Rework on external enum

Robust.Shared/CVars.cs

@@ -982,6 +982,14 @@ protected CVars()
         public static readonly CVarDef<int> AuthMode =
             CVarDef.Create("auth.mode", (int) Network.AuthMode.Required, CVar.SERVERONLY);
 
+        #region Starlight
+        /// <summary>
+        /// Mode with which to handle ADDITIONAL authentication on the server.
+        /// </summary>
+        public static readonly CVarDef<int> AdditionalAuthMode =
+            CVarDef.Create("auth.additionalmode", (int)Network.AuthMode.Disabled, CVar.SERVERONLY);
+        #endregion
+
         /// <summary>
         /// Allow unauthenticated localhost connections, even if the auth mode is set to required.
         /// These connections have a "localhost@" prefix as username.

Robust.Shared/Network/AuthMode.cs

@@ -15,13 +15,12 @@ public enum AuthMode : byte
 
         /// <summary>
         /// Authenticated is required to join the server.
-        /// Starlight: Required only default, discord auth will be rejected
         /// </summary>
         /// <remarks>
         /// Unauthenticated clients are still allowed for localhost connections,
         /// but only if CVar <c>auth.allowlocal</c> is true.
         /// </remarks>
-        RequiredDefault = 1,
+        Required = 1,
 
         /// <summary>
         /// Authentication is fully disabled, and even clients capable of authenticating will not authenticate.
@@ -31,19 +30,21 @@ public enum AuthMode : byte
         /// This may result in confusing mingling of database entries, if actively switched between on the same server.
         /// </remarks>
         Disabled = 2,
+    }
 
-        #region Starlight
+    #region Starlight
 
+    public enum AdditionalAuthModes : byte
+    {
         /// <summary>
-        /// Starlight: Required both, i.e. if discord auth valid - can join, if default auth valid - can join
+        /// Any additional auth mode disabled
         /// </summary>
-        Required = 3,
-
+        Disabled = 0,
         /// <summary>
-        /// Starlight: Required only discord, default auth will be rejected
+        /// Discord auth enabled
         /// </summary>
-        RequiredDiscord = 4,
-
-        #endregion
+        DiscordEnabled = 1,
     }
+
+    #endregion
 }

Robust.Shared/Network/NetManager.ServerAuth.cs

@@ -23,6 +23,7 @@ partial class NetManager
 
         public byte[] CryptoPublicKey { get; } = new byte[CryptoBox.PublicKeyBytes];
         public AuthMode Auth { get; private set; }
+        public AdditionalAuthModes AdditionalAuth { get; private set; } // Starlight-edit
 
         public Func<string, Task<NetUserId?>>? AssignUserIdCallback { get; set; }
         public IServerNetManager.NetApprovalDelegate? HandleApprovalCallback { get; set; }
@@ -60,13 +61,20 @@ private async void HandleHandshake(NetPeerData peer, NetConnection connection)
                 _logger.Verbose(
                     $"{connection.RemoteEndPoint}: Connection is specialized local? {isLocal} ");
 
-                if (Auth is AuthMode.Required or AuthMode.RequiredDefault or AuthMode.RequiredDiscord && !isLocal) // Starlight-edit
+                if (Auth == AuthMode.Required && !isLocal)
                 {
-                    if ((!canAuth && Auth == AuthMode.RequiredDefault) || (!discord && Auth == AuthMode.RequiredDiscord) || (!canAuth && !discord)) // Starlight-edit
+                    // Starlight-start
+                    if ((!canAuth && AdditionalAuth == AdditionalAuthModes.Disabled))
                     {
-                        connection.Disconnect("Connecting to this server requires authentication");
+                        connection.Disconnect("Connecting to this server requires normal authentication!");
                         return;
                     }
+                    if (!canAuth && !discord && AdditionalAuth == AdditionalAuthModes.DiscordEnabled)
+                    {
+                        connection.Disconnect("Connecting to this server requires authentication of any types!");
+                        return;
+                    }
+                    // Starlight-end
                 }
 
                 NetEncryption? encryption = null;
@@ -87,7 +95,7 @@ private async void HandleHandshake(NetPeerData peer, NetConnection connection)
                         PublicKey = needPk ? CryptoPublicKey : Array.Empty<byte>(),
                         VerifyToken = verifyToken,
                         WantHwid = wantHwid,
-                        WantDiscord = Auth is AuthMode.Required or AuthMode.RequiredDiscord // Starlight-edit
+                        WantDiscord = Auth == AuthMode.Required && AdditionalAuth == AdditionalAuthModes.DiscordEnabled // Starlight-edit
                     };
 
                     var outMsgEncReq = peer.Peer.CreateMessage();

Robust.Shared/Network/NetManager.cs

@@ -275,6 +275,7 @@ public void Initialize(bool isServer)
             if (isServer)
             {
                 _config.OnValueChanged(CVars.AuthMode, OnAuthModeChanged, invokeImmediately: true);
+                _config.OnValueChanged(CVars.AdditionalAuthMode, OnAdditionalAuthModeChanged, invokeImmediately: true); // Starlight-edit
             }
 
             _config.OnValueChanged(CVars.NetFakeLoss, _fakeLossChanged);
@@ -321,6 +322,10 @@ private void OnAuthModeChanged(int mode)
             Auth = (AuthMode)mode;
         }
 
+        // Starlight-start
+        private void OnAdditionalAuthModeChanged(int mode) => AdditionalAuth = (AdditionalAuthModes)mode;
+        // Starlight-end
+
         private void OnSerializerOnClientHandshakeComplete()
         {
             _logger.Info("Client completed serializer handshake.");
@@ -481,6 +486,7 @@ public void Shutdown(string reason)
             if (IsServer)
             {
                 _config.UnsubValueChanged(CVars.AuthMode, OnAuthModeChanged);
+                _config.UnsubValueChanged(CVars.AdditionalAuthMode, OnAdditionalAuthModeChanged); // Starlight-edit
             }
 
             _config.UnsubValueChanged(CVars.NetFakeLoss, _fakeLossChanged);