From 6bfb3a4b2ca81adbb67512568fdeb0198214f059 Mon Sep 17 00:00:00 2001 From: Geoffrey Wu Date: Sat, 28 Sep 2024 01:45:05 -0400 Subject: [PATCH] implement login-required functionality (fixes #219) --- client/multiplayer/room.html | 2 +- server/multiplayer/handle-wss-connection.js | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/client/multiplayer/room.html b/client/multiplayer/room.html index 00939c1e..8741a3ef 100644 --- a/client/multiplayer/room.html +++ b/client/multiplayer/room.html @@ -172,7 +172,7 @@

- +
diff --git a/server/multiplayer/handle-wss-connection.js b/server/multiplayer/handle-wss-connection.js index f49d5def..e9c19d3e 100644 --- a/server/multiplayer/handle-wss-connection.js +++ b/server/multiplayer/handle-wss-connection.js @@ -1,3 +1,4 @@ +import { checkToken } from '../authentication.js'; import hasValidCharacters from '../moderation/has-valid-characters.js'; import isAppropriateString from '../moderation/is-appropriate-string.js'; import { createAndReturnRoom } from './TossupRoom.js'; @@ -46,6 +47,24 @@ export default function handleWssConnection (ws, req) { return false; } + if (room.settings.loginRequired === true) { + const cookieString = (req?.headers?.cookie ?? 'session=;').split(';').find(token => token.trim().startsWith('session=')); + const cookieBuffer = Buffer.from(cookieString.split('=')[1], 'base64'); + let valid = true; + try { + const cookies = JSON.parse(cookieBuffer.toString('utf-8')); + valid = checkToken(cookies.username, cookies.token, true); + } catch (e) { valid = false; } + + if (!valid) { + ws.send(JSON.stringify({ + type: 'error', + message: 'You must be logged in with a verified email to join this room.' + })); + return false; + } + } + if (!isAppropriateString(username)) { username = getRandomName(); ws.send(JSON.stringify({