| summaryrefslogtreecommitdiff |
diff options
| author | Nathanael Sensfelder <SpamShield0@MultiAgentSystems.org> | 2018-09-08 05:28:28 +0200 |
|---|---|---|
| committer | Nathanael Sensfelder <SpamShield0@MultiAgentSystems.org> | 2018-09-08 05:28:28 +0200 |
| commit | 936f186b6b767273fdc3c01f17311981c46e102c (patch) | |
| tree | 624d6d9591df4cb869d1361f31c27c7a6a66350c /src | |
| parent | cbc16fc5033ae7bd49c053131ec842e8f3445041 (diff) | |
Send "disconnected" cmd if user failed cred check.
This (currently) does not apply to the actual login page, but just to
any other action that requires being logged in.
Diffstat (limited to 'src')
| -rw-r--r-- | src/battle/query/btl_character_turn.erl | 30 | ||||
| -rw-r--r-- | src/battle/query/btl_load.erl | 23 | ||||
| -rw-r--r-- | src/character/query/chr_load.erl | 23 | ||||
| -rw-r--r-- | src/character/query/chr_update.erl | 27 | ||||
| -rw-r--r-- | src/map/query/map_load.erl | 23 | ||||
| -rw-r--r-- | src/map/query/map_update.erl | 27 | ||||
| -rw-r--r-- | src/player/query/plr_load.erl | 23 | ||||
| -rw-r--r-- | src/shared/reply/shr_disconnected.erl | 25 | ||||
| -rw-r--r-- | src/shared/shr_security.erl | 10 |
9 files changed, 135 insertions, 76 deletions
diff --git a/src/battle/query/btl_character_turn.erl b/src/battle/query/btl_character_turn.erl index b23a02e..62d4b4b 100644 --- a/src/battle/query/btl_character_turn.erl +++ b/src/battle/query/btl_character_turn.erl @@ -25,17 +25,17 @@ decode_request (BinaryRequest) -> btl_character_turn_request:decode(JSONMap). %%%% USER AUTHENTICATION %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --spec authenticate_user (btl_character_turn_request:type()) -> 'ok'. +-spec authenticate_user (btl_character_turn_request:type()) -> ('ok' | 'error'). authenticate_user (Request) -> PlayerID = btl_character_turn_request:get_player_id(Request), SessionToken = btl_character_turn_request:get_session_token(Request), Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - shr_security:lock_queries(PlayerID), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. %%%% MAIN LOGIC %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -spec fetch_data @@ -265,13 +265,19 @@ generate_reply (Update) -> -spec handle (binary()) -> binary(). handle (EncodedRequest) -> Request = decode_request(EncodedRequest), - authenticate_user(Request), - Data = fetch_data(Request), - assert_user_permissions(Data, Request), - Update = update_data(Data, Request), - commit_update(Update, Request), - disconnect_user(Request), - generate_reply(Update). + case authenticate_user(Request) of + ok -> + PlayerID = btl_character_turn_request:get_player_id(Request), + shr_security:lock_queries(PlayerID), + Data = fetch_data(Request), + assert_user_permissions(Data, Request), + Update = update_data(Data, Request), + commit_update(Update, Request), + disconnect_user(Request), + generate_reply(Update); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/battle/query/btl_load.erl b/src/battle/query/btl_load.erl index 35ad6f9..cbcc3b5 100644 --- a/src/battle/query/btl_load.erl +++ b/src/battle/query/btl_load.erl @@ -48,16 +48,17 @@ parse_input (Req) -> battle_id = BattleID }. --spec authenticate_user (input()) -> 'ok'. +-spec authenticate_user (input()) -> ('ok' | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. -spec fetch_data (input()) -> query_state(). fetch_data (Input) -> @@ -150,11 +151,15 @@ generate_reply (QueryState, Input) -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(QueryState, Input). + case authenticate_user(Input) of + ok -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(QueryState, Input); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/character/query/chr_load.erl b/src/character/query/chr_load.erl index 290ea37..3c269d6 100644 --- a/src/character/query/chr_load.erl +++ b/src/character/query/chr_load.erl @@ -47,16 +47,17 @@ parse_input (Req) -> session_token = SessionToken }. --spec authenticate_user (input()) -> {'ok', shr_player:type()}. +-spec authenticate_user (input()) -> ({'ok', shr_player:type()} | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - {ok, Player}. + case shr_security:credentials_match(SessionToken, Player) of + true -> {ok, Player}; + _ -> error + end. -spec fetch_data (shr_player:type(), input()) -> query_state(). fetch_data (Player, Input) -> @@ -94,11 +95,15 @@ generate_reply (QueryState) -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - {ok, Player} = authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Player, Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(QueryState). + case authenticate_user(Input) of + {ok, Player} -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Player, Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(QueryState); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/character/query/chr_update.erl b/src/character/query/chr_update.erl index 90d87c5..568a749 100644 --- a/src/character/query/chr_update.erl +++ b/src/character/query/chr_update.erl @@ -55,16 +55,17 @@ parse_input (Req) -> character = Character }. --spec authenticate_user (input()) -> {'ok', shr_player:type()}. +-spec authenticate_user (input()) -> ({'ok', shr_player:type()} | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - {ok, Player}. + case shr_security:credentials_match(SessionToken, Player) of + true -> {ok, Player}; + _ -> error + end. -spec fetch_data (shr_player:type(), input()) -> query_state(). fetch_data (Player, Input) -> @@ -131,13 +132,17 @@ generate_reply () -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - {ok, Player} = authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Player, Input), - Update = update_data(QueryState, Input), - commit_update(Update, Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(). + case authenticate_user(Input) of + {ok, Player} -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Player, Input), + Update = update_data(QueryState, Input), + commit_update(Update, Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/map/query/map_load.erl b/src/map/query/map_load.erl index 3357c4f..ad6db17 100644 --- a/src/map/query/map_load.erl +++ b/src/map/query/map_load.erl @@ -48,16 +48,17 @@ parse_input (Req) -> map_id = MapID }. --spec authenticate_user (input()) -> 'ok'. +-spec authenticate_user (input()) -> ('ok' | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. -spec fetch_data (input()) -> query_state(). fetch_data (Input) -> @@ -83,11 +84,15 @@ generate_reply (QueryState) -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(QueryState). + case authenticate_user(Input) of + ok -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(QueryState); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/map/query/map_update.erl b/src/map/query/map_update.erl index a4e4038..a88992c 100644 --- a/src/map/query/map_update.erl +++ b/src/map/query/map_update.erl @@ -85,16 +85,17 @@ parse_input (Req) -> t = MapContent }. --spec authenticate_user (input()) -> 'ok'. +-spec authenticate_user (input()) -> ('ok' | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. -spec fetch_data (input()) -> query_state(). fetch_data (Input) -> @@ -165,13 +166,17 @@ generate_reply () -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Input), - Update = update_data(QueryState, Input), - commit_update(Update, Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(). + case authenticate_user(Input) of + ok -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Input), + Update = update_data(QueryState, Input), + commit_update(Update, Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/player/query/plr_load.erl b/src/player/query/plr_load.erl index 7adb114..2b15c2a 100644 --- a/src/player/query/plr_load.erl +++ b/src/player/query/plr_load.erl @@ -48,16 +48,17 @@ parse_input (Req) -> target_id = TargetID }. --spec authenticate_user (input()) -> 'ok'. +-spec authenticate_user (input()) -> ('ok' | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. -spec fetch_data (input()) -> query_state(). fetch_data (Input) -> @@ -82,11 +83,15 @@ generate_reply (QueryState, _Input) -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(QueryState, Input). + case authenticate_user(Input) of + ok -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(QueryState, Input); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/shared/reply/shr_disconnected.erl b/src/shared/reply/shr_disconnected.erl new file mode 100644 index 0000000..e7b1813 --- /dev/null +++ b/src/shared/reply/shr_disconnected.erl @@ -0,0 +1,25 @@ +-module(shr_disconnected). + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%% TYPES %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%% EXPORTS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +-export([generate/0]). + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%% LOCAL FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +-spec generate () -> {list(any())}. +generate () -> + { + [ + {<<"msg">>, <<"disconnected">>} + ] + }. diff --git a/src/shared/shr_security.erl b/src/shared/shr_security.erl index 3e9fb34..3c84f73 100644 --- a/src/shared/shr_security.erl +++ b/src/shared/shr_security.erl @@ -10,7 +10,7 @@ -export ( [ - assert_identity/2, + credentials_match/2, lock_queries/1, unlock_queries/1 ] @@ -23,11 +23,9 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --spec assert_identity (binary(), shr_player:type()) -> 'ok'. -assert_identity (SessionToken, Player) -> - true = (shr_player:get_token(Player) == SessionToken), - - ok. +-spec credentials_match (binary(), shr_player:type()) -> boolean(). +credentials_match (SessionToken, Player) -> + (shr_player:get_token(Player) == SessionToken). -spec lock_queries (any()) -> 'unimplemented'. lock_queries (_PlayerID) -> unimplemented. |