diff options
| author | nsfisis <nsfisis@gmail.com> | 2024-07-29 20:04:26 +0900 |
|---|---|---|
| committer | nsfisis <nsfisis@gmail.com> | 2024-07-29 20:04:26 +0900 |
| commit | 9e47a0ecc9416a0fa0b09201882d1da5b11ebaff (patch) | |
| tree | f368aa1ef1d734d3096c9129e17d6af11d1041a6 /backend/game/http.go | |
| parent | 3f95e0e6d62267cf8863e98f3ab7de8971a91000 (diff) | |
| parent | 648613e24c8afe5fd3c599def61b33ccf7bcb96c (diff) | |
| download | phperkaigi-2025-albatross-9e47a0ecc9416a0fa0b09201882d1da5b11ebaff.tar.gz phperkaigi-2025-albatross-9e47a0ecc9416a0fa0b09201882d1da5b11ebaff.tar.zst phperkaigi-2025-albatross-9e47a0ecc9416a0fa0b09201882d1da5b11ebaff.zip | |
Merge branch 'game-watching'
Diffstat (limited to 'backend/game/http.go')
| -rw-r--r-- | backend/game/http.go | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/backend/game/http.go b/backend/game/http.go index beda46c..8cf7322 100644 --- a/backend/game/http.go +++ b/backend/game/http.go @@ -5,6 +5,8 @@ import ( "strconv" "github.com/labstack/echo/v4" + + "github.com/nsfisis/iosdc-2024-albatross/backend/auth" ) type sockHandler struct { @@ -18,7 +20,13 @@ func newSockHandler(hubs *GameHubs) *sockHandler { } func (h *sockHandler) HandleSockGolfPlay(c echo.Context) error { - // TODO: auth + jwt := c.QueryParam("token") + claims, err := auth.ParseJWT(jwt) + if err != nil { + return echo.NewHTTPError(http.StatusUnauthorized, err.Error()) + } + // TODO: check user permission + gameId := c.Param("gameId") gameIdInt, err := strconv.Atoi(gameId) if err != nil { @@ -34,11 +42,19 @@ func (h *sockHandler) HandleSockGolfPlay(c echo.Context) error { if foundHub == nil { return echo.NewHTTPError(http.StatusNotFound, "Game not found") } - return servePlayerWs(foundHub, c.Response(), c.Request(), "a") + return servePlayerWs(foundHub, c.Response(), c.Request(), claims.UserID) } func (h *sockHandler) HandleSockGolfWatch(c echo.Context) error { - // TODO: auth + jwt := c.QueryParam("token") + claims, err := auth.ParseJWT(jwt) + if err != nil { + return echo.NewHTTPError(http.StatusUnauthorized, err.Error()) + } + if !claims.IsAdmin { + return echo.NewHTTPError(http.StatusForbidden, "Permission denied") + } + gameId := c.Param("gameId") gameIdInt, err := strconv.Atoi(gameId) if err != nil { |