Union/ProjectLighthouse
1
0
Fork 0
mirror of https://github.com/LBPUnion/ProjectLighthouse.git synced 2025-07-26 15:08:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Prevent access to GameServer features if email enforcement is enabled and email is unverified

Browse source
This commit is contained in:
FeTetra 2024-12-17 02:19:53 -05:00
commit 9e9c96e1a3
3 changed files with 36 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

16
ProjectLighthouse.Servers.GameServer/Controllers/Matching/EnterLevelController.cs
View file

@ -1,9 +1,13 @@
#nullable enable
using System.Runtime.CompilerServices;
using LBPUnion.ProjectLighthouse.Database;
using LBPUnion.ProjectLighthouse.Extensions;
using LBPUnion.ProjectLighthouse.Helpers;
using LBPUnion.ProjectLighthouse.Configuration;
using LBPUnion.ProjectLighthouse.Migrations;
using LBPUnion.ProjectLighthouse.Types.Entities.Interaction;
using LBPUnion.ProjectLighthouse.Types.Entities.Level;
using LBPUnion.ProjectLighthouse.Types.Entities.Profile;
using LBPUnion.ProjectLighthouse.Types.Entities.Token;
using LBPUnion.ProjectLighthouse.Types.Users;
using Microsoft.AspNetCore.Authorization;
@ -20,6 +24,8 @@ public class EnterLevelController : ControllerBase
{
private readonly DatabaseContext database;
private static readonly bool emailEnforcementEnabled = EnforceEmailConfiguration.Instance.EnableEmailEnforcement;
public EnterLevelController(DatabaseContext database)
{
this.database = database;
@ -30,8 +36,13 @@ public class EnterLevelController : ControllerBase
{
GameTokenEntity token = this.GetToken();
UserEntity? user = await this.database.UserFromGameToken(token);
if (SlotHelper.IsTypeInvalid(slotType)) return this.BadRequest();
// Return bad request on unverified email if enforcement is enabled
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
// don't count plays for developer slots
if (slotType == "developer") return this.Ok();
@ -100,8 +111,13 @@ public class EnterLevelController : ControllerBase
{
GameTokenEntity token = this.GetToken();
UserEntity? user = await this.database.UserFromGameToken(token);
if (SlotHelper.IsTypeInvalid(slotType)) return this.BadRequest();
// Return bad request on unverified email if enforcement is enabled
if (emailEnforcementEnabled && !user.EmailAddressVerified) return this.BadRequest();
if (slotType == "developer") return this.Ok();
SlotEntity? slot = await this.database.Slots.FirstOrDefaultAsync(s => s.SlotId == slotId);