From 4edf08709010f721b099dfae3cab011acbdfb3ff Mon Sep 17 00:00:00 2001
From: sfan5 <sfan5@live.de>
Date: Wed, 6 Dec 2017 17:32:49 +0100
Subject: [PATCH] Auth handler: Player deletion & Iterator (#6741)

* Add player deletion method to auth handler (fixes #6653)
* Support iterating over the auth database

There was no way to do this previously and a recent commit
broke doing this the "hacky" way by accessing `core.auth_table`.
---
 builtin/game/auth.lua | 18 ++++++++++++++++++
 doc/lua_api.txt       |  9 ++++++++-
 2 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/builtin/game/auth.lua b/builtin/game/auth.lua
index 80b15e818..3d4d6b199 100644
--- a/builtin/game/auth.lua
+++ b/builtin/game/auth.lua
@@ -106,6 +106,16 @@ core.builtin_auth_handler = {
 		}
 		save_auth_file()
 	end,
+	delete_auth = function(name)
+		assert(type(name) == "string")
+		if not auth_table[name] then
+			return false
+		end
+		core.log('info', "Built-in authentication handler deleting player '"..name.."'")
+		auth_table[name] = nil
+		save_auth_file()
+		return true
+	end,
 	set_password = function(name, password)
 		assert(type(name) == "string")
 		assert(type(password) == "string")
@@ -154,6 +164,13 @@ core.builtin_auth_handler = {
 		assert(auth_table[name]).last_login = os.time()
 		save_auth_file()
 	end,
+	iterate = function()
+		local names = {}
+		for k in pairs(auth_table) do
+			names[k] = true
+		end
+		return pairs(names)
+	end,
 }
 
 core.register_on_prejoinplayer(function(name, ip)
@@ -204,6 +221,7 @@ end
 
 core.set_player_password = auth_pass("set_password")
 core.set_player_privs    = auth_pass("set_privileges")
+core.remove_player_auth  = auth_pass("delete_auth")
 core.auth_reload         = auth_pass("reload")
 
 local record_login = auth_pass("record_login")
diff --git a/doc/lua_api.txt b/doc/lua_api.txt
index 24e928d85..1e6cf0b71 100644
--- a/doc/lua_api.txt
+++ b/doc/lua_api.txt
@@ -3124,8 +3124,11 @@ These functions return the leftover itemstack.
 * `minetest.get_server_status()`: returns server status string
 * `minetest.get_server_uptime()`: returns the server uptime in seconds
 * `minetest.remove_player(name)`: remove player from database (if he is not connected).
-    * Does not remove player authentication data, minetest.player_exists will continue to return true.
+    * As auth data is not removed, minetest.player_exists will continue to return true.
+      Call the below method as well if you want to remove auth data too.
     * Returns a code (0: successful, 1: no such player, 2: player is connected)
+* `minetest.remove_player_auth(name)`: remove player authentication data
+    * Returns boolean indicating success (false if player nonexistant)
 
 ### Bans
 * `minetest.get_ban_list()`: returns the ban list (same as `minetest.get_ban_description("")`)
@@ -5225,6 +5228,8 @@ Definition tables
         create_auth = func(name, password),
     --  ^ Create new auth data for player `name`
     --  ^ Note that `password` is not plain-text but an arbitrary representation decided by the engine
+        delete_auth = func(name),
+    --  ^ Delete auth data of player `name`, returns boolean indicating success (false if player nonexistant)
         set_password = func(name, password),
     --  ^ Set password of player `name` to `password`
            Auth data should be created if not present
@@ -5236,5 +5241,7 @@ Definition tables
     --  ^ Returns boolean indicating success
         record_login = func(name),
     --  ^ Called when player joins, used for keeping track of last_login
+        iterate = func(),
+    --  ^ Returns an iterator (use with `for` loops) for all player names currently in the auth database
     }