Ilia Denisov
41a642ef97
CI / changes (pull_request) Successful in 2s
CI / unit (pull_request) Successful in 9s
CI / integration (pull_request) Successful in 13s
CI / ui (pull_request) Successful in 37s
CI / gate (pull_request) Successful in 0s
CI / deploy (pull_request) Successful in 1m8s
Enrich the in-app live stream into a delta channel so the UI renders a move from the event without a follow-up game.state, and make the matchmaking poll a stream-down fallback. - pkg/fbs: trailing fields on opponent_moved (move+game+bag_len), your_turn (move_count), match_found (state), game_over (game), notify (account/invitation/state), MoveResult (rack+bag_len); regenerate Go + TS. - backend: notify owns the FB encoding (encode.go + payload.go input structs); game/lobby/social map their domain types in. emitMove builds the move delta; game.Service.InitialState feeds match_found/game_started the recipient's initial StateView; friends/invitations notify carry their account/invitation. The move-commit response (submit_play/pass/exchange/resign) returns the actor's refilled rack + bag size. - gateway: MoveResult transcode carries rack+bag_len. - ui: pure lib/gamedelta.ts reducer advances the per-game cache keyed on move_count (idempotent + gap-safe); app.svelte seeds the cache on match_found/game_started; Game.svelte applies the delta (commit/pass/exchange/resign drop their load()); NewGame polls only while app.streamAlive is false. - docs: ARCHITECTURE §10, FUNCTIONAL(+ru), backend/gateway/ui READMEs; PRERELEASE R4 marked done + Refinements.
210 lines
7.8 KiB
Go
210 lines
7.8 KiB
Go
package social
|
|
|
|
import (
|
|
"context"
|
|
crand "crypto/rand"
|
|
"crypto/sha256"
|
|
"database/sql"
|
|
"encoding/hex"
|
|
"errors"
|
|
"fmt"
|
|
"math/big"
|
|
"time"
|
|
|
|
"github.com/go-jet/jet/v2/postgres"
|
|
"github.com/go-jet/jet/v2/qrm"
|
|
"github.com/google/uuid"
|
|
|
|
"scrabble/backend/internal/notify"
|
|
"scrabble/backend/internal/postgres/jet/backend/model"
|
|
"scrabble/backend/internal/postgres/jet/backend/table"
|
|
)
|
|
|
|
const (
|
|
// friendCodeTTL bounds how long an issued friend code stays redeemable.
|
|
friendCodeTTL = 12 * time.Hour
|
|
// friendCodeIssueRetries caps regeneration attempts when a freshly generated
|
|
// code collides (by hash) with another account's still-live code.
|
|
friendCodeIssueRetries = 5
|
|
)
|
|
|
|
// FriendCode is a freshly issued one-time add-a-friend code. The plaintext Code is
|
|
// returned exactly once (only its hash is persisted); the issuer shares it out of
|
|
// band and whoever redeems it becomes their friend immediately.
|
|
type FriendCode struct {
|
|
Code string
|
|
ExpiresAt time.Time
|
|
}
|
|
|
|
// IssueFriendCode issues a fresh one-time friend code for accountID, replacing the
|
|
// account's prior live code (at most one is redeemable per issuer at a time). Only
|
|
// the hash is stored; the returned plaintext is the only copy. A collision with
|
|
// another account's live code triggers a regeneration so the redeem lookup stays
|
|
// unambiguous.
|
|
func (svc *Service) IssueFriendCode(ctx context.Context, accountID uuid.UUID) (FriendCode, error) {
|
|
expiresAt := svc.now().Add(friendCodeTTL)
|
|
for range friendCodeIssueRetries {
|
|
code, hash, err := generateFriendCode()
|
|
if err != nil {
|
|
return FriendCode{}, err
|
|
}
|
|
inserted, err := svc.store.replaceFriendCode(ctx, accountID, hash, expiresAt, svc.now())
|
|
if err != nil {
|
|
return FriendCode{}, err
|
|
}
|
|
if inserted {
|
|
return FriendCode{Code: code, ExpiresAt: expiresAt}, nil
|
|
}
|
|
}
|
|
return FriendCode{}, fmt.Errorf("social: could not issue a unique friend code after %d tries", friendCodeIssueRetries)
|
|
}
|
|
|
|
// RedeemFriendCode makes redeemerID a friend of the account that issued code,
|
|
// consuming the code. It returns the issuer's account id on success, or
|
|
// ErrFriendCodeInvalid (unknown/used/expired), ErrSelfRelation (own code), or
|
|
// ErrRequestBlocked (a block stands between the pair). A redeem bypasses any prior
|
|
// decline between the two: it clears the old row and writes a fresh friendship.
|
|
func (svc *Service) RedeemFriendCode(ctx context.Context, redeemerID uuid.UUID, code string) (uuid.UUID, error) {
|
|
issuerID, codeID, err := svc.store.liveFriendCodeByHash(ctx, hashFriendCode(code), svc.now())
|
|
if err != nil {
|
|
return uuid.UUID{}, err
|
|
}
|
|
if issuerID == redeemerID {
|
|
return uuid.UUID{}, ErrSelfRelation
|
|
}
|
|
blocked, err := svc.store.isBlocked(ctx, redeemerID, issuerID)
|
|
if err != nil {
|
|
return uuid.UUID{}, err
|
|
}
|
|
if blocked {
|
|
return uuid.UUID{}, ErrRequestBlocked
|
|
}
|
|
if err := svc.store.redeemFriendCode(ctx, codeID, issuerID, redeemerID, svc.now()); err != nil {
|
|
return uuid.UUID{}, err
|
|
}
|
|
svc.pub.Publish(notify.NotificationAccount(issuerID, notify.NotifyFriendAdded, svc.accountRef(ctx, redeemerID)))
|
|
return issuerID, nil
|
|
}
|
|
|
|
// replaceFriendCode clears accountID's prior live code and inserts a fresh one,
|
|
// inside one transaction. It reports false (without inserting) when codeHash
|
|
// collides with another still-live code, so the caller regenerates.
|
|
func (s *Store) replaceFriendCode(ctx context.Context, accountID uuid.UUID, codeHash string, expiresAt, now time.Time) (bool, error) {
|
|
id, err := uuid.NewV7()
|
|
if err != nil {
|
|
return false, fmt.Errorf("social: new friend code id: %w", err)
|
|
}
|
|
inserted := false
|
|
err = withTx(ctx, s.db, func(tx *sql.Tx) error {
|
|
del := table.FriendCodes.DELETE().WHERE(
|
|
table.FriendCodes.AccountID.EQ(postgres.UUID(accountID)).
|
|
AND(table.FriendCodes.ConsumedAt.IS_NULL()),
|
|
)
|
|
if _, err := del.ExecContext(ctx, tx); err != nil {
|
|
return fmt.Errorf("clear prior friend codes: %w", err)
|
|
}
|
|
var live []model.FriendCodes
|
|
sel := postgres.SELECT(table.FriendCodes.CodeID).
|
|
FROM(table.FriendCodes).
|
|
WHERE(
|
|
table.FriendCodes.CodeHash.EQ(postgres.String(codeHash)).
|
|
AND(table.FriendCodes.ConsumedAt.IS_NULL()).
|
|
AND(table.FriendCodes.ExpiresAt.GT(postgres.TimestampzT(now))),
|
|
).LIMIT(1)
|
|
if err := sel.QueryContext(ctx, tx, &live); err != nil {
|
|
return fmt.Errorf("check friend code collision: %w", err)
|
|
}
|
|
if len(live) > 0 {
|
|
return nil // collision: leave inserted false so the caller retries
|
|
}
|
|
ins := table.FriendCodes.INSERT(
|
|
table.FriendCodes.CodeID, table.FriendCodes.AccountID, table.FriendCodes.CodeHash, table.FriendCodes.ExpiresAt,
|
|
).VALUES(id, accountID, codeHash, expiresAt)
|
|
if _, err := ins.ExecContext(ctx, tx); err != nil {
|
|
return fmt.Errorf("insert friend code: %w", err)
|
|
}
|
|
inserted = true
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
return inserted, nil
|
|
}
|
|
|
|
// liveFriendCodeByHash returns the issuer and code id of the live (unconsumed,
|
|
// unexpired) code with codeHash, or ErrFriendCodeInvalid when none matches.
|
|
func (s *Store) liveFriendCodeByHash(ctx context.Context, codeHash string, now time.Time) (issuerID, codeID uuid.UUID, err error) {
|
|
stmt := postgres.SELECT(table.FriendCodes.CodeID, table.FriendCodes.AccountID).
|
|
FROM(table.FriendCodes).
|
|
WHERE(
|
|
table.FriendCodes.CodeHash.EQ(postgres.String(codeHash)).
|
|
AND(table.FriendCodes.ConsumedAt.IS_NULL()).
|
|
AND(table.FriendCodes.ExpiresAt.GT(postgres.TimestampzT(now))),
|
|
).LIMIT(1)
|
|
var row model.FriendCodes
|
|
if err := stmt.QueryContext(ctx, s.db, &row); err != nil {
|
|
if errors.Is(err, qrm.ErrNoRows) {
|
|
return uuid.UUID{}, uuid.UUID{}, ErrFriendCodeInvalid
|
|
}
|
|
return uuid.UUID{}, uuid.UUID{}, fmt.Errorf("social: load friend code: %w", err)
|
|
}
|
|
return row.AccountID, row.CodeID, nil
|
|
}
|
|
|
|
// redeemFriendCode consumes the code and writes an accepted friendship between
|
|
// issuer and redeemer, inside one transaction. It clears any prior pending/declined
|
|
// row between the pair first, so a code overrides an earlier decline. A code already
|
|
// consumed by a concurrent redeem yields ErrFriendCodeInvalid (rolling back).
|
|
func (s *Store) redeemFriendCode(ctx context.Context, codeID, issuer, redeemer uuid.UUID, now time.Time) error {
|
|
return withTx(ctx, s.db, func(tx *sql.Tx) error {
|
|
upd := table.FriendCodes.
|
|
UPDATE(table.FriendCodes.ConsumedAt).
|
|
SET(postgres.TimestampzT(now)).
|
|
WHERE(
|
|
table.FriendCodes.CodeID.EQ(postgres.UUID(codeID)).
|
|
AND(table.FriendCodes.ConsumedAt.IS_NULL()),
|
|
)
|
|
res, err := upd.ExecContext(ctx, tx)
|
|
if err != nil {
|
|
return fmt.Errorf("consume friend code: %w", err)
|
|
}
|
|
n, err := res.RowsAffected()
|
|
if err != nil {
|
|
return fmt.Errorf("consume friend code rows: %w", err)
|
|
}
|
|
if n == 0 {
|
|
return ErrFriendCodeInvalid
|
|
}
|
|
del := table.Friendships.DELETE().WHERE(edgeEither(issuer, redeemer))
|
|
if _, err := del.ExecContext(ctx, tx); err != nil {
|
|
return fmt.Errorf("clear friendship before code accept: %w", err)
|
|
}
|
|
ins := table.Friendships.INSERT(
|
|
table.Friendships.RequesterID, table.Friendships.AddresseeID, table.Friendships.Status,
|
|
table.Friendships.CreatedAt, table.Friendships.RespondedAt,
|
|
).VALUES(issuer, redeemer, friendAccepted, now, now)
|
|
if _, err := ins.ExecContext(ctx, tx); err != nil {
|
|
return fmt.Errorf("insert friendship from code: %w", err)
|
|
}
|
|
return nil
|
|
})
|
|
}
|
|
|
|
// generateFriendCode returns a random 6-digit numeric code and its hex SHA-256 hash.
|
|
func generateFriendCode() (code, hash string, err error) {
|
|
n, err := crand.Int(crand.Reader, big.NewInt(1_000_000))
|
|
if err != nil {
|
|
return "", "", fmt.Errorf("social: generate friend code: %w", err)
|
|
}
|
|
code = fmt.Sprintf("%06d", n.Int64())
|
|
return code, hashFriendCode(code), nil
|
|
}
|
|
|
|
// hashFriendCode returns the hex-encoded SHA-256 of a friend code; the plaintext is
|
|
// never persisted, matching the session and email-code models.
|
|
func hashFriendCode(code string) string {
|
|
sum := sha256.Sum256([]byte(code))
|
|
return hex.EncodeToString(sum[:])
|
|
}
|