X-Git-Url: https://git.auder.net/?a=blobdiff_plain;f=server%2Froutes%2Fgames.js;h=b5f59b0c380f6d5b9ad8f9238972128ece5671c7;hb=714680114508183fba2c07231dbe8f90b5631b81;hp=24bfc82cb8c70586a112e7ce54131001ecbbf6a9;hpb=dac395887d96e2d642b209c6db6aaacc3ffacb34;p=vchess.git diff --git a/server/routes/games.js b/server/routes/games.js index 24bfc82c..b5f59b0c 100644 --- a/server/routes/games.js +++ b/server/routes/games.js @@ -1,16 +1,16 @@ -var router = require("express").Router(); -var UserModel = require("../models/User"); -var ChallengeModel = require('../models/Challenge'); -var GameModel = require('../models/Game'); -var VariantModel = require('../models/Variant'); -var access = require("../utils/access"); -var params = require("../config/parameters"); +let router = require("express").Router(); +const UserModel = require("../models/User"); +const ChallengeModel = require('../models/Challenge'); +const GameModel = require('../models/Game'); +const VariantModel = require('../models/Variant'); +const access = require("../utils/access"); +const params = require("../config/parameters"); // From main hall, start game between players 0 and 1 router.post("/games", access.logged, access.ajax, (req,res) => { const gameInfo = req.body.gameInfo; if (!Array.isArray(gameInfo.players) || - !gameInfo.players.some(p => p.id == req.userId)) + gameInfo.players.every(p => p.id != req.userId)) { return res.json({errmsg: "Cannot start someone else's game"}); } @@ -26,7 +26,7 @@ router.post("/games", access.logged, access.ajax, (req,res) => { return res.json({errmsg:error}); ChallengeModel.remove(cid); GameModel.create( - gameInfo.vid, gameInfo.fen, gameInfo.timeControl, gameInfo.players, + gameInfo.vid, gameInfo.fen, gameInfo.cadence, gameInfo.players, (err,ret) => { access.checkRequest(res, err, ret, "Cannot create game", () => { const oppIdx = (gameInfo.players[0].id == req.userId ? 1 : 0); @@ -43,7 +43,9 @@ router.get("/games", access.ajax, (req,res) => { const gameId = req.query["gid"]; if (!!gameId) { - GameModel.getOne(gameId, (err,game) => { + if (!gameId.match(/^[0-9]+$/)) + return res.json({errmsg: "Wrong game ID"}); + GameModel.getOne(gameId, false, (err,game) => { access.checkRequest(res, err, game, "Game not found", () => { res.json({game: game}); }); @@ -53,6 +55,8 @@ router.get("/games", access.ajax, (req,res) => { { // Get by (non-)user ID: const userId = req.query["uid"]; + if (!userId.match(/^[0-9]+$/)) + return res.json({errmsg: "Wrong user ID"}); const excluded = !!req.query["excluded"]; GameModel.getByUser(userId, excluded, (err,games) => { if (!!err) @@ -76,14 +80,23 @@ router.put("/games", access.logged, access.ajax, (req,res) => { GameModel.update(gid, obj, (err) => { if (!!err) return res.json(err); - // Notify opponent if he enabled notifications: - GameModel.getPlayers(gid, (err2,players) => { - if (!!err2) - return res.json(err); - const oppid = (players[0].id == req.userId ? players[1].id : players[0].id); - UserModel.tryNotify(oppid, - "New move in game: " + params.siteURL + "/game/" + gid); - }); + if (!!obj.move || !!obj.score) + { + // Notify opponent if he enabled notifications: + GameModel.getPlayers(gid, (err2,players) => { + if (!err2) + { + const oppid = (players[0].id == req.userId + ? players[1].id + : players[0].id); + const messagePrefix = (!!obj.move + ? "New move in game: " + : "Game ended: "); + UserModel.tryNotify(oppid, + messagePrefix + params.siteURL + "/game/" + gid); + } + }); + } res.json({}); }); });