Raised This Month: $12 Target: $400
 3% 

[Any] Force Auth


Post New Thread Reply   
 
Thread Tools Display Modes
Author
JoinedSenses
Senior Member
Join Date: Sep 2013
Plugin ID:
6367
Plugin Version:
1.0.0
Plugin Category:
Server Management
Plugin Game:
Any
Plugin Dependencies:
    Servers with this Plugin:
     
    Plugin Description:
    Forces players to authenticate by reconnecting or kicking them.
    Old 12-14-2018 , 17:44   [Any] Force Auth
    Reply With Quote #1

    Force Auth

    v 1.0.0


    This is a very simple plugin that enforces player authentication on connect by reconnecting or kicking unauthenticated players. Sometimes players are not able to properly authenticate with steam servers or the event doesn't fire at all, which can cause conflicts with other plugins, or even bypassing bans.

    This plugin will log reconnects/kicks to addons/sourcemod/logs/error_date.log

    If the reconnect method is used and the client has failed to authenticate three times, they will instead then be kicked.

    ConVar
    sm_forceauth_connect <0/1> // Hide connect message until client has authenticated
    sm_forceauth_time <default 10.0> // How many seconds to wait after OnClientPutInServer to verify that the client has authenticated.
    sm_forceauth_method <reconnect/kick> // Method of dealing with clients who have failed to authenticate (Options: reconnect, kick)


    .
    Attached Files
    File Type: sp Get Plugin or Get Source (authorizeplayer.sp - 795 views - 3.5 KB)
    __________________

    Last edited by JoinedSenses; 12-19-2018 at 17:52.
    JoinedSenses is offline
    DarkDeviL
    SourceMod Moderator
    Join Date: Apr 2012
    Old 12-14-2018 , 18:08   Re: [Any] Force Auth
    Reply With Quote #2

    Thread Connect Events Order (OnClientAuthorized), and especially Post #4 gives some insight about the different OnClient* procedures.

    From OnClientPutInServer:

    Quote:
    Whether a client has a steamid is undefined until OnClientAuthorized is called, which may occur either before or after OnClientPutInServer. Similarly, use OnClientPostAdminCheck() if you need to verify whether connecting players are admins.
    From OnClientAuthorized:

    Quote:
    Called when a client receives an auth ID. The state of a client's authorization as an admin is not guaranteed here. Use OnClientPostAdminCheck() if you need a client's admin status.
    If you have any specific things to do, or need to make e sure a Steam ID is what it really is, like you say (for bans), I suggest moving to OnClientPostAdminCheck.

    The quotes from above in crystal clear English: "Use OnClientPostAdminCheck if you need to rely on a player's authentication with Steam".

    That one is also called automatically, so if I join your server at 10:00, but doesn't authenticate 100%, it will be called automatically on 10:05 when the Steam servers are back up (or your server's connection to the Steam servers are back up).
    __________________
    Mostly known as "DarkDeviL".

    Dropbox FastDL: Public folder will no longer work after March 15, 2017!
    For more info, see the [SRCDS Thread], or the [HLDS Thread].

    Last edited by DarkDeviL; 12-14-2018 at 18:09.
    DarkDeviL is offline
    JoinedSenses
    Senior Member
    Join Date: Sep 2013
    Old 12-14-2018 , 18:19   Re: [Any] Force Auth
    Reply With Quote #3

    Edited: OnClientPostAdminCheck is only called if a client is authorized? If so your advice is for general use within plugins, which is useful for developers. If I were to move my check there, it would do nothing during connect if the client has not authorized, correct?

    This plugin is meant as a hotfix for server owners who may not know much about plugin development and server events.

    For example, by moving checks to OnClientPostAdminCheck and a banned client isn't authorized, they'll be able to join the server until they are authorized. If that is the case, then this plugin will prevent that from occuring. The entire purpose is to force authentication as the title says, so I'm not certain why this has been unapproved.
    __________________

    Last edited by JoinedSenses; 12-14-2018 at 18:53.
    JoinedSenses is offline
    DarkDeviL
    SourceMod Moderator
    Join Date: Apr 2012
    Old 12-17-2018 , 23:18   Re: [Any] Force Auth
    Reply With Quote #4

    Quote:
    Originally Posted by JoinedSenses View Post
    Edited: OnClientPostAdminCheck is only called if a client is authorized? If so your advice is for general use within plugins, which is useful for developers. If I were to move my check there, it would do nothing during connect if the client has not authorized, correct?
    Correct.

    A previous version of the [ANY] Store by Zephyrus was loading inventories doing it's things OnClientAuthorized.

    Connecting while the Steam network was down, and then getting authorized later on, and quitting the server would usually lead to credit loss in this Store.

    Moving checks to OnClientPostAdminCheck, where the checks requiring Steam ID / "authentication" status are today, solved all those issues.

    Quote:
    Originally Posted by JoinedSenses View Post
    For example, by moving checks to OnClientPostAdminCheck and a banned client isn't authorized, they'll be able to join the server until they are authorized. If that is the case, then this plugin will prevent that from occuring.
    Correct, and you don't really want to do anything before, as you do not yet know that the Steam ID is indeed the "correct one" you want to act on.

    It makes no sense for my server to claim you are banned, if you are not, does it?

    Quote:
    Originally Posted by JoinedSenses View Post
    This plugin is meant as a hotfix for server owners who may not know much about plugin development and server events.
    It is very great that you care about others, like I feel you do with your attempt here. Thumbs up (and ) for that.

    However, it is not your "job" to make a hotfix for other potentially "lousy" developers. It is the developer's project to fix his/her plugins (or the new person who have taken over the development, if relevant), not you.

    So if you find any plugins that are doing checks in an improper way, where you feel like a plugin like this is necessary, I suggest you report those plugins for review, so any bad plugins out there can be unapproved.

    Quote:
    Originally Posted by JoinedSenses View Post
    The entire purpose is to force authentication as the title says, so I'm not certain why this has been unapproved.
    Quote:
    Originally Posted by Powerlord View Post
    SourceMod fires connect and admin events for every player on every map change.

    OnClientConnect
    OnClientConnected
    OnClientAuthorized*
    OnClientPreAdminCheck
    OnClientPostAdminFilter
    OnClientPostAdminCheck
    OnClientPutInServer*

    * These can occur in any order. Because of this, you should never do admin/STEAM ID checks in OnClientPutInServer.
    ^

    The stars and the description tells it all, you are exactly doing what that post tells you not to do.

    Your plugin uses the two functions that may be called in a random order, for your connect it may work because the events are fired in the order you expect, however for my connect it may not - because of the "in any order".

    A default SourceMod configuration will only call OnClientPostAdminCheck after the autorization is approved and the Steam ID is 100% valid etc., so I would suggest setting g_bAuthorized to true in that one instead.

    At a regular frequency, e.g. after a (or every) minute or so, scan all players and if (!IsClientAuthorized(client)), then act on it, if g_bAuthorized hasn't yet been set to true.

    To print the connection message to all if set, I wouldn't care if you are triggering it in both OnClientAuthorized and OnClientPutInServer though. To avoid duplicates, you could make a new bool to see if it has already been printed.


    Based on my experience (as well as, ... "some" others), there is like a 9/10 chance that all your players are eventually being reconnected over and over, with your current way of doing it, since you are acting in a place where you know you aren't guaranteed to have the information you need.

    I don't suppose you want to introduce even more issues for server owners, with your "hotfix", am I right?

    That's the major point for my action with the unapproval.
    __________________
    Mostly known as "DarkDeviL".

    Dropbox FastDL: Public folder will no longer work after March 15, 2017!
    For more info, see the [SRCDS Thread], or the [HLDS Thread].

    Last edited by DarkDeviL; 12-17-2018 at 23:22.
    DarkDeviL is offline
    JoinedSenses
    Senior Member
    Join Date: Sep 2013
    Old 12-18-2018 , 21:47   Re: [Any] Force Auth
    Reply With Quote #5

    Quote:
    It makes no sense for my server to claim you are banned, if you are not, does it?
    I dont understand what you mean here. My statement is the opposite. The server will not recognize the player is banned on connect if it can't retrieve a clients steamid, which means the player could potentially temporarily evade a ban.


    Quote:
    Based on my experience (as well as, ... "some" others), there is like a 9/10 chance that all your players are eventually being reconnected over and over, with your current way of doing it, since you are acting in a place where you know you aren't guaranteed to have the information you need.
    Either your logic is based on assumptions, or things have changed. I wouldn't have uploaded this here if I knew this plugin would cause major issues. Over the past three months of its use, at most maybe once a day, a single client will fail to authenticate on my servers and be reconnected.

    I completely understand that OnClientPostAdminCheck should be used for retrieving valid client information. As stated previously, this plugin is used to guarantee that the authentication events have fired, and in a specific order, during connect.

    Even though I disagree with you, I will re-evaluate the plugin and look for a more appropriate method to guarantee authentication to satisfy your concerns.


    Edit: The original post attachment has been modified to create a timer with a default of 10 seconds to verify that the client has authenticated.
    __________________

    Last edited by JoinedSenses; 12-19-2018 at 01:54.
    JoinedSenses is offline
    DarkDeviL
    SourceMod Moderator
    Join Date: Apr 2012
    Old 12-19-2018 , 17:34   Re: [Any] Force Auth
    Reply With Quote #6

    Quote:
    Originally Posted by JoinedSenses View Post
    Either your logic is based on assumptions,
    I actually heard this about assumptions.

    I wouldn't ever act on assumptions, what I explained above, is real life experience from many years of working with game servers, including a lot of time spend fixing numerous plugins that from the authors were giving glitchy effects, such as for example, as mentioned, in the moments where the Steam network was temporary down.

    Quote:
    Originally Posted by JoinedSenses View Post
    or things have changed.
    According to a look at the development history, nothing seems the have changed related to authentication on or after my last experience.

    Quote:
    Originally Posted by JoinedSenses View Post
    As stated previously, this plugin is used to guarantee that the authentication events have fired, and in a specific order, during connect.
    I still find it odd that you believe you can make something that the vendor specifies as to happen in "any kind of order" happen in "a specific order", without involving something else.

    Quote:
    Originally Posted by JoinedSenses View Post
    Even though I disagree with you, I will re-evaluate the plugin and look for a more appropriate method to guarantee authentication to satisfy your concerns.
    My concerns are for the community, and especially when code seems not always to be guaranteed to work 100% as expected. Not at all meant to piss you off or anything similar.

    I re-approved the plugin now.
    __________________
    Mostly known as "DarkDeviL".

    Dropbox FastDL: Public folder will no longer work after March 15, 2017!
    For more info, see the [SRCDS Thread], or the [HLDS Thread].
    DarkDeviL is offline
    Reply


    Thread Tools
    Display Modes

    Posting Rules
    You may not post new threads
    You may not post replies
    You may not post attachments
    You may not edit your posts

    BB code is On
    Smilies are On
    [IMG] code is On
    HTML code is Off

    Forum Jump


    All times are GMT -4. The time now is 13:52.


    Powered by vBulletin®
    Copyright ©2000 - 2024, vBulletin Solutions, Inc.
    Theme made by Freecode