| summaryrefslogtreecommitdiff |
diff options
| author | Nathanael Sensfelder <SpamShield0@MultiAgentSystems.org> | 2018-09-08 05:28:28 +0200 |
|---|---|---|
| committer | Nathanael Sensfelder <SpamShield0@MultiAgentSystems.org> | 2018-09-08 05:28:28 +0200 |
| commit | 936f186b6b767273fdc3c01f17311981c46e102c (patch) | |
| tree | 624d6d9591df4cb869d1361f31c27c7a6a66350c | |
| parent | cbc16fc5033ae7bd49c053131ec842e8f3445041 (diff) | |
Send "disconnected" cmd if user failed cred check.
This (currently) does not apply to the actual login page, but just to
any other action that requires being logged in.
| -rw-r--r-- | src/battle/query/btl_character_turn.erl | 30 | ||||
| -rw-r--r-- | src/battle/query/btl_load.erl | 23 | ||||
| -rw-r--r-- | src/character/query/chr_load.erl | 23 | ||||
| -rw-r--r-- | src/character/query/chr_update.erl | 27 | ||||
| -rw-r--r-- | src/map/query/map_load.erl | 23 | ||||
| -rw-r--r-- | src/map/query/map_update.erl | 27 | ||||
| -rw-r--r-- | src/player/query/plr_load.erl | 23 | ||||
| -rw-r--r-- | src/shared/reply/shr_disconnected.erl | 25 | ||||
| -rw-r--r-- | src/shared/shr_security.erl | 10 |
9 files changed, 135 insertions, 76 deletions
diff --git a/src/battle/query/btl_character_turn.erl b/src/battle/query/btl_character_turn.erl index b23a02e..62d4b4b 100644 --- a/src/battle/query/btl_character_turn.erl +++ b/src/battle/query/btl_character_turn.erl @@ -25,17 +25,17 @@ decode_request (BinaryRequest) -> btl_character_turn_request:decode(JSONMap). %%%% USER AUTHENTICATION %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --spec authenticate_user (btl_character_turn_request:type()) -> 'ok'. +-spec authenticate_user (btl_character_turn_request:type()) -> ('ok' | 'error'). authenticate_user (Request) -> PlayerID = btl_character_turn_request:get_player_id(Request), SessionToken = btl_character_turn_request:get_session_token(Request), Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - shr_security:lock_queries(PlayerID), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. %%%% MAIN LOGIC %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -spec fetch_data @@ -265,13 +265,19 @@ generate_reply (Update) -> -spec handle (binary()) -> binary(). handle (EncodedRequest) -> Request = decode_request(EncodedRequest), - authenticate_user(Request), - Data = fetch_data(Request), - assert_user_permissions(Data, Request), - Update = update_data(Data, Request), - commit_update(Update, Request), - disconnect_user(Request), - generate_reply(Update). + case authenticate_user(Request) of + ok -> + PlayerID = btl_character_turn_request:get_player_id(Request), + shr_security:lock_queries(PlayerID), + Data = fetch_data(Request), + assert_user_permissions(Data, Request), + Update = update_data(Data, Request), + commit_update(Update, Request), + disconnect_user(Request), + generate_reply(Update); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/battle/query/btl_load.erl b/src/battle/query/btl_load.erl index 35ad6f9..cbcc3b5 100644 --- a/src/battle/query/btl_load.erl +++ b/src/battle/query/btl_load.erl @@ -48,16 +48,17 @@ parse_input (Req) -> battle_id = BattleID }. --spec authenticate_user (input()) -> 'ok'. +-spec authenticate_user (input()) -> ('ok' | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. -spec fetch_data (input()) -> query_state(). fetch_data (Input) -> @@ -150,11 +151,15 @@ generate_reply (QueryState, Input) -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(QueryState, Input). + case authenticate_user(Input) of + ok -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(QueryState, Input); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/character/query/chr_load.erl b/src/character/query/chr_load.erl index 290ea37..3c269d6 100644 --- a/src/character/query/chr_load.erl +++ b/src/character/query/chr_load.erl @@ -47,16 +47,17 @@ parse_input (Req) -> session_token = SessionToken }. --spec authenticate_user (input()) -> {'ok', shr_player:type()}. +-spec authenticate_user (input()) -> ({'ok', shr_player:type()} | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - {ok, Player}. + case shr_security:credentials_match(SessionToken, Player) of + true -> {ok, Player}; + _ -> error + end. -spec fetch_data (shr_player:type(), input()) -> query_state(). fetch_data (Player, Input) -> @@ -94,11 +95,15 @@ generate_reply (QueryState) -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - {ok, Player} = authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Player, Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(QueryState). + case authenticate_user(Input) of + {ok, Player} -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Player, Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(QueryState); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/character/query/chr_update.erl b/src/character/query/chr_update.erl index 90d87c5..568a749 100644 --- a/src/character/query/chr_update.erl +++ b/src/character/query/chr_update.erl @@ -55,16 +55,17 @@ parse_input (Req) -> character = Character }. --spec authenticate_user (input()) -> {'ok', shr_player:type()}. +-spec authenticate_user (input()) -> ({'ok', shr_player:type()} | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - {ok, Player}. + case shr_security:credentials_match(SessionToken, Player) of + true -> {ok, Player}; + _ -> error + end. -spec fetch_data (shr_player:type(), input()) -> query_state(). fetch_data (Player, Input) -> @@ -131,13 +132,17 @@ generate_reply () -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - {ok, Player} = authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Player, Input), - Update = update_data(QueryState, Input), - commit_update(Update, Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(). + case authenticate_user(Input) of + {ok, Player} -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Player, Input), + Update = update_data(QueryState, Input), + commit_update(Update, Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/map/query/map_load.erl b/src/map/query/map_load.erl index 3357c4f..ad6db17 100644 --- a/src/map/query/map_load.erl +++ b/src/map/query/map_load.erl @@ -48,16 +48,17 @@ parse_input (Req) -> map_id = MapID }. --spec authenticate_user (input()) -> 'ok'. +-spec authenticate_user (input()) -> ('ok' | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. -spec fetch_data (input()) -> query_state(). fetch_data (Input) -> @@ -83,11 +84,15 @@ generate_reply (QueryState) -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(QueryState). + case authenticate_user(Input) of + ok -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(QueryState); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/map/query/map_update.erl b/src/map/query/map_update.erl index a4e4038..a88992c 100644 --- a/src/map/query/map_update.erl +++ b/src/map/query/map_update.erl @@ -85,16 +85,17 @@ parse_input (Req) -> t = MapContent }. --spec authenticate_user (input()) -> 'ok'. +-spec authenticate_user (input()) -> ('ok' | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. -spec fetch_data (input()) -> query_state(). fetch_data (Input) -> @@ -165,13 +166,17 @@ generate_reply () -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Input), - Update = update_data(QueryState, Input), - commit_update(Update, Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(). + case authenticate_user(Input) of + ok -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Input), + Update = update_data(QueryState, Input), + commit_update(Update, Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/player/query/plr_load.erl b/src/player/query/plr_load.erl index 7adb114..2b15c2a 100644 --- a/src/player/query/plr_load.erl +++ b/src/player/query/plr_load.erl @@ -48,16 +48,17 @@ parse_input (Req) -> target_id = TargetID }. --spec authenticate_user (input()) -> 'ok'. +-spec authenticate_user (input()) -> ('ok' | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. -spec fetch_data (input()) -> query_state(). fetch_data (Input) -> @@ -82,11 +83,15 @@ generate_reply (QueryState, _Input) -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(QueryState, Input). + case authenticate_user(Input) of + ok -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(QueryState, Input); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/shared/reply/shr_disconnected.erl b/src/shared/reply/shr_disconnected.erl new file mode 100644 index 0000000..e7b1813 --- /dev/null +++ b/src/shared/reply/shr_disconnected.erl @@ -0,0 +1,25 @@ +-module(shr_disconnected). + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%% TYPES %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%% EXPORTS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +-export([generate/0]). + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%% LOCAL FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +-spec generate () -> {list(any())}. +generate () -> + { + [ + {<<"msg">>, <<"disconnected">>} + ] + }. diff --git a/src/shared/shr_security.erl b/src/shared/shr_security.erl index 3e9fb34..3c84f73 100644 --- a/src/shared/shr_security.erl +++ b/src/shared/shr_security.erl @@ -10,7 +10,7 @@ -export ( [ - assert_identity/2, + credentials_match/2, lock_queries/1, unlock_queries/1 ] @@ -23,11 +23,9 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --spec assert_identity (binary(), shr_player:type()) -> 'ok'. -assert_identity (SessionToken, Player) -> - true = (shr_player:get_token(Player) == SessionToken), - - ok. +-spec credentials_match (binary(), shr_player:type()) -> boolean(). +credentials_match (SessionToken, Player) -> + (shr_player:get_token(Player) == SessionToken). -spec lock_queries (any()) -> 'unimplemented'. lock_queries (_PlayerID) -> unimplemented. |