}
pub async fn post_join_game(
request: HttpRequest,
form: web::Form<JoinData>,
data: web::Data<WebData<'_>>,
) -> HttpResponse {
let cached_data = {
let mut cache = data.cache_join_game.lock().await;
cache.remove(&form.csrf)
};
let cached_data = if let Some(cd) = cached_data {
cd
} else {
log::warn!("Unknown data for CSRF: {}", form.csrf);
return HttpResponse::BadRequest().body("Incorrect");
};
let jar = request_to_jar(request);
if jar
.private(&data.cookies_key)
.get("auth")
.map_or(true, |x| x.value().to_lowercase() != cached_data.1)
{
log::warn!("Incorrect user");
return HttpResponse::BadRequest().body("Incorrect");
}
HttpResponse::Found()
.append_header((
header::LOCATION,
format!("slow-game-{}.html", cached_data.0),
))
.finish()