Bug fixes, improve session check security

Author: wnelson03

auth.cpp

@@ -1163,7 +1163,7 @@ bool KeyAuth::api::checkblack() {
     }
 }
 
-void KeyAuth::api::check() {
+void KeyAuth::api::check(bool check_paid) {
     checkInit();
 
     auto data =
@@ -1172,7 +1172,12 @@ void KeyAuth::api::check() {
         XorStr("&name=") + name +
         XorStr("&ownerid=") + ownerid;
 
-    auto response = req(data, url);
+    std::string endpoint = url;
+    if (check_paid) {
+        endpoint += "?check_paid=1";
+    }
+
+    auto response = req(data, endpoint);
 
     std::hash<int> hasher;
     int expectedHash = hasher(42);
@@ -1197,7 +1202,9 @@ void KeyAuth::api::check() {
             LI_FN(exit)(9);
         }
     }
-    LI_FN(exit)(7);
+    else {
+        LI_FN(exit)(7);
+    }
 }
 
 std::string KeyAuth::api::var(std::string varid) {
@@ -1509,15 +1516,15 @@ int VerifyPayload(std::string signature, std::string timestamp, std::string body
     {
         // std::cerr << "Invalid public key format" << std::endl;
         LI_FN(exit)(6);
-    }
+    };
 
     if (crypto_sign_ed25519_verify_detached(sig, reinterpret_cast<const unsigned char*>(message.c_str()), message.length(), pk) != 0)
     {
         // std::cerr << "Signature verification failed" << std::endl;
         LI_FN(exit)(7);
     }
 
-    // std::cout << "Payload verfied" << std::endl;
+    // std::cout << "\n Payload verfied" << std::endl;
 
     int value = 42 ^ 0xA5A5;
     return value & 0xFFFF;

auth.hpp

@@ -21,7 +21,7 @@ namespace KeyAuth {
 
 		void ban(std::string reason = "");
 		void init();
-		void check();
+		void check(bool check_paid = false);
 		void log(std::string msg);
 		void license(std::string key);
 		std::string var(std::string varid);
@@ -76,8 +76,9 @@ namespace KeyAuth {
 		public:
 			// response data
 			std::vector<channel_struct> channeldata;
-			bool success{false};
+			bool success{};
 			std::string message;
+			bool isPaid{};
 		};
 
 		userdata user_data;
@@ -120,6 +121,10 @@ namespace KeyAuth {
 		void load_response_data(nlohmann::json data) {
 			api::response.success = data[XorStr("success")];
 			api::response.message = data["message"];
+
+			if (data.contains(XorStr("role").c_str()) && data[XorStr("role")] != XorStr("tester").c_str() && data[XorStr("role")] != XorStr("not_checked").c_str()) {
+				api::response.isPaid = true;
+			}
 		}
 
 		void load_channel_data(nlohmann::json data) {

library.sln

@@ -1,22 +1,16 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.31624.102
+# Visual Studio Version 17
+VisualStudioVersion = 17.6.33815.320
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "library", "library.vcxproj", "{03A87D79-B6BB-4199-BD0C-97158912F6AB}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
-		Debug|x64 = Debug|x64
-		Debug|x86 = Debug|x86
 		Release|x64 = Release|x64
 		Release|x86 = Release|x86
 	EndGlobalSection
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
-		{03A87D79-B6BB-4199-BD0C-97158912F6AB}.Debug|x64.ActiveCfg = Debug|x64
-		{03A87D79-B6BB-4199-BD0C-97158912F6AB}.Debug|x64.Build.0 = Debug|x64
-		{03A87D79-B6BB-4199-BD0C-97158912F6AB}.Debug|x86.ActiveCfg = Debug|Win32
-		{03A87D79-B6BB-4199-BD0C-97158912F6AB}.Debug|x86.Build.0 = Debug|Win32
 		{03A87D79-B6BB-4199-BD0C-97158912F6AB}.Release|x64.ActiveCfg = Release|x64
 		{03A87D79-B6BB-4199-BD0C-97158912F6AB}.Release|x64.Build.0 = Release|x64
 		{03A87D79-B6BB-4199-BD0C-97158912F6AB}.Release|x86.ActiveCfg = Release|Win32