Use Unauthorized status code where applicable

Add missing return
Use NoContent status code for DELETE and PUT success
2025-07-07 08:52:19 +02:00 · 2024-06-07 23:16:27 -04:00 · 2024-06-07 23:11:09 -04:00 · 2024-06-07 23:10:27 -04:00 · 2024-06-07 22:58:50 -04:00 · 2024-06-07 22:38:24 -04:00
8 changed files with 282 additions and 334 deletions
--- a/api/common.go
+++ b/api/common.go
@ -52,17 +52,23 @@ func Init(mux *http.ServeMux) error {
 	mux.HandleFunc("GET /game/classicsessioncount", handleGameClassicSessionCount)

 	// savedata
-	mux.HandleFunc("GET /savedata/get", legacyHandleGetSaveData)
-	mux.HandleFunc("POST /savedata/update", legacyHandleSaveData)
-	mux.HandleFunc("GET /savedata/delete", legacyHandleSaveData) // TODO use deleteSystemSave
-	mux.HandleFunc("POST /savedata/clear", legacyHandleSaveData) // TODO use clearSessionData
+	mux.HandleFunc("POST /savedata/update", legacyHandleSaveData) // DEPRECATED: use PUT method
+	mux.HandleFunc("GET /savedata/delete", legacyHandleSaveData)  // DEPRECATED: use DELETE method
+	mux.HandleFunc("POST /savedata/clear", legacyHandleSaveData)  // TODO: use clearSessionData
 	mux.HandleFunc("GET /savedata/newclear", legacyHandleNewClear)

 	// new session
-	mux.HandleFunc("POST /savedata/updateall", handleUpdateAll)
+	mux.HandleFunc("POST /savedata/updateall", handleUpdateAll) // DEPRECATED: use PUT method
+	mux.HandleFunc("PUT /savedata/updateall", handleUpdateAll)
+
+	mux.HandleFunc("GET /savedata/system", handleSystem)
+	mux.HandleFunc("PUT /savedata/system", handleSystem)
+	mux.HandleFunc("DELETE /savedata/system", handleSystem)
 	mux.HandleFunc("POST /savedata/system/verify", handleSystemVerify)
-	mux.HandleFunc("GET /savedata/system", handleGetSystemData)
-	mux.HandleFunc("GET /savedata/session", handleGetSessionData)
+
+	mux.HandleFunc("GET /savedata/session", handleSession)
+	mux.HandleFunc("PUT /savedata/session", handleSession)
+	mux.HandleFunc("DELETE /savedata/session", handleSession)

 	// daily
 	mux.HandleFunc("GET /daily/seed", handleDailySeed)
--- a/api/daily/common.go
+++ b/api/daily/common.go
@ -61,7 +61,7 @@ func Init() error {
 		secret = newSecret
 	}

-	seed, err := recordNewDaily()
+	seed, err := db.TryAddDailyRun(Seed())
 	if err != nil {
 		log.Print(err)
 	}
@ -71,7 +71,7 @@ func Init() error {
 	_, err = scheduler.AddFunc("@daily", func() {
 		time.Sleep(time.Second)

-		seed, err = recordNewDaily()
+		seed, err = db.TryAddDailyRun(Seed())
 		if err != nil {
 			log.Printf("error while recording new daily: %s", err)
 		} else {
@ -99,7 +99,3 @@ func deriveSeed(seedTime time.Time) []byte {

 	return hashedSeed[:]
 }
-
-func recordNewDaily() (string, error) {
-	return db.TryAddDailyRun(Seed())
-}
--- a/api/endpoints.go
+++ b/api/endpoints.go
@ -43,7 +43,7 @@ import (
 func handleAccountInfo(w http.ResponseWriter, r *http.Request) {
 	uuid, err := uuidFromRequest(r)
 	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
+		httpError(w, r, err, http.StatusUnauthorized)
 		return
 	}

@ -103,7 +103,7 @@ func handleAccountChangePW(w http.ResponseWriter, r *http.Request) {

 	uuid, err := uuidFromRequest(r)
 	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
+		httpError(w, r, err, http.StatusUnauthorized)
 		return
 	}

@ -125,7 +125,8 @@ func handleAccountLogout(w http.ResponseWriter, r *http.Request) {

 	err = account.Logout(token)
 	if err != nil {
-		httpError(w, r, err, http.StatusInternalServerError)
+		// also possible for InternalServerError but that's unlikely unless the server blew up
+		httpError(w, r, err, http.StatusUnauthorized)
 		return
 	}

@ -146,21 +147,23 @@ func handleGameClassicSessionCount(w http.ResponseWriter, r *http.Request) {
 	w.Write([]byte(strconv.Itoa(classicSessionCount)))
 }

-func handleGetSessionData(w http.ResponseWriter, r *http.Request) {
+func handleSession(w http.ResponseWriter, r *http.Request) {
 	uuid, err := uuidFromRequest(r)
+	if err != nil {
+		httpError(w, r, err, http.StatusUnauthorized)
+		return
+	}
+
+	slot, err := strconv.Atoi(r.URL.Query().Get("slot"))
 	if err != nil {
 		httpError(w, r, err, http.StatusBadRequest)
 		return
 	}

-	var slot int
-	if r.URL.Query().Has("slot") {
-		slot, err = strconv.Atoi(r.URL.Query().Get("slot"))
-		if err != nil {
-			httpError(w, r, err, http.StatusBadRequest)
+	if slot < 0 || slot >= defs.SessionSlotCount {
+		httpError(w, r, fmt.Errorf("slot id %d out of range", slot), http.StatusBadRequest)
 		return
 	}
-	}

 	if !r.URL.Query().Has("clientSessionId") {
 		httpError(w, r, fmt.Errorf("missing clientSessionId"), http.StatusBadRequest)
@ -173,8 +176,9 @@ func handleGetSessionData(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	var save any
-	save, err = savedata.Get(uuid, 1, slot)
+	switch r.Method {
+	case "GET":
+		save, err := savedata.GetSession(uuid, slot)
 		if errors.Is(err, sql.ErrNoRows) {
 			http.Error(w, err.Error(), http.StatusNotFound)
 			return
@ -186,63 +190,39 @@ func handleGetSessionData(w http.ResponseWriter, r *http.Request) {
 		}

 		writeJSON(w, r, save)
+	case "PUT":
+		var session defs.SessionSaveData
+		err = json.NewDecoder(r.Body).Decode(&session)
+		if err != nil {
+			httpError(w, r, fmt.Errorf("failed to decode request body: %s", err), http.StatusBadRequest)
+			return
+		}
+
+		err = savedata.PutSession(uuid, slot, session)
+		if err != nil {
+			httpError(w, r, fmt.Errorf("failed to put session data: %s", err), http.StatusInternalServerError)
+			return
+		}
+
+		w.WriteHeader(http.StatusNoContent)
+	case "DELETE":
+		err := savedata.DeleteSession(uuid, slot)
+		if err != nil {
+			httpError(w, r, err, http.StatusInternalServerError)
+			return
+		}
+
+		w.WriteHeader(http.StatusNoContent)
+	}
 }

 const legacyClientSessionId = "LEGACY_CLIENT"

-func legacyHandleGetSaveData(w http.ResponseWriter, r *http.Request) {
-	uuid, err := uuidFromRequest(r)
-	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
-		return
-	}
-
-	datatype := -1
-	if r.URL.Query().Has("datatype") {
-		datatype, err = strconv.Atoi(r.URL.Query().Get("datatype"))
-		if err != nil {
-			httpError(w, r, err, http.StatusBadRequest)
-			return
-		}
-	}
-
-	var slot int
-	if r.URL.Query().Has("slot") {
-		slot, err = strconv.Atoi(r.URL.Query().Get("slot"))
-		if err != nil {
-			httpError(w, r, err, http.StatusBadRequest)
-			return
-		}
-	}
-
-	var save any
-	if datatype == 0 {
-		err = db.UpdateActiveSession(uuid, legacyClientSessionId) // we dont have a client id
-		if err != nil {
-			httpError(w, r, fmt.Errorf("failed to update active session: %s", err), http.StatusBadRequest)
-			return
-		}
-	}
-
-	save, err = savedata.Get(uuid, datatype, slot)
-	if errors.Is(err, sql.ErrNoRows) {
-		http.Error(w, err.Error(), http.StatusNotFound)
-		return
-	}
-
-	if err != nil {
-		httpError(w, r, err, http.StatusInternalServerError)
-		return
-	}
-
-	writeJSON(w, r, save)
-}
-
 // FIXME UNFINISHED!!!
 /*func clearSessionData(w http.ResponseWriter, r *http.Request) {
 	uuid, err := uuidFromRequest(r)
 	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
+		httpError(w, r, err, http.StatusUnauthorized)
 		return
 	}

@ -266,7 +246,7 @@ func legacyHandleGetSaveData(w http.ResponseWriter, r *http.Request) {
 	save = session

 	var active bool
-	active, err = db.IsActiveSession(uuid, legacyClientSessionId) //TODO unfinished, read token from query
+	active, err = db.IsActiveSession(uuid, legacyClientSessionId) // TODO: unfinished, read token from query
 	if err != nil {
 		httpError(w, r, fmt.Errorf("failed to check active session: %s", err), http.StatusBadRequest)
 		return
@ -325,92 +305,12 @@ func legacyHandleGetSaveData(w http.ResponseWriter, r *http.Request) {

 	jsonResponse(w, r, response)
 }
-
-// FIXME UNFINISHED!!!
-func deleteSystemSave(w http.ResponseWriter, r *http.Request) {
-	uuid, err := uuidFromRequest(r)
-	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
-		return
-	}
-
-	datatype := 0
-	if r.URL.Query().Has("datatype") {
-		datatype, err = strconv.Atoi(r.URL.Query().Get("datatype"))
-		if err != nil {
-			httpError(w, r, err, http.StatusBadRequest)
-			return
-		}
-	}
-
-	var slot int
-	if r.URL.Query().Has("slot") {
-		slot, err = strconv.Atoi(r.URL.Query().Get("slot"))
-		if err != nil {
-			httpError(w, r, err, http.StatusBadRequest)
-			return
-		}
-	}
-
-	var active bool
-	active, err = db.IsActiveSession(uuid, legacyClientSessionId) //TODO unfinished, read token from query
-	if err != nil {
-		httpError(w, r, fmt.Errorf("failed to check active session: %s", err), http.StatusInternalServerError)
-		return
-	}
-
-	if !active {
-		httpError(w, r, fmt.Errorf("session out of date: not active"), http.StatusBadRequest)
-		return
-	}
-
-	var trainerId, secretId int
-
-	if r.URL.Query().Has("trainerId") && r.URL.Query().Has("secretId") {
-		trainerId, err = strconv.Atoi(r.URL.Query().Get("trainerId"))
-		if err != nil {
-			httpError(w, r, err, http.StatusBadRequest)
-			return
-		}
-
-		secretId, err = strconv.Atoi(r.URL.Query().Get("secretId"))
-		if err != nil {
-			httpError(w, r, err, http.StatusBadRequest)
-			return
-		}
-	}
-
-	storedTrainerId, storedSecretId, err := db.FetchTrainerIds(uuid)
-	if err != nil {
-		httpError(w, r, err, http.StatusInternalServerError)
-		return
-	}
-
-	if storedTrainerId > 0 || storedSecretId > 0 {
-		if trainerId != storedTrainerId || secretId != storedSecretId {
-			httpError(w, r, fmt.Errorf("session out of date: stored trainer or secret ID does not match"), http.StatusBadRequest)
-			return
-		}
-	} else {
-		if err := db.UpdateTrainerIds(trainerId, secretId, uuid); err != nil {
-			httpError(w, r, err, http.StatusInternalServerError)
-			return
-		}
-	}
-
-	err = savedata.Delete(uuid, datatype, slot)
-	if err != nil {
-		httpError(w, r, err, http.StatusInternalServerError)
-		return
-	}
-
-	w.WriteHeader(http.StatusOK)
-}*/
+*/

 func legacyHandleSaveData(w http.ResponseWriter, r *http.Request) {
 	uuid, err := uuidFromRequest(r)
 	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
+		httpError(w, r, err, http.StatusUnauthorized)
 		return
 	}

@ -438,8 +338,8 @@ func legacyHandleSaveData(w http.ResponseWriter, r *http.Request) {
 	}

 	var save any
-	// /savedata/get and /savedata/delete specify datatype, but don't expect data in body
-	if r.URL.Path != "/savedata/get" && r.URL.Path != "/savedata/delete" {
+	// /savedata/delete specify datatype, but don't expect data in body
+	if r.URL.Path != "/savedata/delete" {
 		if datatype == 0 {
 			var system defs.SystemSaveData
 			err = json.NewDecoder(r.Body).Decode(&system)
@ -463,15 +363,6 @@ func legacyHandleSaveData(w http.ResponseWriter, r *http.Request) {
 	}

 	var active bool
-	if r.URL.Path == "/savedata/get" {
-		if datatype == 0 {
-			err = db.UpdateActiveSession(uuid, clientSessionId)
-			if err != nil {
-				httpError(w, r, fmt.Errorf("failed to update active session: %s", err), http.StatusBadRequest)
-				return
-			}
-		}
-	} else {
 	active, err = db.IsActiveSession(uuid, clientSessionId)
 	if err != nil {
 		httpError(w, r, fmt.Errorf("failed to check active session: %s", err), http.StatusBadRequest)
@ -522,15 +413,8 @@ func legacyHandleSaveData(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 	}
-	}

 	switch r.URL.Path {
-	case "/savedata/get":
-		save, err = savedata.Get(uuid, datatype, slot)
-		if errors.Is(err, sql.ErrNoRows) {
-			http.Error(w, err.Error(), http.StatusNotFound)
-			return
-		}
 	case "/savedata/update":
 		err = savedata.Update(uuid, slot, save)
 	case "/savedata/delete":
@ -576,7 +460,7 @@ type CombinedSaveData struct {
 func handleUpdateAll(w http.ResponseWriter, r *http.Request) {
 	uuid, err := uuidFromRequest(r)
 	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
+		httpError(w, r, err, http.StatusUnauthorized)
 		return
 	}

@ -586,6 +470,7 @@ func handleUpdateAll(w http.ResponseWriter, r *http.Request) {
 		httpError(w, r, fmt.Errorf("failed to decode request body: %s", err), http.StatusBadRequest)
 		return
 	}
+
 	if data.ClientSessionId == "" {
 		data.ClientSessionId = legacyClientSessionId
 	}
@ -602,9 +487,6 @@ func handleUpdateAll(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	trainerId := data.System.TrainerId
-	secretId := data.System.SecretId
-
 	storedTrainerId, storedSecretId, err := db.FetchTrainerIds(uuid)
 	if err != nil {
 		httpError(w, r, err, http.StatusInternalServerError)
@ -612,12 +494,13 @@ func handleUpdateAll(w http.ResponseWriter, r *http.Request) {
 	}

 	if storedTrainerId > 0 || storedSecretId > 0 {
-		if trainerId != storedTrainerId || secretId != storedSecretId {
+		if data.System.TrainerId != storedTrainerId || data.System.SecretId != storedSecretId {
 			httpError(w, r, fmt.Errorf("session out of date: stored trainer or secret ID does not match"), http.StatusBadRequest)
 			return
 		}
 	} else {
-		if err = db.UpdateTrainerIds(trainerId, secretId, uuid); err != nil {
+		err = db.UpdateTrainerIds(data.System.TrainerId, data.System.SecretId, uuid)
+		if err != nil {
 			httpError(w, r, err, http.StatusInternalServerError)
 			return
 		}
@ -628,27 +511,29 @@ func handleUpdateAll(w http.ResponseWriter, r *http.Request) {
 		httpError(w, r, err, http.StatusInternalServerError)
 		return
 	}
+
 	err = savedata.Update(uuid, 0, data.System)
 	if err != nil {
 		httpError(w, r, err, http.StatusInternalServerError)
 		return
 	}
+
 	w.WriteHeader(http.StatusOK)
 }

+type SystemVerifyRequest struct {
+	ClientSessionId string `json:"clientSessionId"`
+}
+
 type SystemVerifyResponse struct {
 	Valid      bool                 `json:"valid"`
 	SystemData *defs.SystemSaveData `json:"systemData"`
 }

-type SystemVerifyRequest struct {
-	ClientSessionId string `json:"clientSessionId"`
-}
-
 func handleSystemVerify(w http.ResponseWriter, r *http.Request) {
 	uuid, err := uuidFromRequest(r)
 	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
+		httpError(w, r, err, http.StatusUnauthorized)
 		return
 	}

@ -697,10 +582,10 @@ func handleSystemVerify(w http.ResponseWriter, r *http.Request) {
 	writeJSON(w, r, response)
 }

-func handleGetSystemData(w http.ResponseWriter, r *http.Request) {
+func handleSystem(w http.ResponseWriter, r *http.Request) {
 	uuid, err := uuidFromRequest(r)
 	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
+		httpError(w, r, err, http.StatusUnauthorized)
 		return
 	}

@ -715,8 +600,9 @@ func handleGetSystemData(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	var save any //TODO this is always system save data
-	save, err = savedata.Get(uuid, 0, 0)
+	switch r.Method {
+	case "GET":
+		save, err := savedata.GetSystem(uuid)
 		if err != nil {
 			if errors.Is(err, sql.ErrNoRows) {
 				http.Error(w, err.Error(), http.StatusNotFound)
@ -726,15 +612,40 @@ func handleGetSystemData(w http.ResponseWriter, r *http.Request) {

 			return
 		}
-	//TODO apply vouchers
+
+		// TODO: apply vouchers

 		writeJSON(w, r, save)
+	case "PUT":
+		var system defs.SystemSaveData
+		err = json.NewDecoder(r.Body).Decode(&system)
+		if err != nil {
+			httpError(w, r, fmt.Errorf("failed to decode request body: %s", err), http.StatusBadRequest)
+			return
+		}
+
+		err = savedata.PutSystem(uuid, system)
+		if err != nil {
+			httpError(w, r, fmt.Errorf("failed to put system data: %s", err), http.StatusInternalServerError)
+			return
+		}
+
+		w.WriteHeader(http.StatusNoContent)
+	case "DELETE":
+		err := savedata.DeleteSystem(uuid)
+		if err != nil {
+			httpError(w, r, err, http.StatusInternalServerError)
+			return
+		}
+
+		w.WriteHeader(http.StatusNoContent)
+	}
 }

 func legacyHandleNewClear(w http.ResponseWriter, r *http.Request) {
 	uuid, err := uuidFromRequest(r)
 	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
+		httpError(w, r, err, http.StatusUnauthorized)
 		return
 	}

--- a/api/savedata/delete.go
+++ b/api/savedata/delete.go
@ -33,8 +33,6 @@ func Delete(uuid []byte, datatype, slot int) error {
 	}

 	switch datatype {
-	case 0: // System
-		err = db.DeleteSystemSaveData(uuid)
 	case 1: // Session
 		if slot < 0 || slot >= defs.SessionSlotCount {
 			err = fmt.Errorf("slot id %d out of range", slot)
--- a/api/savedata/get.go
+++ b/api/savedata/get.go
@ -1,82 +0,0 @@
-/*
-	Copyright (C) 2024  Pagefault Games
-
-	This program is free software: you can redistribute it and/or modify
-	it under the terms of the GNU Affero General Public License as published by
-	the Free Software Foundation, either version 3 of the License, or
-	(at your option) any later version.
-
-	This program is distributed in the hope that it will be useful,
-	but WITHOUT ANY WARRANTY; without even the implied warranty of
-	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-	GNU Affero General Public License for more details.
-
-	You should have received a copy of the GNU Affero General Public License
-	along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-package savedata
-
-import (
-	"fmt"
-	"strconv"
-
-	"github.com/pagefaultgames/rogueserver/db"
-	"github.com/pagefaultgames/rogueserver/defs"
-)
-
-// /savedata/get - get save data
-func Get(uuid []byte, datatype, slot int) (any, error) {
-	switch datatype {
-	case 0: // System
-		system, err := db.ReadSystemSaveData(uuid)
-		if err != nil {
-			return nil, err
-		}
-
-		// TODO this should be a transaction
-		compensations, err := db.FetchAndClaimAccountCompensations(uuid)
-		if err != nil {
-			return nil, fmt.Errorf("failed to fetch compensations: %s", err)
-		}
-
-		var needsUpdate bool
-		for compensationType, amount := range compensations {
-			system.VoucherCounts[strconv.Itoa(compensationType)] += amount
-			if amount > 0 {
-				needsUpdate = true
-			}
-		}
-
-		if needsUpdate {
-			err = db.StoreSystemSaveData(uuid, system)
-			if err != nil {
-				return nil, fmt.Errorf("failed to update system save data: %s", err)
-			}
-			err = db.DeleteClaimedAccountCompensations(uuid)
-			if err != nil {
-				return nil, fmt.Errorf("failed to delete claimed compensations: %s", err)
-			}
-
-			err = db.UpdateAccountStats(uuid, system.GameStats, system.VoucherCounts)
-			if err != nil {
-				return nil, fmt.Errorf("failed to update account stats: %s", err)
-			}
-		}
-
-		return system, nil
-	case 1: // Session
-		if slot < 0 || slot >= defs.SessionSlotCount {
-			return nil, fmt.Errorf("slot id %d out of range", slot)
-		}
-
-		session, err := db.ReadSessionSaveData(uuid, slot)
-		if err != nil {
-			return nil, err
-		}
-
-		return session, nil
-	default:
-		return nil, fmt.Errorf("invalid data type")
-	}
-}
--- a/api/savedata/session.go
+++ b/api/savedata/session.go
@ -0,0 +1,33 @@
+package savedata
+
+import (
+	"github.com/pagefaultgames/rogueserver/db"
+	"github.com/pagefaultgames/rogueserver/defs"
+)
+
+func GetSession(uuid []byte, slot int) (defs.SessionSaveData, error) {
+	session, err := db.ReadSessionSaveData(uuid, slot)
+	if err != nil {
+		return session, err
+	}
+
+	return session, nil
+}
+
+func PutSession(uuid []byte, slot int, data defs.SessionSaveData) error {
+	err := db.StoreSessionSaveData(uuid, data, slot)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func DeleteSession(uuid []byte, slot int) error {
+	err := db.DeleteSessionSaveData(uuid, slot)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
--- a/api/savedata/system.go
+++ b/api/savedata/system.go
@ -0,0 +1,79 @@
+package savedata
+
+import (
+	"fmt"
+	"strconv"
+
+	"github.com/pagefaultgames/rogueserver/db"
+	"github.com/pagefaultgames/rogueserver/defs"
+)
+
+func GetSystem(uuid []byte) (defs.SystemSaveData, error) {
+	system, err := db.ReadSystemSaveData(uuid)
+	if err != nil {
+		return system, err
+	}
+
+	// TODO: this should be a transaction
+	compensations, err := db.FetchAndClaimAccountCompensations(uuid)
+	if err != nil {
+		return system, fmt.Errorf("failed to fetch compensations: %s", err)
+	}
+
+	var needsUpdate bool
+	for compensationType, amount := range compensations {
+		system.VoucherCounts[strconv.Itoa(compensationType)] += amount
+		if amount > 0 {
+			needsUpdate = true
+		}
+	}
+
+	if needsUpdate {
+		err = db.StoreSystemSaveData(uuid, system)
+		if err != nil {
+			return system, fmt.Errorf("failed to update system save data: %s", err)
+		}
+		err = db.DeleteClaimedAccountCompensations(uuid)
+		if err != nil {
+			return system, fmt.Errorf("failed to delete claimed compensations: %s", err)
+		}
+
+		err = db.UpdateAccountStats(uuid, system.GameStats, system.VoucherCounts)
+		if err != nil {
+			return system, fmt.Errorf("failed to update account stats: %s", err)
+		}
+	}
+
+	return system, nil
+}
+
+func PutSystem(uuid []byte, data defs.SystemSaveData) error {
+	if data.TrainerId == 0 && data.SecretId == 0 {
+		return fmt.Errorf("invalid system data")
+	}
+
+	if data.GameVersion != "1.0.4" {
+		return fmt.Errorf("client version out of date")
+	}
+
+	err := db.UpdateAccountStats(uuid, data.GameStats, data.VoucherCounts)
+	if err != nil {
+		return fmt.Errorf("failed to update account stats: %s", err)
+	}
+
+	err = db.DeleteClaimedAccountCompensations(uuid)
+	if err != nil {
+		return fmt.Errorf("failed to delete claimed compensations: %s", err)
+	}
+
+	return db.StoreSystemSaveData(uuid, data)
+}
+
+func DeleteSystem(uuid []byte) error {
+	err := db.DeleteSystemSaveData(uuid)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
--- a/defs/savedata.go
+++ b/defs/savedata.go
@ -107,6 +107,13 @@ type SessionSaveData struct {
 	Trainer        TrainerData              `json:"trainer"`
 	GameVersion    string                   `json:"gameVersion"`
 	Timestamp      int                      `json:"timestamp"`
+	Challenges     []ChallengeData          `json:"challenges"`
+}
+
+type ChallengeData struct {
+	Id       int `json:"id"`
+	Value    int `json:"value"`
+	Severity int `json:"severity"`
 }

 type GameMode int
Author	SHA1	Message	Date
Pancakes	656a935a6c	Use Unauthorized status code where applicable	2024-06-07 23:16:27 -04:00
Pancakes	e4a9311fe4	Add missing return	2024-06-07 23:11:09 -04:00
Pancakes	46f6127aac	Use NoContent status code for DELETE and PUT success	2024-06-07 23:10:27 -04:00
Pancakes	16b73c7130	Put SystemVerify request struct above response	2024-06-07 22:58:50 -04:00
Pancakes	f6743743fa	Clean up session handlers	2024-06-07 22:38:24 -04:00
Pancakes	16340858bb	Add new save endpoints	2024-06-07 22:23:02 -04:00
Pancakes	593c2f82ea	Remove recordNewDaily	2024-06-07 21:10:57 -04:00
Frederico Santos	1448b6f14d	feat: Add ChallengeData to SessionSaveData struct (#34 ) This commit adds the `ChallengeData` struct to the `SessionSaveData` struct. The `ChallengeData` struct includes fields for `id`, `value`, and `severity`. This change allows for storing challenge data in the session save data.	2024-06-07 19:50:01 -04:00
Pancakes	9d8c6b88bf	Consistent styling on TODO comments	2024-06-07 18:30:22 -04:00
Pancakes	674ed2aa51	Run go fmt on everything Signed-off-by: Pancakes <patapancakes@pagefault.games>	2024-06-07 18:27:59 -04:00
Pancakes	023b8aaed4	Remove /savedata/get	2024-06-07 18:24:55 -04:00
Pancakes	ddf1e8d9e5	Clean up handleUpdateAll	2024-06-07 18:05:41 -04:00