseTokenString)
raise exceptions.banchoMaintenanceException()
else:
# We are mod/admin, send warning notification and continue
responseToken.enqueue(
serverPackets.notification(
"Bancho is in maintenance mode. Only mods/admins have full access to the server.\nType !system maintenance off in chat to turn off maintenance mode."
))
# BAN CUSTOM CHEAT CLIENTS
# 0Ainu = First Ainu build
# b20190326.2 = Ainu build 2 (MPGH PAGE 10)
# b20190401.22f56c084ba339eefd9c7ca4335e246f80 = Ainu Aoba's Birthday Build
# b20191223.3 = Unknown Ainu build? (Taken from most users osuver in cookiezi.pw)
# b20190226.2 = hqOsu (hq-af)
def anticheat_boot(clientName, banNotif):
log.info("Account ID {} tried to use {}!".format(
userID, clientName))
def webhook_time(restrict=False):
webhook = aobaHelper.Webhook(
glob.conf.config["discord"]["anticheat"],
color=0xadd8e6,
footer="Man... this is worst player. [ Login Gate AC ]")
webhook.set_title(
title="Catched some cheater Account ID {}".format(userID))
if restrict:
webhook.set_desc(
f' tried to use {clientName} and got restricted!')
else:
webhook.set_desc(f' tried to use {clientName}!')
log.info("Sent to webhook {} DONE!!".format(
glob.conf.config["discord"]["enable"]))
webhook.post()
if responseToken.admin:
responseToken.enqueue(
serverPackets.notification(
"Kamu ngapain pake {}? stress.".format(clientName)))
elif userUtils.isRestricted(userID):
responseToken.enqueue(serverPackets.notification(banNotif))
#if glob.conf.config["discord"]["enable"] == True:
webhook_time()
else:
glob.tokens.deleteToken(userID)
userUtils.restrict(userID)
#if glob.conf.config["discord"]["enable"] == True:
webhook_time(restrict=True)
raise exceptions.loginCheatClientsException()
pass
if glob.conf.extra["mode"]["anticheat"]:
# Ainu Client 2020 update
if tornadoRequest.request.headers.get("ainu") == "happy":
anticheat_boot(
'Ainu Client 2020',
"You're banned because you're currently using Ainu Client... Happy New Year 2020 and Enjoy your restriction :)"
)
# Ainu Client 2019
elif aobaHelper.getOsuVer(userID) in [
"0Ainu", "b20190326.2",
"b20190401.22f56c084ba339eefd9c7ca4335e246f80",
"b20191223.3"
]:
anticheat_boot(
'Ainu Client',
"You're banned because you're currently using Ainu Client. Enjoy your restriction :)"
)
# hqOsu
elif aobaHelper.getOsuVer(userID) == "b20190226.2":
anticheat_boot(
'hqOsu',
"Trying to use hqOsu in here? Well... No, sorry. We don't allow cheats here. Go play https://cookiezi.pw or others cheat server."
)
# Send all needed login packets
responseToken.enqueue(serverPackets.silenceEndTime(silenceSeconds))
responseToken.enqueue(serverPackets.userID(userID))
responseToken.enqueue(serverPackets.protocolVersion())
responseToken.enqueue(
serverPackets.userSupporterGMT(userSupporter, userGMT,
userTournament))
responseToken.enqueue(serverPackets.userPanel(userID, True))
responseToken.enqueue(serverPackets.userStats(userID, True))
# Channel info end (before starting!?! wtf bancho?)
responseToken.enqueue(serverPackets.channelInfoEnd())
# Default opened channels
if True:
for channelAutoJoin in glob.db.fetchAll(
'SELECT bcc.privilege_bit AS pb, bc.name AS cn FROM bancho_client_channels as bcc JOIN bancho_channels AS bc ON bcc.channel_id = bc.id'
):
if responseToken.admin or responseToken.privileges & (
1 << channelAutoJoin['pb']):
chat.joinChannel(token=responseToken,
channel=channelAutoJoin['cn'])
else:
chat.joinChannel(token=responseToken, channel="#osu")
chat.joinChannel(token=responseToken, channel="#announce")
chat.joinChannel(token=responseToken, channel="#ranked-now")
# Join admin channel if we are an admin
if responseToken.admin or responseToken.privileges & privileges.ADMIN_MANAGE_BEATMAPS:
chat.joinChannel(token=responseToken, channel="#admin")
# Output channels info
for key, value in glob.channels.channels.items():
if responseToken.admin or (value.publicRead and not value.hidden):
responseToken.enqueue(serverPackets.channelInfo(key))
# Send friends list
responseToken.enqueue(serverPackets.friendList(userID))
# Send main menu icon
if glob.banchoConf.config["menuIcon"] != "":
responseToken.enqueue(
serverPackets.mainMenuIcon(glob.banchoConf.config["menuIcon"]))
# Send online users' panels
with glob.tokens:
for _, token in glob.tokens.tokens.items():
if not token.restricted:
responseToken.enqueue(serverPackets.userPanel(
token.userID))
# Get location and country from ip.zxq.co or database
if glob.localize:
# Get location and country from IP
latitude, longitude = locationHelper.getLocation(requestIP)
countryLetters = locationHelper.getCountry(requestIP)
country = countryHelper.getCountryID(countryLetters)
else:
# Set location to 0,0 and get country from db
log.warning("Location skipped")
latitude = 0
longitude = 0
countryLetters = "XX"
country = countryHelper.getCountryID(userUtils.getCountry(userID))
# Set location and country
responseToken.setLocation(latitude, longitude)
responseToken.country = country
# Set country in db if user has no country (first bancho login)
if userUtils.getCountry(userID) == "XX":
userUtils.setCountry(userID, countryLetters)
# Send to everyone our userpanel if we are not restricted or tournament
if not responseToken.restricted:
glob.streams.broadcast("main", serverPackets.userPanel(userID))
# Set reponse data to right value and reset our queue
responseData = responseToken.queue
responseToken.resetQueue()
except exceptions.loginFailedException:
# Login failed error packet
# (we don't use enqueue because we don't have a token since login has failed)
responseData += serverPackets.loginFailed()
except exceptions.invalidArgumentsException:
# Invalid POST data
# (we don't use enqueue because we don't have a token since login has failed)
responseData += serverPackets.loginFailed()
responseData += serverPackets.notification(
"I see what you're doing...")
except exceptions.loginBannedException:
# Login banned error packet
responseData += serverPackets.loginBanned()
except exceptions.loginLockedException:
# Login banned error packet
responseData += serverPackets.loginLocked()
except exceptions.loginCheatClientsException:
# Banned for logging in with cheats
responseData += serverPackets.loginCheats()
except exceptions.banchoMaintenanceException:
# Bancho is in maintenance mode
responseData = bytes()
if responseToken is not None:
responseData = responseToken.queue
responseData += serverPackets.notification(
"Our bancho server is in maintenance mode. Please try to login again later."
)
responseData += serverPackets.loginFailed()
except exceptions.banchoRestartingException:
# Bancho is restarting
responseData += serverPackets.notification(
"Bancho is restarting. Try again in a few minutes.")
responseData += serverPackets.loginFailed()
except exceptions.need2FAException:
# User tried to log in from unknown IP
responseData += serverPackets.needVerification()
except exceptions.haxException:
# Using oldoldold client, we don't have client data. Force update.
# (we don't use enqueue because we don't have a token since login has failed)
responseData += serverPackets.forceUpdate()
responseData += serverPackets.notification(
"Hory shitto, your client is TOO old! Nice prehistory! Please update the client from settings!"
)
except:
log.error("Unknown error!\n```\n{}\n{}```".format(
sys.exc_info(), traceback.format_exc()))
finally:
# Console and discord log
if len(loginData) < 3:
log.info(
"Invalid bancho login request from **{}** (insufficient POST data)"
.format(requestIP), "bunker")
# Return token string and data
return responseTokenString, responseData
