Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

#539 방 생성시 어뷰징 사전검증 처리 방식 개선 #542

Open
wants to merge 5 commits into
base: dev
Choose a base branch
from
+65 −10
Open

#539 방 생성시 어뷰징 사전검증 처리 방식 개선 #542

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
97c025a
fix: 어뷰징 로직 처리 위치 및 preVerificationKey 처리
cokia Sep 3, 2024
2419698
Fix: loadenv require
kmc7468 Sep 3, 2024
677231b
Merge branch 'dev' into #539-방-생성시-어뷰징-사전검증-처리-방식-개선
cokia Sep 5, 2024
8830173
Fix: 어뷰징 사전검증 처리 방식 수정"
cokia Sep 10, 2024
ccdd6c0
Merge branch 'dev' into #539-방-생성시-어뷰징-사전검증-처리-방식-개선
cokia Sep 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 38 additions & 0 deletions src/modules/jwt.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
const jwt = require("jsonwebtoken");
const { secretKey, option, TOKEN_EXPIRED, TOKEN_INVALID } =
require("../../loadenv").jwt;

const signJwt = async (payload) => {
const options = { ...option };

if (type === "refresh") {
options.expiresIn = "30d";
}
if (type === "access") {
options.expiresIn = "14d";
}

const result = {
token: jwt.sign(payload, secretKey, options),
};
return result;
};

const verifyJwt = async (token) => {
let decoded;
try {
decoded = jwt.verify(token, secretKey);
} catch (err) {
if (err.message === "jwt expired") {
return TOKEN_EXPIRED;
} else {
return TOKEN_INVALID;
}
}
return decoded;
};

module.exports = {
sign: signJwt,
verify: verifyJwt,
};
37 changes: 27 additions & 10 deletions src/services/rooms.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,10 @@ const {
notifyRoomCreationAbuseToReportChannel,
} = require("../modules/slackNotification");

const {
signJwt,verifyJwt
} = require("../modules/jwt")

// 이벤트 코드입니다.
const { eventConfig } = require("../../loadenv");
const eventPeriod = eventConfig && {
Expand All @@ -23,7 +27,14 @@ const eventPeriod = eventConfig && {
const { contracts } = require("../lottery");

const createHandler = async (req, res) => {
const { name, from, to, time, maxPartLength } = req.body;
const { name, from, to, time, maxPartLength, preValidationKey } = req.body;

// 만약 preValidationKey를 사용하지 않을때 경고를 표출한다면 아래 코드를 사용하면 됨.
// if(!preValidationKey){
// return res.status(400).json({
// error: "Rooms/create : preValidation Key is Not Found"
// })
// }

try {
if (from === to) {
Expand Down Expand Up @@ -112,6 +123,19 @@ const createHandler = async (req, res) => {
// 이벤트 코드입니다.
await contracts?.completeFirstRoomCreationQuest(req.userOid, req.timestamp);

if (preValidationKey) {
const isAbuseResult = verifyJwt(preValidationKey);

if (typeof isAbuseResult !== "object" || isAbuseResult.isAbuse) {
const user = await userModel.findById(req.userOid).lean();
notifyRoomCreationAbuseToReportChannel(
req.userOid,
user?.nickname ?? req.userOid,
req.body
);
}
}

return res.send(roomObjectFormated);
} catch (err) {
logger.error(err);
Expand Down Expand Up @@ -168,16 +192,9 @@ const createTestHandler = async (req, res) => {
countRecentlyMadeRooms,
candidateRooms
);
if (isAbusing) {
const user = await userModel.findById(req.userOid).lean();
notifyRoomCreationAbuseToReportChannel(
req.userOid,
user?.nickname ?? req.userOid,
req.body
);
}
const preValidationKey = await signJwt({isAbusing: isAbusing})

return res.json({ result: !isAbusing });
return res.json({ result: !isAbusing, preValidationKey });
} catch (err) {
logger.error(err);
res.status(500).json({
Expand Down
Loading