settel/knowyt
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

feat: reject users on disabled games, except admin in cameo

Browse Source
This commit is contained in:
Settel 2022-12-10 22:01:42 +01:00
parent a2c95abde9
commit 893ada71a8
4 changed files with 52 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
server/src/game/isActive.go Normal file
View File

@ -0,0 +1,8 @@
package game
func (gm *Game) IsActive() bool {
gm.mu.Lock()
defer gm.mu.Unlock()
return gm.state != STATE_DISABLED
}

3
server/src/game/setGameState.go
View File

@ -3,7 +3,8 @@ package game
func (gm *Game) SetGameState(stateJson *GameStateJson) { func (gm *Game) SetGameState(stateJson *GameStateJson) {
if stateJson.State == "idle" || if stateJson.State == "idle" ||
stateJson.State == "collect" || stateJson.State == "collect" ||
stateJson.State == "final" { stateJson.State == "final" ||
stateJson.State == "disabled" {
gm.state = stateJson.State gm.state = stateJson.State
gm.phase = "" gm.phase = ""

50
server/src/handler/login.go
View File

@ -33,6 +33,16 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
return return
} }
if !usr.IsAdmin() {
gm, err := authMux.app.GetGameById(usr.GetGameId())
if err != nil || !gm.IsActive() {
log.ErrorLog(fmt.Errorf("game %s disabled for user %s", gm.GetId(), usr.GetName()))
http.SetCookie(w, authMux.createCookie())
authMux.accessDenied(w, r)
return
}
}
log.Info("%s logged into game %s\n", usr.GetName(), usr.GetGameId()) log.Info("%s logged into game %s\n", usr.GetName(), usr.GetGameId())
cookie := authMux.createCookie() cookie := authMux.createCookie()
@ -41,7 +51,6 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
http.SetCookie(w, cookie) http.SetCookie(w, cookie)
w.Header().Add("Content-Type", "text/plain") w.Header().Add("Content-Type", "text/plain")
fmt.Fprintf(w, "ok") fmt.Fprintf(w, "ok")
} }
func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) { func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
@ -62,31 +71,34 @@ func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
} }
func (authMux *AuthMux) Cameo(usr *user.User, w http.ResponseWriter, r *http.Request) { func (authMux *AuthMux) Cameo(usr *user.User, w http.ResponseWriter, r *http.Request) {
if !usr.IsAdmin() { if usr.IsAdmin() {
usrCameo := usr.GetCameo() cookie := authMux.createCookie()
if usrCameo != nil && usrCameo.IsAdmin() { cookie.Name = cookie.Name + "-cameo"
cookie := authMux.createCookie() usrCameo, err := authMux.checkCode(r)
cookie.Name = cookie.Name + "-cameo" if err != nil {
http.SetCookie(w, cookie) http.SetCookie(w, cookie)
w.Header().Add("Content-Type", "text/plain") authMux.accessDenied(w, r)
fmt.Fprintf(w, "ok")
return return
} }
authMux.accessDenied(w, r)
cookie.Value = usrCameo.GetId()
cookie.MaxAge = 0
http.SetCookie(w, cookie)
w.Header().Add("Content-Type", "text/plain")
fmt.Fprintf(w, "ok")
return return
} }
cookie := authMux.createCookie() // non-admin: remove cameo cookie
cookie.Name = cookie.Name + "-cameo" usrCameo := usr.GetCameo()
usrCameo, err := authMux.checkCode(r) if usrCameo != nil && usrCameo.IsAdmin() {
if err != nil { cookie := authMux.createCookie()
cookie.Name = cookie.Name + "-cameo"
http.SetCookie(w, cookie) http.SetCookie(w, cookie)
authMux.accessDenied(w, r) w.Header().Add("Content-Type", "text/plain")
fmt.Fprintf(w, "ok")
return return
} }
cookie.Value = usrCameo.GetId()
cookie.MaxAge = 0 authMux.accessDenied(w, r)
http.SetCookie(w, cookie)
w.Header().Add("Content-Type", "text/plain")
fmt.Fprintf(w, "ok")
} }

11
server/src/handler/private.go
View File

@ -50,6 +50,17 @@ func (authMux *AuthMux) getUserFromSession(r *http.Request) (*user.User, error)
return usrNew, nil return usrNew, nil
} }
} }
return usr, nil
}
// check if game is active
gm, err := authMux.app.GetGameById(usr.GetGameId())
if err != nil {
return nil, err
}
if !gm.IsActive() {
return nil, fmt.Errorf("game %s disabled for user %s (%s)", gm.GetId(), usr.GetId(), usr.GetName())
} }
return usr, nil return usr, nil