summaryrefslogtreecommitdiff
path: root/src/map/query
diff options
context:
space:
mode:
Diffstat (limited to 'src/map/query')
-rw-r--r--src/map/query/map_load.erl17
-rw-r--r--src/map/query/map_update.erl18
2 files changed, 25 insertions, 10 deletions
diff --git a/src/map/query/map_load.erl b/src/map/query/map_load.erl
index 8365521..3357c4f 100644
--- a/src/map/query/map_load.erl
+++ b/src/map/query/map_load.erl
@@ -48,6 +48,17 @@ parse_input (Req) ->
map_id = MapID
}.
+-spec authenticate_user (input()) -> 'ok'.
+authenticate_user (Input) ->
+ PlayerID = Input#input.player_id,
+ SessionToken = Input#input.session_token,
+
+ Player = shr_timed_cache:fetch(player_db, any, PlayerID),
+
+ shr_security:assert_identity(SessionToken, Player),
+
+ ok.
+
-spec fetch_data (input()) -> query_state().
fetch_data (Input) ->
PlayerID = Input#input.player_id,
@@ -72,11 +83,7 @@ generate_reply (QueryState) ->
-spec handle (binary()) -> binary().
handle (Req) ->
Input = parse_input(Req),
- shr_security:assert_identity
- (
- Input#input.player_id,
- Input#input.session_token
- ),
+ authenticate_user(Input),
shr_security:lock_queries(Input#input.player_id),
QueryState = fetch_data(Input),
shr_security:unlock_queries(Input#input.player_id),
diff --git a/src/map/query/map_update.erl b/src/map/query/map_update.erl
index d2d8690..4c38ddf 100644
--- a/src/map/query/map_update.erl
+++ b/src/map/query/map_update.erl
@@ -47,6 +47,7 @@ parse_input (Req) ->
MapHeight = maps:get(<<"h">>, JSONReqMap),
MapContent = maps:get(<<"t">>, JSONReqMap),
+ %% TODO: those checks should be done while queries are locked.
true = (MapWidth > 0),
true = (MapHeight > 0),
true = (length(MapContent) == (MapWidth * MapHeight)),
@@ -83,6 +84,17 @@ parse_input (Req) ->
t = MapContent
}.
+-spec authenticate_user (input()) -> 'ok'.
+authenticate_user (Input) ->
+ PlayerID = Input#input.player_id,
+ SessionToken = Input#input.session_token,
+
+ Player = shr_timed_cache:fetch(player_db, any, PlayerID),
+
+ shr_security:assert_identity(SessionToken, Player),
+
+ ok.
+
-spec fetch_data (input()) -> query_state().
fetch_data (Input) ->
PlayerID = Input#input.player_id,
@@ -152,11 +164,7 @@ generate_reply () ->
-spec handle (binary()) -> binary().
handle (Req) ->
Input = parse_input(Req),
- shr_security:assert_identity
- (
- Input#input.player_id,
- Input#input.session_token
- ),
+ authenticate_user(Input),
shr_security:lock_queries(Input#input.player_id),
QueryState = fetch_data(Input),
Update = update_data(QueryState, Input),