mirror of
https://github.com/CyberL1/MyMcRealms.git
synced 2024-11-21 21:48:21 -05:00
feat: realm owner checking
This commit is contained in:
parent
f631b7519c
commit
ead8d901f3
11
MyMcRealms/Attributes/CheckRealmOwnerAttribute.cs
Normal file
11
MyMcRealms/Attributes/CheckRealmOwnerAttribute.cs
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
namespace MyMcRealms.Attributes
|
||||||
|
{
|
||||||
|
[AttributeUsage(AttributeTargets.Method)]
|
||||||
|
public class CheckRealmOwnerAttribute : Attribute
|
||||||
|
{
|
||||||
|
public bool IsRealmOwner(string playerUUID, string ownerUUID)
|
||||||
|
{
|
||||||
|
return playerUUID == ownerUUID;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
@ -11,6 +11,7 @@ namespace MyMcRealms.Controllers
|
|||||||
public class InvitesController : ControllerBase
|
public class InvitesController : ControllerBase
|
||||||
{
|
{
|
||||||
[HttpPost("{wId}")]
|
[HttpPost("{wId}")]
|
||||||
|
[CheckRealmOwner]
|
||||||
public async Task<ActionResult<WorldResponse>> InvitePlayer(int wId, PlayerRequest body)
|
public async Task<ActionResult<WorldResponse>> InvitePlayer(int wId, PlayerRequest body)
|
||||||
{
|
{
|
||||||
string cookie = Request.Headers.Cookie;
|
string cookie = Request.Headers.Cookie;
|
||||||
@ -88,6 +89,7 @@ namespace MyMcRealms.Controllers
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpDelete("{wId}/invite/{uuid}")]
|
[HttpDelete("{wId}/invite/{uuid}")]
|
||||||
|
[CheckRealmOwner]
|
||||||
public async Task<ActionResult<bool>> DeleteInvite(int wId, string uuid)
|
public async Task<ActionResult<bool>> DeleteInvite(int wId, string uuid)
|
||||||
{
|
{
|
||||||
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
||||||
|
@ -10,6 +10,7 @@ namespace MyMcRealms.Controllers
|
|||||||
public class OpsController : ControllerBase
|
public class OpsController : ControllerBase
|
||||||
{
|
{
|
||||||
[HttpPost("{wId}/{uuid}")]
|
[HttpPost("{wId}/{uuid}")]
|
||||||
|
[CheckRealmOwner]
|
||||||
public async Task<ActionResult<OpsResponse>> OpPlayer(int wId, string uuid)
|
public async Task<ActionResult<OpsResponse>> OpPlayer(int wId, string uuid)
|
||||||
{
|
{
|
||||||
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
||||||
@ -40,6 +41,7 @@ namespace MyMcRealms.Controllers
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpDelete("{wId}/{uuid}")]
|
[HttpDelete("{wId}/{uuid}")]
|
||||||
|
[CheckRealmOwner]
|
||||||
public async Task<ActionResult<OpsResponse>> DeopPlayerAsync(int wId, string uuid)
|
public async Task<ActionResult<OpsResponse>> DeopPlayerAsync(int wId, string uuid)
|
||||||
{
|
{
|
||||||
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
||||||
|
@ -9,6 +9,7 @@ namespace Minecraft_Realms_Emulator.Controllers
|
|||||||
public class SubscriptionsController : ControllerBase
|
public class SubscriptionsController : ControllerBase
|
||||||
{
|
{
|
||||||
[HttpGet("{id}")]
|
[HttpGet("{id}")]
|
||||||
|
[CheckRealmOwner]
|
||||||
public ActionResult<string> GetSubscription(int id)
|
public ActionResult<string> GetSubscription(int id)
|
||||||
{
|
{
|
||||||
return BadRequest("No subscription for you :(");
|
return BadRequest("No subscription for you :(");
|
||||||
|
@ -80,17 +80,18 @@ namespace MyMcRealms.Controllers
|
|||||||
return Ok(servers);
|
return Ok(servers);
|
||||||
}
|
}
|
||||||
|
|
||||||
[HttpGet("{id}")]
|
[HttpGet("{wId}")]
|
||||||
public async Task<ActionResult<WorldResponse>> GetWorldById(int id)
|
[CheckRealmOwner]
|
||||||
|
public async Task<ActionResult<WorldResponse>> GetWorldById(int wId)
|
||||||
{
|
{
|
||||||
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
||||||
|
|
||||||
var world = (await _api.GetAllServers()).Servers[id];
|
var world = (await _api.GetAllServers()).Servers[wId];
|
||||||
|
|
||||||
var api = new MyMcAPI.Wrapper(world.OwnersToken);
|
var api = new MyMcAPI.Wrapper(world.OwnersToken);
|
||||||
var whitelist = await api.GetWhitelist();
|
var whitelist = await api.GetWhitelist();
|
||||||
|
|
||||||
if (whitelist == null) return BadRequest($"Cannot get data for world {id}");
|
if (whitelist == null) return BadRequest($"Cannot get data for world {wId}");
|
||||||
|
|
||||||
string worldOwnerName = world.Ops.ToArray().Length == 0 ? "Owner" : world.Ops[0].Name;
|
string worldOwnerName = world.Ops.ToArray().Length == 0 ? "Owner" : world.Ops[0].Name;
|
||||||
string worldOwnerUuid = world.Ops.ToArray().Length == 0 ? "069a79f444e94726a5befca90e38aaf5" : world.Ops[0].Uuid;
|
string worldOwnerUuid = world.Ops.ToArray().Length == 0 ? "069a79f444e94726a5befca90e38aaf5" : world.Ops[0].Uuid;
|
||||||
@ -114,7 +115,7 @@ namespace MyMcRealms.Controllers
|
|||||||
|
|
||||||
WorldResponse response = new()
|
WorldResponse response = new()
|
||||||
{
|
{
|
||||||
Id = id,
|
Id = wId,
|
||||||
Owner = worldOwnerName,
|
Owner = worldOwnerName,
|
||||||
OwnerUUID = worldOwnerUuid,
|
OwnerUUID = worldOwnerUuid,
|
||||||
Name = worldName,
|
Name = worldName,
|
||||||
@ -138,18 +139,21 @@ namespace MyMcRealms.Controllers
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpPost("{wId}")]
|
[HttpPost("{wId}")]
|
||||||
|
[CheckRealmOwner]
|
||||||
public ActionResult<string> UpdateRealms(int wId)
|
public ActionResult<string> UpdateRealms(int wId)
|
||||||
{
|
{
|
||||||
return BadRequest("You can change the MOTD trough server.properties file");
|
return BadRequest("You can change the MOTD trough server.properties file");
|
||||||
}
|
}
|
||||||
|
|
||||||
[HttpPost("{wId}/reset")]
|
[HttpPost("{wId}/reset")]
|
||||||
|
[CheckRealmOwner]
|
||||||
public ActionResult<string> ChangeSlot(int id)
|
public ActionResult<string> ChangeSlot(int id)
|
||||||
{
|
{
|
||||||
return BadRequest("lol nice try");
|
return BadRequest("lol nice try");
|
||||||
}
|
}
|
||||||
|
|
||||||
[HttpPut("{id}/open")]
|
[HttpPut("{id}/open")]
|
||||||
|
[CheckRealmOwner]
|
||||||
public async Task<ActionResult<bool>> Open(int id)
|
public async Task<ActionResult<bool>> Open(int id)
|
||||||
{
|
{
|
||||||
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
||||||
@ -165,6 +169,7 @@ namespace MyMcRealms.Controllers
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpPut("{id}/close")]
|
[HttpPut("{id}/close")]
|
||||||
|
[CheckRealmOwner]
|
||||||
public async Task<ActionResult<bool>> Close(int id)
|
public async Task<ActionResult<bool>> Close(int id)
|
||||||
{
|
{
|
||||||
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
var _api = new MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY"));
|
||||||
@ -180,12 +185,14 @@ namespace MyMcRealms.Controllers
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpPost("{wId}/slot/{sId}")]
|
[HttpPost("{wId}/slot/{sId}")]
|
||||||
|
[CheckRealmOwner]
|
||||||
public ActionResult<string> UpdateSlot(int wId, int sId)
|
public ActionResult<string> UpdateSlot(int wId, int sId)
|
||||||
{
|
{
|
||||||
return BadRequest("no.");
|
return BadRequest("no.");
|
||||||
}
|
}
|
||||||
|
|
||||||
[HttpGet("{wId}/slot/{sId}/download")]
|
[HttpGet("{wId}/slot/{sId}/download")]
|
||||||
|
[CheckRealmOwner]
|
||||||
public ActionResult<string> GetBackups(int wId, int sId)
|
public ActionResult<string> GetBackups(int wId, int sId)
|
||||||
{
|
{
|
||||||
return BadRequest("Wouldn't it be nice if you could download your world to singleplayer? Well I think that too");
|
return BadRequest("Wouldn't it be nice if you could download your world to singleplayer? Well I think that too");
|
||||||
|
49
MyMcRealms/Middlewares/CheckRealmOwnerMiddleware.cs
Normal file
49
MyMcRealms/Middlewares/CheckRealmOwnerMiddleware.cs
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
using MyMcRealms.Attributes;
|
||||||
|
using MyMcRealms.MyMcAPI.Responses;
|
||||||
|
|
||||||
|
namespace Minecraft_Realms_Emulator.Middlewares
|
||||||
|
{
|
||||||
|
public class CheckRealmOwnerMiddleware(RequestDelegate next)
|
||||||
|
{
|
||||||
|
private readonly RequestDelegate _next = next;
|
||||||
|
|
||||||
|
public async Task Invoke(HttpContext httpContext)
|
||||||
|
{
|
||||||
|
var endpoint = httpContext.GetEndpoint();
|
||||||
|
var attribute = endpoint?.Metadata.GetMetadata<CheckRealmOwnerAttribute>();
|
||||||
|
|
||||||
|
if (attribute == null)
|
||||||
|
{
|
||||||
|
await _next(httpContext);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
string playerUUID = httpContext.Request.Headers.Cookie.ToString().Split(";")[0].Split(":")[2];
|
||||||
|
|
||||||
|
var servers = await new MyMcRealms.MyMcAPI.Wrapper(Environment.GetEnvironmentVariable("MYMC_API_KEY")).GetAllServers();
|
||||||
|
Server server = servers.Servers.Find(s => servers.Servers.IndexOf(s) == int.Parse(httpContext.Request.RouteValues["wId"].ToString()));
|
||||||
|
|
||||||
|
if (server == null)
|
||||||
|
{
|
||||||
|
httpContext.Response.StatusCode = 404;
|
||||||
|
await httpContext.Response.WriteAsync("World not found");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (server.Ops.Count == 0) {
|
||||||
|
httpContext.Response.StatusCode = 403;
|
||||||
|
await httpContext.Response.WriteAsync("This world isn't owned by anyone");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!attribute.IsRealmOwner(playerUUID, server.Ops[0].Uuid))
|
||||||
|
{
|
||||||
|
httpContext.Response.StatusCode = 403;
|
||||||
|
await httpContext.Response.WriteAsync("You don't own this world");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
await _next(httpContext);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
@ -1,4 +1,5 @@
|
|||||||
using Microsoft.Extensions.FileProviders;
|
using Microsoft.Extensions.FileProviders;
|
||||||
|
using Minecraft_Realms_Emulator.Middlewares;
|
||||||
using MyMcRealms.Middlewares;
|
using MyMcRealms.Middlewares;
|
||||||
|
|
||||||
var builder = WebApplication.CreateBuilder(args);
|
var builder = WebApplication.CreateBuilder(args);
|
||||||
@ -28,6 +29,7 @@ if (app.Environment.IsDevelopment())
|
|||||||
}
|
}
|
||||||
|
|
||||||
app.UseMiddleware<MinecraftCookieMiddleware>();
|
app.UseMiddleware<MinecraftCookieMiddleware>();
|
||||||
|
app.UseMiddleware<CheckRealmOwnerMiddleware>();
|
||||||
|
|
||||||
app.MapControllers();
|
app.MapControllers();
|
||||||
app.UseStaticFiles();
|
app.UseStaticFiles();
|
||||||
|
Loading…
Reference in New Issue
Block a user