Limit New Accounts per day total and per day.

Author: Arcurus

openlife/server/Connection.hx

@@ -25,6 +25,7 @@ class Connection {
 
 	public var sock:Socket;
 	public var sendFrame = false;
+	public var clientIp:String = ''; // Client IP for account limiting
 
 	var server:Server;
 	var tag:ServerTag;
@@ -41,7 +42,10 @@ class Connection {
 		var version = ObjectData.dataVersionNumber;
 
 		// if it is an AI there is no sock
-		if (sock != null) send(SERVER_INFO, ["0/0", challenge, '$version']);
+		if (sock != null) {
+			clientIp = sock.peer().host.toString(); // Get client IP for account limiting
+			send(SERVER_INFO, ["0/0", challenge, '$version']);
+		}
 	}
 
 	public function isAi():Bool {
@@ -93,7 +97,13 @@ class Connection {
 
 		trace('login2: ${account_key_hash}');
 
-		this.playerAccount = PlayerAccount.GetOrCreatePlayerAccount(email, account_key_hash);
+		this.playerAccount = PlayerAccount.GetOrCreatePlayerAccount(email, account_key_hash, 0, clientIp);
+		if (this.playerAccount == null) {
+			trace('login: ${account_key_hash} REJECTED! Account limit reached for IP ${clientIp}');
+			send(REJECTED);
+			if (sock != null) sock.close();
+			return;
+		}
 		this.player = GlobalPlayerInstance.CreateNewHumanPlayer(this);
 
 		Macro.exception(initConnection(this.player, this.playerAccount));
@@ -123,7 +133,13 @@ class Connection {
 		trace('rlogin2: ${account_key_hash}');
 		// GlobalPlayerInstance.AcquireMutex();
 
-		this.playerAccount = PlayerAccount.GetOrCreatePlayerAccount(email, account_key_hash);
+		this.playerAccount = PlayerAccount.GetOrCreatePlayerAccount(email, account_key_hash, 0, clientIp);
+		if (this.playerAccount == null) {
+			trace('rlogin: ${account_key_hash} REJECTED! Account limit reached for IP ${clientIp}');
+			send(REJECTED);
+			if (sock != null) sock.close();
+			return;
+		}
 		var lastLivingPlayer = playerAccount.getLastLivingPlayer();
 
 		if (lastLivingPlayer != null) {

openlife/server/PlayerAccount.hx

@@ -12,6 +12,11 @@ class PlayerAccount {
 	public static var AllPlayerAccountsById = new Map<Int, PlayerAccount>();
 	public static var AccountIdIndex:Int = 1;
 
+	// Account limiting - anti spam
+	public static var newAccountsTodayPerIp = new Map<String, Int>(); // IP -> count
+	public static var totalNewAccountsToday:Int = 0;
+	public static var lastAccountResetTime:Float = 0;
+
 	// saved
 	public var id:Int;
 	public var isAi:Bool = false;
@@ -35,7 +40,6 @@ class PlayerAccount {
 	public var scoreEntries = new Array<ScoreEntry>(); // is used to store prestige boni / mali
 	public var displayClosePlayers:Bool = true;
 	public var displayYum:Bool = true;
-
 	// not saved
 	public var graves = new Array<ObjectHelper>();
 
@@ -47,10 +51,31 @@ class PlayerAccount {
 
 	private function new() {}
 
-	public static function GetOrCreatePlayerAccount(email:String, account_key_hash:String, id:Int = 0):PlayerAccount {
+	// if Ip is not set there is no limit to account generation
+	public static function GetOrCreatePlayerAccount(email:String, account_key_hash:String, id:Int = 0, clientIp:String = ''):PlayerAccount {
+		var checkLimit = clientIp != '';
 		var account = AllPlayerAccountsByEmail[email];
 		if (account != null) return account;
 
+		// Check if account limit reached
+		if (checkLimit) {
+			// Reset daily counts if it's a new day
+			ResetDailyAccountCounts();
+
+			// Check IP-specific limit
+			var ipCount = newAccountsTodayPerIp[clientIp];
+			if (ipCount != null && ipCount >= ServerSettings.NewAccountsPerIpPerDay) {
+				trace('PlayerAccount: WARNING: IP account limit reached for $clientIp ($ipCount/${ServerSettings.NewAccountsPerIpPerDay} per day)');
+				return null;
+			}
+
+			// Check total server-wide limit
+			if (totalNewAccountsToday >= ServerSettings.TotalNewAccountsPerDay) {
+				trace('PlayerAccount: WARNING: Total daily account limit reached ($totalNewAccountsToday/${ServerSettings.TotalNewAccountsPerDay})');
+				return null;
+			}
+		}
+
 		account = new PlayerAccount();
 		account.id = id > 0 ? id : AccountIdIndex++;
 		account.email = email;
@@ -59,11 +84,32 @@ class PlayerAccount {
 		AllPlayerAccountsByEmail[account.email] = account;
 		AllPlayerAccountsById[account.id] = account;
 
+		// Track new account creation
+		if (checkLimit) {
+			totalNewAccountsToday++;
+
+			var ipCount = newAccountsTodayPerIp[clientIp];
+			newAccountsTodayPerIp[clientIp] = (ipCount != null ? ipCount : 0) + 1;
+			trace('PlayerAccount: New account created: ${account.id} from IP $clientIp (today: $totalNewAccountsToday total, IP: ${newAccountsTodayPerIp[clientIp]})');
+		}
+
 		// trace('New account: ${id}-->${account.id} $email');
 
 		return account;
 	}
 
+	public static function ResetDailyAccountCounts() {
+		var now = Date.now().getTime();
+		var oneDayInMs:Float = 86400000; // 24 * 60 * 60 * 1000
+
+		if (now - lastAccountResetTime >= oneDayInMs) {
+			newAccountsTodayPerIp = new Map<String, Int>();
+			totalNewAccountsToday = 0;
+			lastAccountResetTime = now;
+			trace('PlayerAccount: Daily account counts reset for day ${Date.now()}');
+		}
+	}
+
 	public static function GetPlayerAccountById(id:Int):PlayerAccount {
 		return AllPlayerAccountsById[id];
 	}

openlife/settings/ServerSettings.hx

@@ -51,6 +51,10 @@ class ServerSettings {
 	public static var DebugCreateOldPath:Bool = false; // To compare new pathing method with old
 	public static var DebugWritePathToFile:Bool = false; // wriths path map to SaveFiles/paths.txt
 
+	// Account limiting
+	public static var NewAccountsPerIpPerDay:Int = 3; // Max new accounts per IP per day
+	public static var TotalNewAccountsPerDay:Int = 20; // Total new accounts server-wide per day
+
 	// Save / Load
 	public static var saveToDisk = true;
 	public static var SavePlayers = true;