euchre-live

Euchre web-app for the socially distant family
git clone git://git.alexkarle.com/euchre-live.git
Log | Files | Refs | README | LICENSE
commit 8a53c2c2c394da68effb73fbd3f5306acdeb85c1 (patch)
parent b1a9e2a2fcddc5272b5e013e2af273ec34ac7467
Author: Alex Karle <alex@karle.co>
Date:   Wed, 29 Apr 2020 23:38:52 -0400

Euchre::Dealer: Add basic password-protection to games

The first person to join the game has the option to join with a
password, which each additional player will have to specify in order to
join.

This is needed to prevent "euchre-live bombing" (a-la Zoom-bombing)
where a player could see that Alex was playing at table Foo and could
force join to take over the hand.

Having a trusted environment for each table also means that we can push
everyone into a spectator role in end game and no one should be worried
about seats stolen.

Diffstat:

Mlib/Euchre/Dealer.pm | 13++++++++++++-


Mpublic/debug.html | 5++++-


2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/lib/Euchre/Dealer.pm b/lib/Euchre/Dealer.pm
@@ -39,6 +39,7 @@ use constant {
     FOLLOW_SUIT     => 16,
     DONT_HAVE_CARD  => 17,
     NOT_IN_GAME     => 18,
+    BAD_PASS        => 19,
 };
 
 our @ERRORS = ();
@@ -61,6 +62,7 @@ $ERRORS[BAD_VOTE]        = "Bad vote";
 $ERRORS[FOLLOW_SUIT]     = "Have to follow suit!";
 $ERRORS[DONT_HAVE_CARD]  = "You don't have that card!";
 $ERRORS[NOT_IN_GAME]     = "You're not in any game";
+$ERRORS[BAD_PASS]        = "Game exists, password incorrect";
 
 
 # XXX: The first draft of this was written quickly and chose
@@ -86,6 +88,7 @@ $ERRORS[NOT_IN_GAME]     = "You're not in any game";
 #           trump_nominee => card,
 #           pass_count => 0-7,
 #           out_player => -1-3, -1 if none, else idx of "out player"
+#           password => string
 #       }
 #
 #   We decided the players would keep track of their own hands
@@ -215,6 +218,7 @@ sub pong {
 # player_name
 # game_id
 # force
+# password (opt)
 sub join_game {
     my ($p, $msg) = @_;
 
@@ -238,12 +242,19 @@ sub join_game {
             score => $ENV{END_DEBUG} ? [9,9] :[0, 0],
             phase => 'lobby',
             start_time => time,
+            (exists $msg->{password} ? (password => $msg->{password}) : ()),
         };
         $TOTAL_GAMES++;
     }
 
     my $game = $GAMES{$id};
 
+    # Before adding, verify the password is correct
+    if (exists $game->{password} && $game->{password} ne $msg->{password}) {
+        send_error($p, BAD_PASS);
+        return;
+    }
+
     # Make sure name is unique to game
     my @all_names = map { $_->{name} }
                     grep { defined }
@@ -717,7 +728,7 @@ sub swap_player {
 sub stats {
     my $num_players = scalar keys %PLAYERS;
     my $num_games = scalar keys %GAMES;
-    
+
     my $msg = "";
     $msg .= "PLAYERS: Join Time\t\tName\tGame\n";
     $msg .= "===========================================================\n";
diff --git a/public/debug.html b/public/debug.html
@@ -68,8 +68,9 @@
     function joinGame(force) {
       uname = document.getElementById('username').value;
       gname = document.getElementById('gamename').value;
+      pass  = document.getElementById('password').value;
       console.log('U: ' + uname + ' G: ' + gname);
-      ws.send(JSON.stringify({action:'join_game', player_name: uname, game_id: gname, force: force}))
+      ws.send(JSON.stringify({action:'join_game', player_name: uname, game_id: gname, force: force, password: pass}))
     }
     function sit() {
       seat = document.getElementById('seat_no').value;
@@ -113,6 +114,8 @@
  <input type="text" id="username">
  <label for="gamename">Game:</label>
  <input type="text" id="gamename">
+ <label for="password">Password:</label>
+ <input type="text" id="password">
  <button onclick="joinGame(0)">Join Game</button>
  <button onclick="joinGame(1)">Force Join</button>
  <button onclick="leaveGame()">Leave Game</button>