1. Forum
  2. DOVE-Net
  3. Synchronet Programming C+

  • exec/login.js

    From rswindell@VERT to CVS commit on Wed Feb 12 17:29:07 2014
    exec login.js 1.7 1.8
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv24309

    Modified Files:
    login.js
    Log Message:
    Clear key buffer after failed login

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From rswindell@VERT to CVS commit on Fri Mar 7 20:46:00 2014
    exec login.js 1.8 1.9
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv30452

    Modified Files:
    login.js
    Log Message:
    If a login name was provided by the application protocol (e.g. Telnet, RLogin, SSH), use that as the default login name.
    Clear the bbs.rlogin_name value if the login fails.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From rswindell@VERT to CVS commit on Tue May 12 00:16:51 2015
    exec login.js 1.9 1.10
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv9040

    Modified Files:
    login.js
    Log Message:
    Remove left-over commented-out custom font loading test code.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From rswindell@VERT to CVS commit on Mon May 9 00:05:15 2016
    exec login.js 1.11 1.12
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv3431

    Modified Files:
    login.js
    Log Message:
    If login_prompts is set in the [login] section of ctrl/modopts.ini, use that value (instead of the hard-coded 10) to limit the number of login prompts displayed before disconnecting the user. A failed password attempt counts as
    "2 prompts".


    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From rswindell@VERT to CVS commit on Fri May 27 00:34:25 2016
    exec login.js 1.12 1.13
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv4637

    Modified Files:
    login.js
    Log Message:
    When a user fails to login using a block name (from name.can), immediately disconnect them (with a message) and log a notice.


    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From rswindell@VERT to CVS commit on Tue Dec 6 01:23:32 2016
    exec login.js 1.13 1.14
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv25066

    Modified Files:
    login.js
    Log Message:
    Cut 75% off of the inactivity hang-up timeout when a terminal type (e.g. ANSI) is not auto-detected. These hacking bots and scripts don't support ANSI.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From rswindell@VERT to CVS commit on Mon Nov 27 22:20:39 2017
    exec login.js 1.14 1.15
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv23206

    Modified Files:
    login.js
    Log Message:
    Added more detail to the lost account info (password) email and log
    a message for the sysop.


    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Sun Oct 21 23:08:53 2018
    exec login.js 1.15 1.16
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv9142

    Modified Files:
    login.js
    Log Message:
    Beautification for smaller (e.g. 40-column) terminals.
    Also, allow the inactivity timeout value for connections without an auto-detected terminal to be set explicitly via modopts.ini
    [login] inactive_hangup = 30 (seconds)
    rather than deriving from the configured inactivity hangup value in SCFG->Nodes.


    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Sat Feb 16 16:09:44 2019
    exec login.js 1.16 1.17
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv3623

    Modified Files:
    login.js
    Log Message:
    Enhancement to the failed login/password-email feature:
    If confirm_email_address = false in the [login] section of modopts.ini, do not ask the user to confirm their email address before sending password.
    Do not display the email address back to the user (in case they did not already know it).
    Send the user a telegram for each failed login attempt (using user alias, not number).
    Send the user a telegram when their account info (password) was requested.


    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Mon Jul 15 22:30:41 2019
    exec login.js 1.18 1.19
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv27474

    Modified Files:
    login.js
    Log Message:
    2 changes:
    Always parse/strip the fast_logon_char (default: '!') from the login name /number. This way if users get used to logging in in this fashion, it won't stimy them if the sysop disables the feature.

    Added fast_logon_requirements option (default: blank) which is an optional
    ARS to limit fast logon support to specific user-groups.


    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Thu Jan 23 10:48:11 2020
    exec login.js 1.20 1.21
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv28889

    Modified Files:
    login.js
    Log Message:
    Support guest=false in [login] section of modopts.ini

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell@VERT to Git commit to sbbs/master on Sat Sep 19 22:54:45 2020
    https://gitlab.synchro.net/sbbs/sbbs/-/commit/b05b2cc15bc5da16d5da1be6
    Modified Files:
    exec/login.js
    Log Message:
    Re-enable the short inactivity timeout for non-terminal connections (bots)

    As of Oct-25-2018, the NO_EXASCII flag was set in the autoterm variable
    when there was no ANSI terminal auto-detected. This defeated the short inactivity timeout feature of login.js because it was checking specifically
    for a zero-value autoterm.

    So change this logic to check for no ANSI, PETSCII, or UTF-8 (the 3 indicators of a valid terminal) - though I suppose PETSCII is questionable (it's not actually auto-detected, just a non-standard port usually).
    ---
    ï¿­ Synchronet ï¿­ Vertrauen ï¿­ Home of Synchronet ï¿­ [vert/cvs/bbs].synchro.net
  • From Rob Swindell@VERT to Git commit to main/sbbs/master on Sat Mar 27 21:57:16 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/35d1f33534a152aa7c46c56c
    Modified Files:
    exec/login.js
    Log Message:
    Run the "inactive_hangup" option through parseInt()

    Just in case it was read as a string (e.g. had a ; comment following the value) ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell@VERT to Git commit to main/sbbs/master on Sat Jan 21 18:28:12 2023
    https://gitlab.synchro.net/main/sbbs/-/commit/e6017a35aa2fecf4d05a4621
    Modified Files:
    exec/login.js
    Log Message:
    Restore stealth legacy login prompt (NN:)

    This old prompt used to be sent for any login scripts (e.g. QWKnet
    via dial-up) that would key off that WWIV-like "name or number"
    (NN:) prompt, but was removed (accidentally?) in commit fedabb0b8f6dfcdc4.

    Send "NN: " and "PW: " (include the trailing space, just in case), and use carriage return to move back (and overwrite) rather than 4 backspaces.
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Sat Feb 4 20:20:08 2023
    https://gitlab.synchro.net/main/sbbs/-/commit/f5c555808b050bc980af2852
    Modified Files:
    exec/login.js
    Log Message:
    The bare CR is treated as CRLF on PETSCII, so use Ctrl-A[ instead

    We don't do output translation for PETSCII terminals for CR or LF
    chars, so this trick is needed, at least currently, for the NN legacy prompt
    to be properly over-written/invisible for CBM/PETSCII terminals.
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on ChromeOS)@VERT to Git commit to main/sbbs/master on Sat Feb 11 13:35:16 2023
    https://gitlab.synchro.net/main/sbbs/-/commit/1b67a35ef4230d8ac379e04a
    Modified Files:
    exec/login.js
    Log Message:
    Use the new (to v3.20) method of checking for login-by-usernumber support

    The old NM_NO_NUM flag is unused/deprecated.
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Sat Mar 18 14:51:34 2023
    https://gitlab.synchro.net/main/sbbs/-/commit/b91e77719928033321808776
    Modified Files:
    exec/login.js
    Log Message:
    Apply inactive_hangup option (for dumb terminals) using max_socket_inactivity

    this insures that inactive dumb (bot) connections will be disconnected even when using a script (e.g. animated pause prompt) that doesn't time-out.

    Also, if the connected node is the last node (for this sbbs instance), divide the socket inactivity timeout value in half.

    These changes (along with sbbs v3.20) should help with DOS (denial-of-service, not MS-DOS) prevention.

    Mainly for Krueger.
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Tue Jul 25 17:02:02 2023
    https://gitlab.synchro.net/main/sbbs/-/commit/7f1525c5bca05030d54a2c40
    Modified Files:
    exec/login.js
    Log Message:
    Enable "use strict" mode in this script - best practice

    Requires hex literals for control chars instead of octal
    (e.g. \x01 instead of \1)

    All stock scripts should be using strict mode, so this was a miss.
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Fri Nov 10 20:38:03 2023
    https://gitlab.synchro.net/main/sbbs/-/commit/567753c0f1a7793407dc3566
    Modified Files:
    exec/login.js
    Log Message:
    Only call the re-login support functions if re-logging-in

    These functions were causing enumeration issues with JSDOC builds (before the recent refactor that fixes that enumertion order problem), but
    really these calls should've been conditional anyway.
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Sun Jun 1 00:26:31 2025
    https://gitlab.synchro.net/main/sbbs/-/commit/7276d373acdc2b3453b4bb0e
    Modified Files:
    exec/login.js
    Log Message:
    Use User.is_sysop instead of comparison of user's sec level < 90

    Don't bother emailing a blank password (shouldn't even get here in that
    case).

    Don't send legacy prompts (NN:, PW:) unless legacy_prompts=true is set
    in ctrl/modopts/login.ini (or the [login] section of ctrl/modopts.ini).
    I got tired of seeing these old/obsolete prompts (does WWIV even still
    send them? I don't think so) in captures of terminals that don't support
    bare CR correctly (hello ROMTERM) - and since I'm doubtful there are any
    login scripts that actually key off of these prompts any more, just disable thenm by default.
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Sat Jan 3 14:24:16 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/add6a3362f3c884eb92374d7
    Modified Files:
    exec/login.js
    Log Message:
    Log a msg to the node/system log when new user registration is canceled

    Yeah, one 'l'.
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Sat Jan 3 22:22:22 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/80a100d80e23ecc5a087157e
    Modified Files:
    exec/login.js
    Log Message:
    Don't call bbs.logline() when it's not a function (e.g. v3.20 and earlier)
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Sat Jan 10 04:00:11 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/031bea289a55527d947975b8
    Modified Files:
    exec/login.js
    Log Message:
    Set node status in retry loop

    If a user aborted the new user registration, the node status would not revert back to "At login prompt".
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Sun Jan 11 01:55:07 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/125c521d6a2962c1395ef046
    Modified Files:
    exec/login.js
    Log Message:
    Remove the old dumb-terminal inactivity hangup hack

    This feature is now built-into SBBS and doesn't rely on the login module to be executed to reduce the socket inactivity to a (short) reasonable timeout for likely bots.
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net