From 936f186b6b767273fdc3c01f17311981c46e102c Mon Sep 17 00:00:00 2001 From: Nathanael Sensfelder Date: Sat, 8 Sep 2018 05:28:28 +0200 Subject: Send "disconnected" cmd if user failed cred check. This (currently) does not apply to the actual login page, but just to any other action that requires being logged in. --- src/map/query/map_load.erl | 23 ++++++++++++++--------- src/map/query/map_update.erl | 27 ++++++++++++++++----------- 2 files changed, 30 insertions(+), 20 deletions(-) (limited to 'src/map') diff --git a/src/map/query/map_load.erl b/src/map/query/map_load.erl index 3357c4f..ad6db17 100644 --- a/src/map/query/map_load.erl +++ b/src/map/query/map_load.erl @@ -48,16 +48,17 @@ parse_input (Req) -> map_id = MapID }. --spec authenticate_user (input()) -> 'ok'. +-spec authenticate_user (input()) -> ('ok' | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. -spec fetch_data (input()) -> query_state(). fetch_data (Input) -> @@ -83,11 +84,15 @@ generate_reply (QueryState) -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(QueryState). + case authenticate_user(Input) of + ok -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(QueryState); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/src/map/query/map_update.erl b/src/map/query/map_update.erl index a4e4038..a88992c 100644 --- a/src/map/query/map_update.erl +++ b/src/map/query/map_update.erl @@ -85,16 +85,17 @@ parse_input (Req) -> t = MapContent }. --spec authenticate_user (input()) -> 'ok'. +-spec authenticate_user (input()) -> ('ok' | 'error'). authenticate_user (Input) -> PlayerID = Input#input.player_id, SessionToken = Input#input.session_token, Player = shr_timed_cache:fetch(player_db, any, PlayerID), - shr_security:assert_identity(SessionToken, Player), - - ok. + case shr_security:credentials_match(SessionToken, Player) of + true -> ok; + _ -> error + end. -spec fetch_data (input()) -> query_state(). fetch_data (Input) -> @@ -165,13 +166,17 @@ generate_reply () -> -spec handle (binary()) -> binary(). handle (Req) -> Input = parse_input(Req), - authenticate_user(Input), - shr_security:lock_queries(Input#input.player_id), - QueryState = fetch_data(Input), - Update = update_data(QueryState, Input), - commit_update(Update, Input), - shr_security:unlock_queries(Input#input.player_id), - generate_reply(). + case authenticate_user(Input) of + ok -> + shr_security:lock_queries(Input#input.player_id), + QueryState = fetch_data(Input), + Update = update_data(QueryState, Input), + commit_update(Update, Input), + shr_security:unlock_queries(Input#input.player_id), + generate_reply(); + + error -> jiffy:encode([shr_disconnected:generate()]) + end. %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %% EXPORTED FUNCTIONS %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -- cgit v1.2.3-70-g09d2