commit 4110fee2c067fa1c58b7b2ed5e326158b4fa0958
parent 6591a8106d5729653c96d5ba69d74e9526affaf3
Author: n0tr1v <n0tr1v@protonmail.com>
Date: Sat, 28 Jan 2023 18:50:17 -0800
remove battleship hack
Diffstat:
5 files changed, 55 insertions(+), 35 deletions(-)
diff --git a/pkg/web/handlers/api/v1/battleship.go b/pkg/web/handlers/api/v1/battleship.go
@@ -280,7 +280,7 @@ func generateCard() *BSCard {
return c
}
-func (g *BSGame) drawCardFor(tmp int, isNewGame, shipDead, gameEnded bool, shipStr, pos string) (out string) {
+func (g *BSGame) drawCardFor(tmp int, roomName string, isNewGame, shipDead, gameEnded bool, shipStr, pos string) (out string) {
you := g.player1
enemy := g.player2
if tmp == 1 {
@@ -473,7 +473,9 @@ Against <span {{ .EnemyUserStyle | HTMLAttr }}>@{{ .EnemyUsername }}</span><br /
<tr>
<td><img src="data:image/png;base64,{{ .ImgB64 }}" alt="" /></td>
<td style="vertical-align: top;">
- <form method="post" style="margin-left: 10px;" action="/api/v1/chat/top-bar/battleship" target="iframe1">
+ <form method="post" style="margin-left: 10px;" action="/api/v1/battleship">
+ <input type="hidden" name="room" value="{{ .RoomName }}" />
+ <input type="hidden" name="enemyUsername" value="{{ .EnemyUsername }}" />
<table style="width: 177px; height: 177px; background-image: url(data:image/png;base64,{{ .Img1B64 }})">
<tr style="height: 16px;"><td colspan="11"> </td></tr>
{{- range $row := .Rows -}}
@@ -483,7 +485,7 @@ Against <span {{ .EnemyUserStyle | HTMLAttr }}>@{{ .EnemyUsername }}</span><br /
{{- if NotShot $row $col -}}
{{- if and $.YourTurn (not $.GameEnded) -}}
<td style="width: 16px;">
- <button style="height: 15px; width: 15px;" name="message" value="/pm {{ $.EnemyUsername }} /bs {{ GetRune $row }}{{ $col }}"></button>
+ <button style="height: 15px; width: 15px;" name="move" value="{{ GetRune $row }}{{ $col }}"></button>
</td>
{{- else -}}
<td style="width: 16px;"></td>
@@ -501,6 +503,7 @@ Against <span {{ .EnemyUserStyle | HTMLAttr }}>@{{ .EnemyUsername }}</span><br /
</table>
`
data := map[string]any{
+ "RoomName": roomName,
"EnemyUserStyle": enemy.userStyle,
"EnemyUsername": enemy.username,
"IsNewGame": isNewGame,
@@ -532,68 +535,72 @@ Against <span {{ .EnemyUserStyle | HTMLAttr }}>@{{ .EnemyUsername }}</span><br /
}
func (b *Battleship) InterceptMsg(cmd *Command) {
- b.Lock()
- defer b.Unlock()
m := bsRgx.FindStringSubmatch(cmd.message)
if len(m) != 3 {
return
}
+ enemyUsername := m[1]
+ pos := m[2]
+ if err := b.playMove(cmd.room.Name, cmd.room.ID, cmd.roomKey, *cmd.authUser, enemyUsername, pos); err != nil {
+ cmd.err = err
+ return
+ }
+ cmd.err = ErrStop
+ return
+}
- user, err := database.GetUserByUsername(m[1])
+func (b *Battleship) playMove(roomName string, roomID database.RoomID, roomKey string, authUser database.User, enemyUsername, pos string) error {
+ b.Lock()
+ defer b.Unlock()
+
+ user, err := database.GetUserByUsername(enemyUsername)
if err != nil {
- cmd.err = errors.New("invalid username")
- return
+ return errors.New("invalid username")
}
var gameKey string
- if cmd.fromUserID < user.ID {
- gameKey = fmt.Sprintf("%d_%d", cmd.fromUserID, user.ID)
+ if authUser.ID < user.ID {
+ gameKey = fmt.Sprintf("%d_%d", authUser.ID, user.ID)
} else {
- gameKey = fmt.Sprintf("%d_%d", user.ID, cmd.fromUserID)
+ gameKey = fmt.Sprintf("%d_%d", user.ID, authUser.ID)
}
- pos := m[2]
-
var shipStr string
var isNewGame, shipDead, gameEnded bool
g, ok := b.games[gameKey]
if ok {
- if !g.IsPlayerTurn(cmd.fromUserID) {
- cmd.err = errors.New("not your turn")
- return
+ if !g.IsPlayerTurn(authUser.ID) {
+ return errors.New("not your turn")
}
shipStr, shipDead, gameEnded, err = g.Shot(pos)
if err != nil {
- cmd.err = err
- return
+ return err
}
} else {
if pos != "" {
- cmd.err = errors.New("no Game ongoing")
- return
+ return errors.New("no Game ongoing")
}
- g = newGame(user, *cmd.authUser)
+ g = newGame(user, authUser)
b.games[gameKey] = g
isNewGame = true
}
// Delete old messages sent by "0" to the players
if err := database.DB.
- Where("room_id = ? AND user_id = ? AND (to_user_id = ? OR to_user_id = ?)", cmd.room.ID, b.zeroID, g.player1.id, g.player2.id).
+ Where("room_id = ? AND user_id = ? AND (to_user_id = ? OR to_user_id = ?)", roomID, b.zeroID, g.player1.id, g.player2.id).
Delete(&database.ChatMessage{}).Error; err != nil {
logrus.Error(err)
}
- card1 := g.drawCardFor(0, isNewGame, shipDead, gameEnded, shipStr, pos)
- _, _ = database.CreateMsg(card1, card1, cmd.roomKey, cmd.room.ID, b.zeroID, &g.player1.id)
+ card1 := g.drawCardFor(0, roomName, isNewGame, shipDead, gameEnded, shipStr, pos)
+ _, _ = database.CreateMsg(card1, card1, roomKey, roomID, b.zeroID, &g.player1.id)
- card2 := g.drawCardFor(1, isNewGame, shipDead, gameEnded, shipStr, pos)
- _, _ = database.CreateMsg(card2, card2, cmd.roomKey, cmd.room.ID, b.zeroID, &g.player2.id)
+ card2 := g.drawCardFor(1, roomName, isNewGame, shipDead, gameEnded, shipStr, pos)
+ _, _ = database.CreateMsg(card2, card2, roomKey, roomID, b.zeroID, &g.player2.id)
if gameEnded {
delete(b.games, gameKey)
}
- cmd.dataMessage = "/pm " + user.Username + " "
- cmd.err = ErrStop
+ return nil
}
diff --git a/pkg/web/handlers/api/v1/handlers.go b/pkg/web/handlers/api/v1/handlers.go
@@ -509,3 +509,19 @@ func CaptchaSolverHandler(c echo.Context) error {
}
return c.JSON(http.StatusOK, map[string]any{"answer": answer})
}
+
+func BattleshipHandler(c echo.Context) error {
+ authUser := c.Get("authUser").(*database.User)
+ roomName := c.Request().PostFormValue("room")
+ enemyUsername := c.Request().PostFormValue("enemyUsername")
+ pos := c.Request().PostFormValue("move")
+ redirectURL := "/api/v1/chat/messages/" + roomName
+ room, roomKey, err := dutils.GetRoomAndKey(c, roomName)
+ if err != nil {
+ return c.Redirect(http.StatusFound, redirectURL+"?error="+err.Error()+"&errorTs="+utils.FormatInt64(time.Now().Unix()))
+ }
+ if err = BattleshipInstance.playMove(roomName, room.ID, roomKey, *authUser, enemyUsername, pos); err != nil {
+ return c.Redirect(http.StatusFound, redirectURL+"?error="+err.Error()+"&errorTs="+utils.FormatInt64(time.Now().Unix()))
+ }
+ return c.Redirect(http.StatusFound, redirectURL)
+}
diff --git a/pkg/web/handlers/api/v1/topBarHandler.go b/pkg/web/handlers/api/v1/topBarHandler.go
@@ -209,9 +209,7 @@ func ChatTopBarHandler(c echo.Context) error {
authUser := c.Get("authUser").(*database.User)
var data chatTopBarData
data.RoomName = c.Param("roomName")
- if data.RoomName == "battleship" {
- data.RoomName = "general"
- } else if data.RoomName == "chess" {
+ if data.RoomName == "chess" {
data.RoomName = "general"
}
diff --git a/pkg/web/middlewares/middlewares.go b/pkg/web/middlewares/middlewares.go
@@ -173,7 +173,8 @@ func CSRFMiddleware() echo.MiddlewareFunc {
SameSite: http.SameSiteLaxMode,
Skipper: func(c echo.Context) bool {
apiKey := c.Request().Header.Get("DKF_API_KEY")
- if apiKey != "" && strings.HasPrefix(c.Path(), "/api/v1/") {
+ if (apiKey != "" && strings.HasPrefix(c.Path(), "/api/v1/")) ||
+ c.Path() == "/api/v1/battleship" {
return true
}
if c.Path() == "/chess/:key" {
@@ -182,9 +183,6 @@ func CSRFMiddleware() echo.MiddlewareFunc {
if strings.HasPrefix(c.Path(), "/api/v1/chat/top-bar/:roomName") && c.Param("roomName") == "werewolf" {
return true
}
- if strings.HasPrefix(c.Path(), "/api/v1/chat/top-bar/:roomName") && c.Param("roomName") == "battleship" {
- return true
- }
if strings.HasPrefix(c.Path(), "/api/v1/chat/top-bar/:roomName") && c.Param("roomName") == "chess" {
return true
}
diff --git a/pkg/web/web.go b/pkg/web/web.go
@@ -134,6 +134,7 @@ func getMainServer(i18nBundle *i18n.Bundle, renderer *tmp.Templates) echo.Handle
authGroup.POST("/two-factor-authentication/disable", handlers.TwoFactorAuthenticationDisableHandler, middlewares.AuthRateLimitMiddleware(1*time.Second, 2))
authGroup.GET("/api/v1/captcha-svc", v1.GetCaptchaHandler)
authGroup.POST("/api/v1/chat/:roomID/notifier", v1.RoomNotifierHandler)
+ authGroup.POST("/api/v1/battleship", v1.BattleshipHandler)
authGroup.POST("/api/v1/captcha/solver", v1.CaptchaSolverHandler)
authGroup.GET("/api/v1/chat/top-bar/:roomName", v1.ChatTopBarHandler)
authGroup.POST("/api/v1/chat/top-bar/:roomName", v1.ChatTopBarHandler, middlewares.AuthRateLimitMiddleware(1*time.Second, 3))
