DS-Software · DSSoftware · Oct 1, 2022 · Oct 1, 2022 · Oct 1, 2022 · Oct 8, 2022
diff --git a/.configuration/database_setup.sql b/.configuration/database_setup.sql
@@ -12,24 +12,14 @@ CREATE TABLE `projects` (
   `verified` int(11) NOT NULL,
   `enabled` int(11) NOT NULL DEFAULT 1,
   `banned` int(11) NOT NULL DEFAULT 0
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_general_ci;
 
 CREATE TABLE `requests` (
   `request_id` int(10) UNSIGNED NOT NULL,
   `method` text NOT NULL,
   `request_ip` text NOT NULL,
   `request_time` int(11) NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `sessions` (
-  `session_id` int(10) UNSIGNED NOT NULL,
-  `session` text NOT NULL,
-  `session_seed` text NOT NULL,
-  `session_ip` text NOT NULL,
-  `user_id` int(11) NOT NULL DEFAULT 0,
-  `claimed` int(11) NOT NULL DEFAULT 0,
-  `created` int(11) NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_general_ci;
 
 CREATE TABLE `users` (
   `user_id` int(10) UNSIGNED NOT NULL,
@@ -42,40 +32,48 @@ CREATE TABLE `users` (
   `user_salt` text DEFAULT NULL,
   `password_hash` text NOT NULL,
   `ip_ver_code` text DEFAULT NULL,
-  `user_ip` text NOT NULL DEFAULT '',
+  `user_ip` text DEFAULT NULL,
   `api_key_seed` text DEFAULT NULL,
-  `SLID` text NOT NULL DEFAULT '',
+  `SLID` text DEFAULT NULL,
   `last_sid` text DEFAULT NULL,
-  `easylogin` int(11) NOT NULL DEFAULT 0,
   `email_check` int(11) NOT NULL DEFAULT 1,
   `2fa_active` int(11) NOT NULL DEFAULT 0,
   `2fa_secret` text DEFAULT NULL,
   `2fa_disable_code` text DEFAULT NULL,
   `is_banned` int(11) NOT NULL DEFAULT 0,
-  `ban_reason` text NOT NULL DEFAULT ''
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+  `ban_reason` text DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_general_ci;
+
+CREATE TABLE `webauthn` (
+  `keyID` int(10) UNSIGNED NOT NULL,
+  `user_id` text NOT NULL,
+  `owner_id` int(11) NOT NULL,
+  `final_key` mediumtext DEFAULT NULL,
+  `credential_id` text DEFAULT NULL,
+  `attest_type` text DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
 
 ALTER TABLE `projects`
   ADD PRIMARY KEY (`project_id`);
 
 ALTER TABLE `requests`
   ADD PRIMARY KEY (`request_id`);
 
-ALTER TABLE `sessions`
-  ADD PRIMARY KEY (`session_id`);
-
 ALTER TABLE `users`
   ADD PRIMARY KEY (`user_id`);
 
+ALTER TABLE `webauthn`
+  ADD PRIMARY KEY (`keyID`);
+
 ALTER TABLE `projects`
-  MODIFY `project_id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT;
+  MODIFY `project_id` int(1) UNSIGNED NOT NULL AUTO_INCREMENT;
 
 ALTER TABLE `requests`
-  MODIFY `request_id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT;
-
-ALTER TABLE `sessions`
-  MODIFY `session_id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT;
+  MODIFY `request_id` int(1) UNSIGNED NOT NULL AUTO_INCREMENT;
 
 ALTER TABLE `users`
-  MODIFY `user_id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT;
+  MODIFY `user_id` int(1) UNSIGNED NOT NULL AUTO_INCREMENT;
+
+ALTER TABLE `webauthn`
+  MODIFY `keyID` int(1) UNSIGNED NOT NULL AUTO_INCREMENT;
 COMMIT;
diff --git a/.configuration/example_config.php b/.configuration/example_config.php
@@ -55,20 +55,84 @@ function getScopes($expl_scopes, $infinite=0, $admin_required=false){
 
 	$spam_check = true;
 	$spam_provider = "https://disposable.debounce.io/?email=";
+
+	/*
+		If using CAPTCHA (field $captcha_required is true), put the correct values 
+		in the field below. For more info - https://dash.cloudflare.com/?to=/:account/turnstile
+
+		$turnstile_public is your Site Key.
+		$turnstile_private is your Secret Key.
+
+		If you aren't using CAPTCHA - set $captcha_required to false and ignore
+		the fields below.
+	*/
 
 	$captcha_required = true;
+	$turnstile_public = "";
+	$turnstile_private = "";
 
 	$login_site = "https://example.com/login";
 	$status_page = "https://status.example.com/";
 	$support = "Either support link or EMail address.";
+	$support_email = "Either support link or EMail address.";
+	$platform_name = "DS Software ULS";
 
-	$domain_name = "/"; /*    / is default  */
+	$domain_name = "/"; #  / is default
 
 	$session_length = 32;
 
 	$service_key = "Very_Long_Service_Key";
 
-	$encryption_key = "Long_Key_For_AES_Encryption.";
+	$encryption_key = "Long_Key_For_AES_Encryption";
+
+	$enable_webauthn = true;
+	$user_verification_requirement = "required";
+	/* 
+		Types of UV Requirements:
+		- required : user must verify, otherwise fail
+		- preferred : user verification is preferred, but it won't fail
+		- discouraged : user verification should not be used
+
+		Required might break some authenticators that
+		cannot verify users.
+	*/
+
+	/*
+		Relying party ID is the address of your site, for example:
+		https://webauthn.example.com/auth relying party will be webauthn.example.com
+	*/
+	$relying_party_id = "example.com";
+
+	$attestation_formats = array(
+		"android-key" => [
+			"name" => "Android Key",
+			"icon" => "fa-mobile"
+		],
+		"android-safetynet" => [
+			"name" => "Android SafetyNet",
+			"icon" => "fa-mobile"
+		],
+		"apple" => [
+			"name" => "Apple Attestation",
+			"icon" => "fa-mobile"
+		],
+		"fido-u2f" => [
+			"name" => "FIDO U2F",
+			"icon" => "fa-microchip"
+		],
+		"none" => [
+			"name" => "Passkey",
+			"icon" => "fa-key"
+		],
+		"packed" => [
+			"name" => "Hardware Key",
+			"icon" => "fa-microchip"
+		],
+		"tpm" => [
+			"name" => "TPM Attestation",
+			"icon" => "fa-desktop"
+		]
+	);
 
 	$database = array(
 		'login' => 'database_login',
@@ -78,23 +142,31 @@ function getScopes($expl_scopes, $infinite=0, $admin_required=false){
 	);
 
 	$email_info = array(
-		'$project_name' => "",
+		'$project_name' => $platform_name,
 		'$main_link' => $login_site,
 		'$login_site' => $login_site,
-		'$support_email' => "mailto:",
-		'$support_email_label' => ""
+		'$support_email' => "mailto:{$support_email}",
+		'$support_email_label' => $support_email
 	);
+
+	/*
+		Do not use this feature unless you are experiencing severe issues with email delivery. This flag will disable all email verification.
+
+		DO NOT USE THIS FEATURE ON A REAL SERVER!
+	*/
+	$disable_email = false;
 
 	$email_settings = array(
 		'smtp' => 'your.smtp.provider',
 		'port' => '465',
 		'messageFrom' => 'Sender Name',
 		'login' => 'SMTP Login',
-		'password' => 'SMTP Password'
+		'password' => 'SMTP Password',
+		'email_debug' => false // Use it when u get EMAIL_DELIVERY_FAULT error.
 	);
 
 	$enable_creation = true;
 	$int_url = $login_site . "/apps";
 
 	$allowed_admins = []; // [1 => true] ([USER_ID => true])
-?>
+?>
diff --git a/README.md b/README.md
@@ -24,15 +24,58 @@ The only file you need to modify is config.php.
 * $maintenance_mode
   * If `true`, API returns only error MAINTENANCE_MODE to all the requests.
     * Used, if you want to stop users from using ULS while maintaining it.
+
+* $spam_check
+  * If `true`, users won't be able to use disposal emails.
+* $spam_provide
+  * Sets the provider to check emails whether they are disposable or not.
+
+* $captcha_required
+  * If `true`, API will count user requests and issue proper RATE_LIMIT_EXCEEDED errors.
+* $turnstile_public
+  * Required in order to work with CloudFlare Turnstile. Your Site Key.
+* $turnstile_private
+  * Required in order to work with CloudFlare Turnstile. Your Secret Key.
+
+* $login_site
+  * URL of main page.
+* $status_page
+  * URL of status page.
+* $support
+  * Support e-mail or link
+
 * $domain_name
   * Used to create cookies with proper path.
   * If you don't use root folder of your site, put the extension here:
     * If you use something like `https://dssoftware.ru/login` - put `/login` here
     * If you use something like `https://dssoftware.ru/` - leave `/`
     * If you use something like `https://example.dssoftware.ru/login` - put `/login` here
+
 * $session_length
   * Defines the length of a random_session_id. If too small, RSID will duplicate. If too big, might cause some performance issues.
     * Optimal value - `32`
+
+* $service_key
+  * Used to verify data obtained from external sources - use a moderately long one.
+* $encryption_key
+  * Used to encrypt data that cannot be stored for some reason.
+
+* $database
+  * Fill that array with data obtained from your database provider.
+
+* $email_info
+  * Fill that array with data you want to be shown in GUI.
+
+* $email_settings
+  * Fill that array with data obtained from your email host provider.
+
+* $enable_creation
+  * If `true`, API will allow to create projects, doesn't affect admins.
+* $integrations_limit
+  * Sets the maximum amount of integrations that could be created. Doesn't affect admins.
+* $allowed_admins
+  * Gives administrative permissions to specific users.
+  * WARNING! Do not give admin permissions to accounts without a reason.
 
 ### Database Configuration
 There is a Database Dump inside a .configuration folder. Use database_setup.sql as an Import File in PHPMyAdmin or just execute the SQL commands inside the file.
@@ -48,7 +91,6 @@ There is a list of all libraries that are used in ULS.
 * PHP TOTP (https://github.com/lfkeitel/php-totp/)
 * Html5-QRCode (https://github.com/mebjas/html5-qrcode)
 * Alertify JS (https://github.com/MohammadYounes/AlertifyJS)
-* KCaptcha (http://www.captcha.ru/kcaptcha/)
 
 ## Contributing & Issues
 When contributing changes to the project, please provide as much detail on the changes. Malicious or meaningless contributions won't be accepted.