From f953fe596a1a221dfaa06ad8fbdde135970014df Mon Sep 17 00:00:00 2001
From: Miodec <bartnikjack@gmail.com>
Date: Thu, 30 Dec 2021 16:11:38 +0100
Subject: [PATCH] added a result spacing check if the timestamp of the last
 result + the time of the current result is greater than the current timestamp
 that most likely means the result is invalid, created manually or shouldnt be
 saved because of a bug

---
 backend/api/controllers/result.js | 42 ++++++++++++++++++++++++++-----
 1 file changed, 36 insertions(+), 6 deletions(-)

diff --git a/backend/api/controllers/result.js b/backend/api/controllers/result.js
index 0be6e6bfd..1d75e72ff 100644
--- a/backend/api/controllers/result.js
+++ b/backend/api/controllers/result.js
@@ -124,18 +124,48 @@ class ResultController {
       //     uid
       //   );
       //   return res.status(400).json({ message: "Time traveler detected" });
+
+      // this probably wont work if we replace the timestamp with the server time later
+      // let timestampres = await ResultDAO.getResultByTimestamp(
+      //   uid,
+      //   result.timestamp
+      // );
+      // if (timestampres) {
+      //   return res.status(400).json({ message: "Duplicate result" });
       // }
 
-      let timestampres = await ResultDAO.getResultByTimestamp(
-        uid,
-        result.timestamp
-      );
-      if (timestampres) {
-        return res.status(400).json({ message: "Duplicate result" });
+      //convert result test duration to miliseconds
+      const testDurationMilis = result.testDuration * 1000;
+      //get latest result ordered by timestamp
+      let lastResultTimestamp;
+      try {
+        lastResultTimestamp = (await ResultDAO.getLastResult(uid)).timestamp;
+      } catch (e) {
+        lastResultTimestamp = null;
       }
 
       result.timestamp = Math.round(Date.now() / 1000) * 1000;
 
+      //check if its greater than server time - milis or result time - milis
+      if (
+        lastResultTimestamp &&
+        (lastResultTimestamp + testDurationMilis > result.timestamp ||
+          lastResultTimestamp + testDurationMilis >
+            Math.round(Date.now() / 1000) * 1000)
+      ) {
+        Logger.log(
+          "invalid_result_spacing",
+          {
+            lastTimestamp: lastResultTimestamp,
+            resultTime: result.timestamp,
+            difference:
+              lastResultTimestamp + testDurationMilis - result.timestamp,
+          },
+          uid
+        );
+        return res.status(400).json({ message: "Invalid result spacing" });
+      }
+
       try {
         result.keySpacingStats = {
           average: