anti cheat: don't trust the client, move trip completions to server
All checks were successful
pedestrian-simulator / build (push) Successful in 1m11s
All checks were successful
pedestrian-simulator / build (push) Successful in 1m11s
This commit is contained in:
@@ -96,9 +96,16 @@ func main() {
|
||||
return
|
||||
}
|
||||
|
||||
var metadata TripState
|
||||
if err := json.NewDecoder(r.Body).Decode(&metadata); err != nil {
|
||||
// Fallback for legacy calls or if no metadata is sent
|
||||
// But we expect metadata now
|
||||
fmt.Printf("[API Trip] Warning: Failed to decode metadata: %v\n", err)
|
||||
}
|
||||
|
||||
userID, _ := getUserID(r.Context())
|
||||
sm := getStepManager(userID)
|
||||
sm.StartNewTrip()
|
||||
sm.StartNewTrip(metadata)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}))
|
||||
|
||||
@@ -140,9 +147,6 @@ func main() {
|
||||
// 7. User Profile Endpoint
|
||||
http.HandleFunc("/api/user/profile", RequireAuth(HandleUserProfile))
|
||||
|
||||
// 8. Trip Completion Endpoint
|
||||
http.HandleFunc("/api/trip/complete", RequireAuth(HandleTripComplete))
|
||||
|
||||
// 9. Start Server
|
||||
binding := "0.0.0.0:8080"
|
||||
fmt.Printf("Server starting on http://%s\n", binding)
|
||||
|
||||
Reference in New Issue
Block a user