Merge pull request #237 from Zemanzo/feature/banned-users

Banned users can no longer enter marbles or chat

Author: Qaomen

public/styles/chat.css

@@ -137,11 +137,6 @@ header {
 		flex: 1;
 	}
 
-	#chatInputContainer.authorized > div {
-		display: flex;
-	}
-
-	/* Reversed visibility for unauthenticated */
 	#chatInputContainer > #unauthenticated {
 		display: flex;
 		justify-content: space-around;
@@ -181,14 +176,19 @@ header {
 			cursor: not-allowed;
 		}
 
-		#chatInputContainer.authorized > #unauthenticated {
+		#chatInputContainer.authorized > #unauthenticated,
+		#chatInputContainer.banned > #unauthenticated {
 			display: none;
 		}
 
 	#authenticated {
-		display: flex;
+		display: none;
 		flex-direction: column;
 	}
+		#chatInputContainer.authorized > #authenticated {
+			display: flex;
+		}
+
 		#chatUserAndInputContainer {
 			display: flex;
 			margin: 2px 10px;
@@ -269,7 +269,8 @@ header {
 				margin-right: 4px;
 			}
 
-			#chatButtons > *.minimal {
+			#chatButtons > *.minimal,
+			button.minimal {
 				margin-left: 0;
 				color: #999;
 				font-size:.9em;
@@ -282,6 +283,31 @@ header {
 				text-decoration: none;
 			}
 
+	#banned {
+		display: none;
+		text-align: center;
+		flex-direction: column;
+		background: #06060699;
+	}
+		#banned a,
+		#banned a:visited {
+			color: #09f;
+		}
+
+		#banned a:hover {
+			color: #3df;
+		}
+
+		#chatInputContainer.banned > #banned {
+			display: flex;
+		}
+
+		#banTitle {
+			padding-top: 4px;
+			font-size: 2em;
+			color: #e44;
+		}
+
 	input[type=number] {
 		max-width: 50px;
 		min-width: 30px;

src/client/chat/chat.js

@@ -46,51 +46,7 @@ domReady.then(() => {
 
 	// Check for former authentication
 	cookieData = Cookies.getJSON("user_data");
-
-	if (
-		// If there is former data, check if it is not outdated.
-		cookieData
-
-		// See if current date is later than origin date + expiration period
-		&& Date.now() < cookieData.access_granted + cookieData.expires_in * 1000
-	) {
-		// Request a fresh token
-		var xhr = new XMLHttpRequest();
-		xhr.onreadystatechange = function() {
-			if (this.readyState === 4 && this.status === 200) {
-				let response = JSON.parse(xhr.responseText);
-
-				if (response.authorized && response.refreshed && response.tokenBody) {
-					response.tokenBody.id = cookieData.id;
-					response.tokenBody.username = cookieData.username;
-					response.tokenBody.discriminator = cookieData.discriminator;
-					response.tokenBody.avatar = cookieData.avatar;
-					let days = (response.tokenBody.expires_in / 62400) - 0.1; // seconds to days minus some slack
-					Cookies.set("user_data", response.tokenBody, {
-						expires: days,
-						path: "/",
-						domain: window.location.hostname,
-						secure: config.ssl
-					});
-					cookieData = response.tokenBody;
-				}
-
-				// Redundant check as non-authorized requests are returned as a 400
-				if (response.authorized) {
-					onAuthorization(cookieData);
-				}
-			}
-		};
-		xhr.open("POST", "/chat", true);
-		xhr.setRequestHeader("Content-Type", "application/json; charset=utf-8");
-		xhr.send(
-			JSON.stringify({
-				"type": "refresh_token",
-				"id": cookieData.id,
-				"access_token": cookieData.access_token
-			})
-		);
-	}
+	checkAuthentication();
 
 	let lastMessageSent = Date.now();
 	let sendMessage = function(message) {
@@ -189,24 +145,25 @@ domReady.then(() => {
 	}, false);
 
 	// Make log out button functional
-	let chatButtonLogOut = document.getElementById("buttonLogOut");
-	chatButtonLogOut.addEventListener("click", function() {
-		if (confirm("Do you really wish to log out?")) {
-			Cookies.remove("user_data",
-				{
-					path: "/",
-					domain: window.location.hostname
+	for (let chatButtonLogOut of document.getElementsByClassName("buttonLogOut")) {
+		chatButtonLogOut.addEventListener("click", function() {
+			if (confirm("Do you really wish to log out?")) {
+				Cookies.remove("user_data",
+					{
+						path: "/",
+						domain: window.location.hostname
+					}
+				);
+
+				// Send to parent if applicable
+				if (inIframe()) {
+					window.top.postMessage(userState.AUTH_CHANGED, `${window.location.origin}/client`);
 				}
-			);
 
-			// Send to parent if applicable
-			if (inIframe()) {
-				window.top.postMessage(userState.AUTH_CHANGED, `${window.location.origin}/client`);
+				window.location.reload(true);
 			}
-
-			window.location.reload(true);
-		}
-	}, false);
+		}, false);
+	}
 });
 
 let authWindow;
@@ -224,9 +181,9 @@ function authenticationWindow() {
 window.addEventListener("message", receiveMessage, false);
 function receiveMessage(event) {
 	if (event.data && event.data.success && event.origin === window.location.origin) {
-		onAuthorization(event.data.response);
 		cookieData = Cookies.getJSON("user_data");
 		authWindow.close();
+		checkAuthentication();
 
 		// Send to parent if applicable
 		if (inIframe()) {
@@ -240,3 +197,55 @@ function onAuthorization(data) {
 	document.getElementById("userName").innerText = `${data.username}#${data.discriminator}`;
 	document.getElementById("chatInputContainer").className = "authorized";
 }
+
+function onBanned() {
+	document.getElementById("chatInputContainer").className = "banned";
+}
+
+function checkAuthentication() {
+	if (
+		// If there is former data, check if it is not outdated.
+		cookieData
+
+		// See if current date is later than origin date + expiration period
+		&& Date.now() < cookieData.access_granted + cookieData.expires_in * 1000
+	) {
+		// Request a fresh token
+		var xhr = new XMLHttpRequest();
+		xhr.onreadystatechange = function() {
+			if (this.readyState === 4 && this.status === 200) {
+				let response = JSON.parse(xhr.responseText);
+
+				if (response.authorized && response.refreshed && response.tokenBody) {
+					response.tokenBody.id = cookieData.id;
+					response.tokenBody.username = cookieData.username;
+					response.tokenBody.discriminator = cookieData.discriminator;
+					response.tokenBody.avatar = cookieData.avatar;
+					let days = (response.tokenBody.expires_in / 62400) - 0.1; // seconds to days minus some slack
+					Cookies.set("user_data", response.tokenBody, {
+						expires: days,
+						path: "/",
+						domain: window.location.hostname,
+						secure: config.ssl
+					});
+					cookieData = response.tokenBody;
+				}
+
+				if (response.authorized) {
+					onAuthorization(cookieData);
+				} else if (response.banned) {
+					onBanned();
+				}
+			}
+		};
+		xhr.open("POST", "/chat", true);
+		xhr.setRequestHeader("Content-Type", "application/json; charset=utf-8");
+		xhr.send(
+			JSON.stringify({
+				"type": "refresh_token",
+				"id": cookieData.id,
+				"access_token": cookieData.access_token
+			})
+		);
+	}
+}

src/server/chat/discord-manager.js

@@ -49,6 +49,18 @@ const discordManager = function() {
 			}, console.error);
 
 			this.client.on("error", console.error, console.error);
+
+			this.client.on("guildBanAdd", function(guild, user) {
+				log.info(`DISCORD: ${"Banned user".red} ${user.username}#${user.discriminator} (${user.id})`);
+				db.user.setBanState(true, user.id);
+			}, console.error);
+
+			this.client.on("guildBanRemove", function(guild, user) {
+				log.info(`DISCORD: ${"Unbanned user".green} ${user.username}#${user.discriminator} (${user.id})`);
+				db.user.setBanState(false, user.id);
+			}, console.error);
+
+
 			this.client.login(config.discord.botToken);
 
 			return socketChat;
@@ -151,21 +163,25 @@ const discordManager = function() {
 						let response = {
 							authorized: true,
 							refreshed: true,
+							banned: false,
 							tokenBody
 						};
 
 						res.send(response);
 					},
 					() => {
-						res.status(400).send({ authorized: false, refreshed: false });
+						res.status(400).send({ authorized: false, refreshed: false, banned: false });
 					});
 				} else if (this.db.user.idIsAuthenticated(req.body.id, req.body.access_token)) {
-					res.send({ authorized: true, refreshed: false });
+					res.send({ authorized: true, refreshed: false, banned: false });
+					return;
+				} else if (this.db.user.idIsBanned(req.body.id)) {
+					res.send({ authorized: false, refreshed: false, banned: true });
 					return;
 				}
 			}
 
-			res.status(400).send({ authorized: false, refreshed: false });
+			res.status(400).send({ authorized: false, refreshed: false, banned: false });
 		}
 	};
 }();

src/server/database/initializer.js

@@ -1,7 +1,7 @@
 const log = require("../../log");
 
 module.exports = function(db) {
-	let _schemaVersion = 3;
+	let _schemaVersion = 4;
 
 	return {
 		_users: db.prepare(
@@ -15,6 +15,7 @@ module.exports = function(db) {
 				timestamp_refresh_last INTEGER,
 				time_refresh_expire INTEGER,
 				scope TEXT,
+				is_banned INTEGER,
 				stat_points_earned INTEGER,
 				stat_rounds_entered INTEGER,
 				stat_rounds_finished INTEGER,