Core/Network: Add option to allow/disallow saving IP addresses to database (#26723)

Add config option AllowLoggingIPAddressesInDatabase to authserver and worldserver to specify if IP addresses can be logged or not to the database
author: Giacomo Pozzoni <giacomopoz@gmail.com> 2021-07-28 11:44:24 +0200
committer: GitHub <noreply@github.com> 2021-07-28 11:44:24 +0200
commit: 68bf7e6d12e1689d688db32c05066b8832922c67 (patch)
tree: 6b18313a4f2d81a5822fa75269224eed5099ed64 /src/server/game/Server
parent: 621f3f50c2fa2ce098ff13ad12a0bbc772300e2f (diff)
1 files changed, 19 insertions, 11 deletions
diff --git a/src/server/game/Server/WorldSocket.cpp b/src/server/game/Server/WorldSocket.cpp
index 7430b808370..9dd27515792 100644
--- a/src/server/game/Server/WorldSocket.cpp
+++ b/src/server/game/Server/WorldSocket.cpp
@@ -459,12 +459,17 @@ void WorldSocket::HandleAuthSessionCallback(std::shared_ptr<AuthSession> authSes
     // For hook purposes, we get Remoteaddress at this point.
     std::string address = GetRemoteIpAddress().to_string();
 
-    // As we don't know if attempted login process by ip works, we update last_attempt_ip right away
-    LoginDatabasePreparedStatement* stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LAST_ATTEMPT_IP);
-    stmt->setString(0, address);
-    stmt->setString(1, authSession->Account);
-    LoginDatabase.Execute(stmt);
-    // This also allows to check for possible "hack" attempts on account
+    LoginDatabasePreparedStatement* stmt = nullptr;
+
+    if (sWorld->getBoolConfig(CONFIG_ALLOW_LOGGING_IP_ADDRESSES_IN_DATABASE))
+    {
+        // As we don't know if attempted login process by ip works, we update last_attempt_ip right away
+        stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LAST_ATTEMPT_IP);
+        stmt->setString(0, address);
+        stmt->setString(1, authSession->Account);
+        LoginDatabase.Execute(stmt);
+        // This also allows to check for possible "hack" attempts on account
+    }
 
     // even if auth credentials are bad, try using the session key we have - client cannot read auth response error without it
     _authCrypt.Init(account.SessionKey);
@@ -580,13 +585,16 @@ void WorldSocket::HandleAuthSessionCallback(std::shared_ptr<AuthSession> authSes
 
     TC_LOG_DEBUG("network", "WorldSocket::HandleAuthSession: Client '%s' authenticated successfully from %s.", authSession->Account.c_str(), address.c_str());
 
-    // Update the last_ip in the database as it was successful for login
-    stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LAST_IP);
+    if (sWorld->getBoolConfig(CONFIG_ALLOW_LOGGING_IP_ADDRESSES_IN_DATABASE))
+    {
+        // Update the last_ip in the database as it was successful for login
+        stmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_LAST_IP);
 
-    stmt->setString(0, address);
-    stmt->setString(1, authSession->Account);
+        stmt->setString(0, address);
+        stmt->setString(1, authSession->Account);
 
-    LoginDatabase.Execute(stmt);
+        LoginDatabase.Execute(stmt);
+    }
 
     // At this point, we can safely hook a successful login
     sScriptMgr->OnAccountLogin(account.Id);
author	Giacomo Pozzoni <giacomopoz@gmail.com>	2021-07-28 11:44:24 +0200
committer	GitHub <noreply@github.com>	2021-07-28 11:44:24 +0200
commit	68bf7e6d12e1689d688db32c05066b8832922c67 (patch)
tree	6b18313a4f2d81a5822fa75269224eed5099ed64 /src/server/game/Server
parent	621f3f50c2fa2ce098ff13ad12a0bbc772300e2f (diff)