monkeytypegame/monkeytype
1
1
Fork 0
mirror of https://github.com/monkeytypegame/monkeytype.git synced 2025-04-29 21:41:08 +08:00
Code Issues Projects Releases Packages Wiki Activity

moved test completion to the server to increase security

Browse source
This commit is contained in:
Jack 2020-06-07 23:43:01 +01:00
parent 550c7507f1
commit 3e3b8fbd64
4 changed files with 56 additions and 31 deletions

32
functions/index.js
View file

@ -170,4 +170,36 @@ exports.checkIfNeedsToChangeName = functions.https.onCall((request,response) =>
return -1;
}
})
exports.testCompleted = functions.https.onCall((request,response) => {
if(request.uid === undefined || request.obj === undefined) return -1;
try{
let obj = request.obj;
let err = false;
Object.keys(obj).forEach(key => {
let val = obj[key];
if(val === undefined || !/^[0-9a-zA-Z._]+$/.test(val)) err = true;
})
if (err){
console.error(`error saving result for ${request.uid} - bad input`);
return -1;
}
if (obj.wpm <= 0 || obj.wpm > 350 || obj.acc < 50 || obj.acc > 100){
return -1;
}
return admin.firestore().collection(`users/${request.uid}/results`).add(obj).then(e => {
return 1;
}).catch(e => {
console.error(`error saving result for ${request.uid} - ${e}`);
return -1;
});
}catch(e){
console.error(`error saving result for ${request.uid} - ${e}`);
return -1;
}
})

16
public/index.html
View file

@ -647,14 +647,14 @@
<script src="js/chartjs-plugin-trendline.js"></script>
<script src="js/chartjs-plugin-annotation.js"></script>
<script src="js/html2canvas.js"></script>
<script src="js/words.js?v=7"></script>
<script src="js/layouts.js?v=7"></script>
<script src="js/db.js?v=7"></script>
<script src="js/userconfig.js?v=7"></script>
<script src="js/commandline.js?v=7"></script>
<script src="js/settings.js?v=7"></script>
<script src="js/account.js?v=7"></script>
<script src="js/script.js?v=7"></script>
<script src="js/words.js?v=8"></script>
<script src="js/layouts.js?v=8"></script>
<script src="js/db.js?v=8"></script>
<script src="js/userconfig.js?v=8"></script>
<script src="js/commandline.js?v=8"></script>
<script src="js/settings.js?v=8"></script>
<script src="js/account.js?v=8"></script>
<script src="js/script.js?v=8"></script>
</html>

16
public/js/db.js
View file

@ -2,22 +2,6 @@ const db = firebase.firestore();
let dbSnapshot = null;
function db_testCompleted(obj) {
if (obj.wpm == 0 || obj.wpm > 350 || obj.acc < 50 || obj.acc > 100) return false;
let uid = "";
let user = firebase.auth().currentUser;
if (user) {
uid = user.uid;
}
try{
db.collection(`users/${uid}/results`).add(obj);
// db.collection(`results`).add(obj);
}catch(e){
showNotification("Error saving result! Please contact Miodec on Discord.",5000);
}
}
async function db_getUserResults() {
let user = firebase.auth().currentUser;

23
public/js/script.js
View file

@ -29,6 +29,8 @@ let accuracyStats = {
let customText = "The quick brown fox jumps over the lazy dog";
const testCompleted = firebase.functions().httpsCallable('testCompleted');
function showNotification(text, time) {
let noti = $(".notification");
noti.text(text);
@ -667,14 +669,21 @@ function showResult(difficultyFailed = false) {
wpmOverTimeChart.options.annotation.annotations[0].value = data;
wpmOverTimeChart.update();
}
completedEvent.uid = firebase.auth().currentUser.uid;
try{
firebase.analytics().logEvent('testCompleted', completedEvent);
}catch(e){
console.log("Analytics unavailable");
}
db_testCompleted(completedEvent);
dbSnapshot.unshift(completedEvent);
testCompleted({uid:firebase.auth().currentUser.uid,obj:completedEvent}).then(e => {
if(e.data !== 1){
showNotification('Could not save result',3000);
}else if(e.data === 1){
dbSnapshot.unshift(completedEvent);
try{
firebase.analytics().logEvent('testCompleted', completedEvent);
}catch(e){
console.log("Analytics unavailable");
}
}
})
});
$("#result .loginTip").addClass('hidden');
} else {