feat: reject users on disabled games, except admin in cameo

This commit is contained in:
Settel 2022-12-10 22:01:42 +01:00
parent a2c95abde9
commit 893ada71a8
4 changed files with 52 additions and 20 deletions

View File

@ -0,0 +1,8 @@
package game
func (gm *Game) IsActive() bool {
gm.mu.Lock()
defer gm.mu.Unlock()
return gm.state != STATE_DISABLED
}

View File

@ -3,7 +3,8 @@ package game
func (gm *Game) SetGameState(stateJson *GameStateJson) {
if stateJson.State == "idle" ||
stateJson.State == "collect" ||
stateJson.State == "final" {
stateJson.State == "final" ||
stateJson.State == "disabled" {
gm.state = stateJson.State
gm.phase = ""

View File

@ -33,6 +33,16 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
return
}
if !usr.IsAdmin() {
gm, err := authMux.app.GetGameById(usr.GetGameId())
if err != nil || !gm.IsActive() {
log.ErrorLog(fmt.Errorf("game %s disabled for user %s", gm.GetId(), usr.GetName()))
http.SetCookie(w, authMux.createCookie())
authMux.accessDenied(w, r)
return
}
}
log.Info("%s logged into game %s\n", usr.GetName(), usr.GetGameId())
cookie := authMux.createCookie()
@ -41,7 +51,6 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
http.SetCookie(w, cookie)
w.Header().Add("Content-Type", "text/plain")
fmt.Fprintf(w, "ok")
}
func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
@ -62,31 +71,34 @@ func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
}
func (authMux *AuthMux) Cameo(usr *user.User, w http.ResponseWriter, r *http.Request) {
if !usr.IsAdmin() {
usrCameo := usr.GetCameo()
if usrCameo != nil && usrCameo.IsAdmin() {
cookie := authMux.createCookie()
cookie.Name = cookie.Name + "-cameo"
if usr.IsAdmin() {
cookie := authMux.createCookie()
cookie.Name = cookie.Name + "-cameo"
usrCameo, err := authMux.checkCode(r)
if err != nil {
http.SetCookie(w, cookie)
w.Header().Add("Content-Type", "text/plain")
fmt.Fprintf(w, "ok")
authMux.accessDenied(w, r)
return
}
authMux.accessDenied(w, r)
cookie.Value = usrCameo.GetId()
cookie.MaxAge = 0
http.SetCookie(w, cookie)
w.Header().Add("Content-Type", "text/plain")
fmt.Fprintf(w, "ok")
return
}
cookie := authMux.createCookie()
cookie.Name = cookie.Name + "-cameo"
usrCameo, err := authMux.checkCode(r)
if err != nil {
// non-admin: remove cameo cookie
usrCameo := usr.GetCameo()
if usrCameo != nil && usrCameo.IsAdmin() {
cookie := authMux.createCookie()
cookie.Name = cookie.Name + "-cameo"
http.SetCookie(w, cookie)
authMux.accessDenied(w, r)
w.Header().Add("Content-Type", "text/plain")
fmt.Fprintf(w, "ok")
return
}
cookie.Value = usrCameo.GetId()
cookie.MaxAge = 0
http.SetCookie(w, cookie)
w.Header().Add("Content-Type", "text/plain")
fmt.Fprintf(w, "ok")
authMux.accessDenied(w, r)
}

View File

@ -50,6 +50,17 @@ func (authMux *AuthMux) getUserFromSession(r *http.Request) (*user.User, error)
return usrNew, nil
}
}
return usr, nil
}
// check if game is active
gm, err := authMux.app.GetGameById(usr.GetGameId())
if err != nil {
return nil, err
}
if !gm.IsActive() {
return nil, fmt.Errorf("game %s disabled for user %s (%s)", gm.GetId(), usr.GetId(), usr.GetName())
}
return usr, nil