feat: reject users on disabled games, except admin in cameo
This commit is contained in:
parent
a2c95abde9
commit
893ada71a8
8
server/src/game/isActive.go
Normal file
8
server/src/game/isActive.go
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
package game
|
||||||
|
|
||||||
|
func (gm *Game) IsActive() bool {
|
||||||
|
gm.mu.Lock()
|
||||||
|
defer gm.mu.Unlock()
|
||||||
|
|
||||||
|
return gm.state != STATE_DISABLED
|
||||||
|
}
|
@ -3,7 +3,8 @@ package game
|
|||||||
func (gm *Game) SetGameState(stateJson *GameStateJson) {
|
func (gm *Game) SetGameState(stateJson *GameStateJson) {
|
||||||
if stateJson.State == "idle" ||
|
if stateJson.State == "idle" ||
|
||||||
stateJson.State == "collect" ||
|
stateJson.State == "collect" ||
|
||||||
stateJson.State == "final" {
|
stateJson.State == "final" ||
|
||||||
|
stateJson.State == "disabled" {
|
||||||
|
|
||||||
gm.state = stateJson.State
|
gm.state = stateJson.State
|
||||||
gm.phase = ""
|
gm.phase = ""
|
||||||
|
@ -33,6 +33,16 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !usr.IsAdmin() {
|
||||||
|
gm, err := authMux.app.GetGameById(usr.GetGameId())
|
||||||
|
if err != nil || !gm.IsActive() {
|
||||||
|
log.ErrorLog(fmt.Errorf("game %s disabled for user %s", gm.GetId(), usr.GetName()))
|
||||||
|
http.SetCookie(w, authMux.createCookie())
|
||||||
|
authMux.accessDenied(w, r)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
log.Info("%s logged into game %s\n", usr.GetName(), usr.GetGameId())
|
log.Info("%s logged into game %s\n", usr.GetName(), usr.GetGameId())
|
||||||
|
|
||||||
cookie := authMux.createCookie()
|
cookie := authMux.createCookie()
|
||||||
@ -41,7 +51,6 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
|
|||||||
http.SetCookie(w, cookie)
|
http.SetCookie(w, cookie)
|
||||||
w.Header().Add("Content-Type", "text/plain")
|
w.Header().Add("Content-Type", "text/plain")
|
||||||
fmt.Fprintf(w, "ok")
|
fmt.Fprintf(w, "ok")
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
|
func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
|
||||||
@ -62,7 +71,25 @@ func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (authMux *AuthMux) Cameo(usr *user.User, w http.ResponseWriter, r *http.Request) {
|
func (authMux *AuthMux) Cameo(usr *user.User, w http.ResponseWriter, r *http.Request) {
|
||||||
if !usr.IsAdmin() {
|
if usr.IsAdmin() {
|
||||||
|
cookie := authMux.createCookie()
|
||||||
|
cookie.Name = cookie.Name + "-cameo"
|
||||||
|
usrCameo, err := authMux.checkCode(r)
|
||||||
|
if err != nil {
|
||||||
|
http.SetCookie(w, cookie)
|
||||||
|
authMux.accessDenied(w, r)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
cookie.Value = usrCameo.GetId()
|
||||||
|
cookie.MaxAge = 0
|
||||||
|
http.SetCookie(w, cookie)
|
||||||
|
w.Header().Add("Content-Type", "text/plain")
|
||||||
|
fmt.Fprintf(w, "ok")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// non-admin: remove cameo cookie
|
||||||
usrCameo := usr.GetCameo()
|
usrCameo := usr.GetCameo()
|
||||||
if usrCameo != nil && usrCameo.IsAdmin() {
|
if usrCameo != nil && usrCameo.IsAdmin() {
|
||||||
cookie := authMux.createCookie()
|
cookie := authMux.createCookie()
|
||||||
@ -72,21 +99,6 @@ func (authMux *AuthMux) Cameo(usr *user.User, w http.ResponseWriter, r *http.Req
|
|||||||
fmt.Fprintf(w, "ok")
|
fmt.Fprintf(w, "ok")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
authMux.accessDenied(w, r)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
cookie := authMux.createCookie()
|
|
||||||
cookie.Name = cookie.Name + "-cameo"
|
|
||||||
usrCameo, err := authMux.checkCode(r)
|
|
||||||
if err != nil {
|
|
||||||
http.SetCookie(w, cookie)
|
|
||||||
authMux.accessDenied(w, r)
|
authMux.accessDenied(w, r)
|
||||||
return
|
|
||||||
}
|
|
||||||
cookie.Value = usrCameo.GetId()
|
|
||||||
cookie.MaxAge = 0
|
|
||||||
http.SetCookie(w, cookie)
|
|
||||||
w.Header().Add("Content-Type", "text/plain")
|
|
||||||
fmt.Fprintf(w, "ok")
|
|
||||||
}
|
}
|
||||||
|
@ -50,6 +50,17 @@ func (authMux *AuthMux) getUserFromSession(r *http.Request) (*user.User, error)
|
|||||||
return usrNew, nil
|
return usrNew, nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return usr, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// check if game is active
|
||||||
|
gm, err := authMux.app.GetGameById(usr.GetGameId())
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if !gm.IsActive() {
|
||||||
|
return nil, fmt.Errorf("game %s disabled for user %s (%s)", gm.GetId(), usr.GetId(), usr.GetName())
|
||||||
}
|
}
|
||||||
|
|
||||||
return usr, nil
|
return usr, nil
|
||||||
|
Loading…
Reference in New Issue
Block a user