Categories > Coding > Lua >
[RELEASE] MoobleFlurf Authentication Sample (FREE LUAU)
Posted
This is the source code of this very secure authentication system
Pepperingand salting as well! Enjoy
-- Load the SHA-256 hash library
local sha256 = require("sha256")
-- List of allowed usernames and their corresponding hashed passwords with salts and pepper
local whitelist = {
user1 = {
passwordHash = "4b2dd16341f5c5f5e5b1d602726dfbe05c785f8d231f21575c11a329a3c3bf94",
salt = "3a7a437a4c4e4d4f4e4d4f474f4e475241",
pepper = "fb1c7f2a2c62347fc9ac9f6d0c6e05f6"
},
user2 = {
passwordHash = "52764e3f93a9f3d04c129efda057167c93dc7b2b287a40b47b6de344c3bf313e",
salt = "3f525a42414e475f5245434f5244",
pepper = "2a2f52aa9f28b1a7d1e0b404857f7f6d"
},
user3 = {
passwordHash = "9d4b4bb4d47c53b89a7f504d0075f5b5e5f1651f7a9a59a75d7c332a3c3bf7d1",
salt = "7a6f726f6e",
pepper = "f3dd3dcbdfb1f470da02f6c91d8e2e6b"
}
}
-- List of allowed IP addresses
local ipWhitelist = {
"127.0.0.1"
}
-- Maximum number of login attempts before a user is temporarily locked out
local maxLoginAttempts = 5
-- Time in seconds for a user to be locked out after maxLoginAttempts is reached
local lockoutTime = 60
-- Table to keep track of failed login attempts
local failedLogins = {}
-- Function to check if a user is allowed
function isAllowed(user, password, ipAddress)
-- Generate a random salt value for each login attempt
local loginSalt = sha256(os.time() .. math.random(1000, 9999))
-- Check if user is in the whitelist and the password is correct
if whitelist[user] and sha256(whitelist[user].salt .. password .. whitelist[user].pepper .. loginSalt) == whitelist[user].passwordHash then
-- Check if the IP address is also allowed
for j, allowedIP in ipairs(ipWhitelist) do
if ipAddress == allowedIP then
-- Reset the failed login attempts for the user
failedLogins[user] = nil
return true
end
end
end
-- Increment the failed login attempts for the user
if not failedLogins[user] then
failedLogins[user] = 1
else
failedLogins[user] = failedLogins[user] + 1
end
-- Check if the user has reached the maximum number of login attempts and should be locked out
if failedLogins[user] >= maxLoginAttempts then
failedLogins[user] = nil
os.execute("sleep " .. lockoutTime)
end
return false
end
veh_handler and seh_handler disliker
<p>enis</p>
Users viewing this thread:
( Members: 0, Guests: 2, Total: 2 )
Cancel
Post