From cb986335f61179b202c208bf02066ee6b662c806 Mon Sep 17 00:00:00 2001
From: fallenoak <git@fallenoak.me>
Date: Tue, 30 Sep 2025 21:15:38 -0500
Subject: [PATCH] feat(net): implement all of GruntLogin::NextSecurityState

---
 src/net/login/GruntLogin.cpp | 27 +++++++++++++++++++++++++--
 src/net/login/GruntLogin.hpp |  4 ++++
 2 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/src/net/login/GruntLogin.cpp b/src/net/login/GruntLogin.cpp
index 32c49b9..18cd1a5 100644
--- a/src/net/login/GruntLogin.cpp
+++ b/src/net/login/GruntLogin.cpp
@@ -137,6 +137,12 @@ void GruntLogin::Logon(const char* loginServer, const char* loginPortal) {
 
     // TODO
 
+    this->m_pinEnabled = false;
+    this->m_matrixEnabled = false;
+    this->m_tokenEnabled = false;
+
+    // TODO
+
     this->m_loginResponse->UpdateLoginStatus(
         LOGIN_STATE_CONNECTING,
         LOGIN_OK,
@@ -274,8 +280,25 @@ void GruntLogin::LogonResult(Grunt::Result result, const uint8_t* sessionKey, ui
 }
 
 LOGIN_STATE GruntLogin::NextSecurityState(LOGIN_STATE state) {
-    // TODO
-    return LOGIN_STATE_CHECKINGVERSIONS;
+    switch (state) {
+    case LOGIN_STATE_FIRST_SECURITY:
+        if (this->m_pinEnabled) {
+            return LOGIN_STATE_PIN;
+        }
+
+    case LOGIN_STATE_PIN:
+        if (this->m_matrixEnabled) {
+            return LOGIN_STATE_MATRIX;
+        }
+
+    case LOGIN_STATE_MATRIX:
+        if (this->m_tokenEnabled) {
+            return LOGIN_STATE_TOKEN;
+        }
+
+    default:
+        return LOGIN_STATE_CHECKINGVERSIONS;
+    }
 }
 
 void GruntLogin::ProveVersion(const uint8_t* versionChecksum) {
diff --git a/src/net/login/GruntLogin.hpp b/src/net/login/GruntLogin.hpp
index 6f01be5..ddcdd30 100644
--- a/src/net/login/GruntLogin.hpp
+++ b/src/net/login/GruntLogin.hpp
@@ -9,6 +9,10 @@ class GruntLogin : public Login {
     public:
         // Member variables
         uint8_t m_versionChallenge[LOGIN_VERSION_CHALLENGE_LEN];
+        uint8_t m_pinEnabled;
+        uint8_t m_matrixEnabled;
+        uint8_t m_tokenEnabled;
+        uint8_t m_tokenRequired;
         Grunt::ClientLink* m_clientLink = nullptr;
 
         // Virtual member functions