Merge pull request #92 from AlecM33/develop

send existing cookie with join request

client/src/modules/GameCreationStepManager.js

@@ -295,7 +295,6 @@ function renderRoleSelectionStep (game, containerId, step, deckManager) {
     };
 
     const clickHandler = () => {
-        console.log('fired');
         const actions = document.getElementById('custom-role-actions');
         if (actions.style.display !== 'none') {
             actions.style.display = 'none';

client/src/scripts/home.js

@@ -28,7 +28,7 @@ function attemptToJoinGame (code) {
     )
         .then((res) => {
             if (res.status === 200) {
-                let json = JSON.parse(res.content);
+                const json = JSON.parse(res.content);
                 window.location = window.location.protocol + '//' + window.location.host +
                     '/join/' + encodeURIComponent(json.accessCode) +
                     '?playerCount=' + encodeURIComponent(json.playerCount) +
@@ -45,7 +45,7 @@ function attemptToJoinGame (code) {
         });
 }
 
-function getTimeString(timerParams) {
+function getTimeString (timerParams) {
     let timeString = '';
     if (timerParams) {
         const hours = timerParams.hours;

client/src/scripts/join.js

@@ -35,7 +35,12 @@ const joinHandler = (e) => {
             '/api/games/' + accessCode + '/players',
             'PATCH',
             null,
-            JSON.stringify({ playerName: name, accessCode: accessCode })
+            JSON.stringify({
+                playerName: name,
+                accessCode: accessCode,
+                sessionCookie: UserUtility.validateAnonUserSignature(globals.ENVIRONMENT.LOCAL),
+                localCookie: UserUtility.validateAnonUserSignature(globals.ENVIRONMENT.PRODUCTION)
+            })
         )
             .then((res) => {
                 const json = JSON.parse(res.content);

server/api/GamesAPI.js

@@ -27,7 +27,7 @@ const corsOptions = process.env.NODE_ENV.trim() === 'development'
     };
 
 router.use(cors(corsOptions));
-// router.options('/:code/players', cors(corsOptions));
+router.options('/:code/players', cors(corsOptions));
 
 if (process.env.NODE_ENV.trim() === 'production') { // in prod, limit clients to creating 5 games per 10 minutes.
     router.use('/create', apiLimiter);
@@ -50,7 +50,6 @@ router.post('/create', function (req, res) {
 });
 
 router.get('/:code/availability', function (req, res) {
-    console.log(req.params.code);
     const availabilityPromise = gameManager.checkAvailability(req.params.code);
     availabilityPromise.then((result) => {
         if (result === 404) {
@@ -67,17 +66,19 @@ router.get('/:code/availability', function (req, res) {
 });
 
 router.patch('/:code/players', function (req, res) {
-    console.log(req.body);
     if (
         req.body === null
         || !validateAccessCode(req.body.accessCode)
         || !validateName(req.body.playerName)
+        || !validateCookie(req.body.localCookie)
+        || !validateCookie(req.body.sessionCookie)
     ) {
         res.status(400).send();
     } else {
         const game = gameManager.activeGameRunner.activeGames[req.body.accessCode];
         if (game) {
-            gameManager.joinGame(game, req.body.playerName).then((data) => {
+            const inUseCookie = gameManager.environment === globals.ENVIRONMENT.PRODUCTION ? req.body.localCookie : req.body.sessionCookie;
+            gameManager.joinGame(game, req.body.playerName, inUseCookie).then((data) => {
                 res.status(200).send({ cookie: data, environment: gameManager.environment });
             }).catch((code) => {
                 res.status(code).send();
@@ -96,11 +97,9 @@ function validateName (name) {
     return typeof name === 'string' && name.length > 0 && name.length <= 30;
 }
 
-// function validateCookie (cookie) {
-//     return cookie === null
-//         || (typeof cookie !== 'string' && cookie !== false)
-//         || (cookie.length !== globals.USER_SIGNATURE_LENGTH && cookie !== false);
-// }
+function validateCookie (cookie) {
+    return cookie === null || cookie === false || (typeof cookie === 'string' && cookie.length === globals.USER_SIGNATURE_LENGTH);
+}
 
 function validateAccessCode (accessCode) {
     return /^[a-zA-Z0-9]+$/.test(accessCode) && accessCode.length === globals.ACCESS_CODE_LENGTH;

server/modules/GameManager.js

@@ -254,7 +254,11 @@ class GameManager {
         }
     };
 
-    joinGame = (game, name) => {
+    joinGame = (game, name, cookie) => {
+        const matchingPerson = findPersonByField(game, 'cookie', cookie);
+        if (matchingPerson) {
+            return Promise.resolve(matchingPerson.cookie);
+        }
         if (isNameTaken(game, name)) {
             return Promise.reject(400);
         }

server/modules/ServerBootstrapper.js

@@ -3,7 +3,6 @@ const http = require('http');
 const https = require('https');
 const path = require('path');
 const fs = require('fs');
-const secure = require('express-force-https');
 
 const ServerBootstrapper = {
     processCLIArgs: () => {
@@ -56,8 +55,15 @@ const ServerBootstrapper = {
             }
         } else {
             logger.warn('starting main in PRODUCTION mode. This should not be used for local development.');
-            app.use(secure);
             main = http.createServer(app);
+            app.use(function (req, res, next) {
+                const schema = (req.headers['x-forwarded-proto'] || '').toLowerCase();
+                if (!req.path.includes('/_ah/start') && req.headers.host.indexOf('localhost') < 0 && schema !== 'https') {
+                    res.redirect('https://' + req.headers.host + req.url);
+                } else {
+                    next();
+                }
+            });
         }
 
         return main;