diff --git a/src/be/jeffcheasey88/peeratcode/routes/BadgeDetails.java b/src/be/jeffcheasey88/peeratcode/routes/BadgeDetails.java index 4633acb..89c3302 100644 --- a/src/be/jeffcheasey88/peeratcode/routes/BadgeDetails.java +++ b/src/be/jeffcheasey88/peeratcode/routes/BadgeDetails.java @@ -22,10 +22,9 @@ public class BadgeDetails implements Response { this.databaseRepo = databaseRepo; } - @Route(path = "^\\/badge\\/([0-9]+)$") + @Route(path = "^\\/badge\\/([0-9]+)$", needLogin = true) @Override public void exec(Matcher matcher, User user, HttpReader reader, HttpWriter writer) throws Exception { - HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *"); if (matcher.groupCount() > 0) { int badgeId = Integer.parseInt(matcher.group(1)); Badge badge = databaseRepo.getBadge(badgeId); @@ -36,6 +35,7 @@ public class BadgeDetails implements Response { badgeJSON.put("logo", Base64.getEncoder().encodeToString(badge.getLogo())); badgeJSON.put("level", badge.getLevel()); } + HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *"); writer.write(badgeJSON.toJSONString().replace("\\", "")); } else { HttpUtil.responseHeaders(writer, 400, "Access-Control-Allow-Origin: *"); diff --git a/src/be/jeffcheasey88/peeratcode/routes/ChapterElement.java b/src/be/jeffcheasey88/peeratcode/routes/ChapterElement.java index ea0a70e..2bd05a0 100644 --- a/src/be/jeffcheasey88/peeratcode/routes/ChapterElement.java +++ b/src/be/jeffcheasey88/peeratcode/routes/ChapterElement.java @@ -23,10 +23,9 @@ public class ChapterElement implements Response { this.databaseRepo = databaseRepo; } - @Route(path = "^\\/chapter\\/([0-9]+)$") + @Route(path = "^\\/chapter\\/([0-9]+)$", needLogin = true) @Override public void exec(Matcher matcher, User user, HttpReader reader, HttpWriter writer) throws Exception { - HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *"); Chapter chapter = databaseRepo.getChapter(extractId(matcher)); if (chapter != null) { JSONObject chapterJSON = new JSONObject(); @@ -46,7 +45,10 @@ public class ChapterElement implements Response { puzzles.add(puzzleJSON); } chapterJSON.put("puzzles", puzzles); + HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *"); writer.write(chapterJSON.toJSONString()); + } else { + HttpUtil.responseHeaders(writer, 400, "Access-Control-Allow-Origin: *"); } } diff --git a/src/be/jeffcheasey88/peeratcode/routes/ChapterList.java b/src/be/jeffcheasey88/peeratcode/routes/ChapterList.java index 30b092a..63f514b 100644 --- a/src/be/jeffcheasey88/peeratcode/routes/ChapterList.java +++ b/src/be/jeffcheasey88/peeratcode/routes/ChapterList.java @@ -23,10 +23,9 @@ public class ChapterList implements Response { this.databaseRepo = databaseRepo; } - @Route(path = "^\\/chapters$") + @Route(path = "^\\/chapters$", needLogin = true) @Override public void exec(Matcher matcher, User user, HttpReader reader, HttpWriter writer) throws Exception { - HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *"); List allChapters = databaseRepo.getAllChapters(); if (allChapters != null) { JSONArray chaptersJSON = new JSONArray(); @@ -40,7 +39,10 @@ public class ChapterList implements Response { chapterJSON.put("endDate", chapter.getEndDate().toString()); chaptersJSON.add(chapterJSON); } + HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *"); writer.write(chaptersJSON.toJSONString()); + } else { + HttpUtil.responseHeaders(writer, 400, "Access-Control-Allow-Origin: *"); } } diff --git a/src/be/jeffcheasey88/peeratcode/routes/Login.java b/src/be/jeffcheasey88/peeratcode/routes/Login.java index 2e06a67..877b73d 100644 --- a/src/be/jeffcheasey88/peeratcode/routes/Login.java +++ b/src/be/jeffcheasey88/peeratcode/routes/Login.java @@ -39,10 +39,10 @@ public class Login implements Response { HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *", "Access-Control-Expose-Headers: Authorization", "Authorization: Bearer " + this.router.createAuthUser(id)); - return; } + } else { + HttpUtil.responseHeaders(writer, 400, "Access-Control-Allow-Origin: *"); } - HttpUtil.responseHeaders(writer, 403, "Access-Control-Allow-Origin: *"); } } diff --git a/src/be/jeffcheasey88/peeratcode/routes/PlayerDetails.java b/src/be/jeffcheasey88/peeratcode/routes/PlayerDetails.java index 377967c..d7e2b11 100644 --- a/src/be/jeffcheasey88/peeratcode/routes/PlayerDetails.java +++ b/src/be/jeffcheasey88/peeratcode/routes/PlayerDetails.java @@ -22,7 +22,7 @@ public class PlayerDetails implements Response { this.databaseRepo = databaseRepo; } - @Route(path = "^\\/player\\/?(.+)?$") + @Route(path = "^\\/player\\/?(.+)?$", needLogin = true) @Override public void exec(Matcher matcher, User user, HttpReader reader, HttpWriter writer) throws Exception { Player player; @@ -33,7 +33,6 @@ public class PlayerDetails implements Response { } JSONObject playerJSON = new JSONObject(); if (player != null) { - HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *"); playerJSON.put("pseudo", player.getPseudo()); playerJSON.put("email", player.getEmail()); playerJSON.put("firstname", player.getFirstname()); @@ -49,6 +48,7 @@ public class PlayerDetails implements Response { playerJSON.put("badges", player.getJsonBadges()); if (player.getAvatar() != null) playerJSON.put("avatar", Base64.getEncoder().encodeToString(player.getAvatar())); + HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *"); writer.write(playerJSON.toJSONString().replace("\\", "")); } else { HttpUtil.responseHeaders(writer, 400, "Access-Control-Allow-Origin: *"); diff --git a/src/be/jeffcheasey88/peeratcode/routes/PuzzleElement.java b/src/be/jeffcheasey88/peeratcode/routes/PuzzleElement.java index 066ab08..ef642b7 100644 --- a/src/be/jeffcheasey88/peeratcode/routes/PuzzleElement.java +++ b/src/be/jeffcheasey88/peeratcode/routes/PuzzleElement.java @@ -21,10 +21,9 @@ public class PuzzleElement implements Response { this.databaseRepo = databaseRepo; } - @Route(path = "^\\/puzzle\\/([0-9]+)$") + @Route(path = "^\\/puzzle\\/([0-9]+)$", needLogin = true) @Override public void exec(Matcher matcher, User user, HttpReader reader, HttpWriter writer) throws Exception { - HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *", "Content-Type: application/json"); Puzzle puzzle = databaseRepo.getPuzzle(extractId(matcher)); if (puzzle != null) { JSONObject puzzleJSON = new JSONObject(); @@ -35,8 +34,12 @@ public class PuzzleElement implements Response { puzzleJSON.put("tags", puzzle.getJsonTags()); if (puzzle.getDepend() > 0) puzzleJSON.put("depend", puzzle.getDepend()); + HttpUtil.responseHeaders(writer, 200, "Access-Control-Allow-Origin: *", "Content-Type: application/json"); writer.write(puzzleJSON.toJSONString()); } + else { + HttpUtil.responseHeaders(writer, 400, "Access-Control-Allow-Origin: *"); + } } private int extractId(Matcher matcher) { diff --git a/src/be/jeffcheasey88/peeratcode/routes/PuzzleResponse.java b/src/be/jeffcheasey88/peeratcode/routes/PuzzleResponse.java index 9ed1add..457bab5 100644 --- a/src/be/jeffcheasey88/peeratcode/routes/PuzzleResponse.java +++ b/src/be/jeffcheasey88/peeratcode/routes/PuzzleResponse.java @@ -47,7 +47,7 @@ public class PuzzleResponse implements Response { HttpUtil.responseHeaders(writer, 406, "Access-Control-Allow-Origin: *", "Content-Type: application/json"); responseJSON.put("tries", completion.getTries()); } else { - HttpUtil.responseHeaders(writer, 403, "Access-Control-Allow-Origin: *"); + HttpUtil.responseHeaders(writer, 400, "Access-Control-Allow-Origin: *"); return; } writer.write(responseJSON.toJSONString()); diff --git a/src/be/jeffcheasey88/peeratcode/routes/Register.java b/src/be/jeffcheasey88/peeratcode/routes/Register.java index fc69479..a3e7b5f 100644 --- a/src/be/jeffcheasey88/peeratcode/routes/Register.java +++ b/src/be/jeffcheasey88/peeratcode/routes/Register.java @@ -67,15 +67,16 @@ public class Register implements Response { return; } } else { - HttpUtil.responseHeaders(writer, 403, "Access-Control-Allow-Origin: *"); + HttpUtil.responseHeaders(writer, 400, "Access-Control-Allow-Origin: *"); JSONObject error = new JSONObject(); error.put("username_valid", pseudoAvailable); error.put("email_valid", emailAvailable); writer.write(error.toJSONString()); return; } + } else { + HttpUtil.responseHeaders(writer, 400, "Access-Control-Allow-Origin: *"); } - HttpUtil.responseHeaders(writer, 403, "Access-Control-Allow-Origin: *"); } private void createFolderToSaveSourceCode(String pseudo) throws IOException {