From 8a53c2c2c394da68effb73fbd3f5306acdeb85c1 Mon Sep 17 00:00:00 2001 From: Alex Karle Date: Wed, 29 Apr 2020 23:38:52 -0400 Subject: [PATCH] Euchre::Dealer: Add basic password-protection to games The first person to join the game has the option to join with a password, which each additional player will have to specify in order to join. This is needed to prevent "euchre-live bombing" (a-la Zoom-bombing) where a player could see that Alex was playing at table Foo and could force join to take over the hand. Having a trusted environment for each table also means that we can push everyone into a spectator role in end game and no one should be worried about seats stolen. --- lib/Euchre/Dealer.pm | 13 ++++++++++++- public/debug.html | 5 ++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/lib/Euchre/Dealer.pm b/lib/Euchre/Dealer.pm index 7fbbcbf..03a900f 100644 --- a/lib/Euchre/Dealer.pm +++ b/lib/Euchre/Dealer.pm @@ -39,6 +39,7 @@ use constant { FOLLOW_SUIT => 16, DONT_HAVE_CARD => 17, NOT_IN_GAME => 18, + BAD_PASS => 19, }; our @ERRORS = (); @@ -61,6 +62,7 @@ $ERRORS[BAD_VOTE] = "Bad vote"; $ERRORS[FOLLOW_SUIT] = "Have to follow suit!"; $ERRORS[DONT_HAVE_CARD] = "You don't have that card!"; $ERRORS[NOT_IN_GAME] = "You're not in any game"; +$ERRORS[BAD_PASS] = "Game exists, password incorrect"; # XXX: The first draft of this was written quickly and chose @@ -86,6 +88,7 @@ $ERRORS[NOT_IN_GAME] = "You're not in any game"; # trump_nominee => card, # pass_count => 0-7, # out_player => -1-3, -1 if none, else idx of "out player" +# password => string # } # # We decided the players would keep track of their own hands @@ -215,6 +218,7 @@ sub pong { # player_name # game_id # force +# password (opt) sub join_game { my ($p, $msg) = @_; @@ -238,12 +242,19 @@ sub join_game { score => $ENV{END_DEBUG} ? [9,9] :[0, 0], phase => 'lobby', start_time => time, + (exists $msg->{password} ? (password => $msg->{password}) : ()), }; $TOTAL_GAMES++; } my $game = $GAMES{$id}; + # Before adding, verify the password is correct + if (exists $game->{password} && $game->{password} ne $msg->{password}) { + send_error($p, BAD_PASS); + return; + } + # Make sure name is unique to game my @all_names = map { $_->{name} } grep { defined } @@ -717,7 +728,7 @@ sub swap_player { sub stats { my $num_players = scalar keys %PLAYERS; my $num_games = scalar keys %GAMES; - + my $msg = ""; $msg .= "PLAYERS: Join Time\t\tName\tGame\n"; $msg .= "===========================================================\n"; diff --git a/public/debug.html b/public/debug.html index 2035d89..dbc4ae1 100644 --- a/public/debug.html +++ b/public/debug.html @@ -68,8 +68,9 @@ function joinGame(force) { uname = document.getElementById('username').value; gname = document.getElementById('gamename').value; + pass = document.getElementById('password').value; console.log('U: ' + uname + ' G: ' + gname); - ws.send(JSON.stringify({action:'join_game', player_name: uname, game_id: gname, force: force})) + ws.send(JSON.stringify({action:'join_game', player_name: uname, game_id: gname, force: force, password: pass})) } function sit() { seat = document.getElementById('seat_no').value; @@ -113,6 +114,8 @@ + + -- libgit2 1.1.1