|
|
@@ -14,10 +14,12 @@ import ( |
|
|
|
|
|
|
|
const ( |
|
|
|
defaultCorsHeader = "*" |
|
|
|
defaultPassword = "" |
|
|
|
) |
|
|
|
|
|
|
|
var ( |
|
|
|
corsHeader string |
|
|
|
password string |
|
|
|
) |
|
|
|
|
|
|
|
func boardHandler(w http.ResponseWriter, r *http.Request) { |
|
|
@@ -174,6 +176,10 @@ func newEntryHandler(w http.ResponseWriter, r *http.Request) { |
|
|
|
errorResponse(400, "Unable to convert request to JSON: "+jsonErr.Error(), w, r) |
|
|
|
return |
|
|
|
} |
|
|
|
if password != "" && newEntry.Password != password { |
|
|
|
errorResponse(403, "Invalid password", w, r) |
|
|
|
return |
|
|
|
} |
|
|
|
if newEntry.PlayerID != key.Player && !key.IsMultiuser() { |
|
|
|
errorResponse(403, "Invalid authorization for player", w, r) |
|
|
|
return |
|
|
|