Clean up clientSessionId checks

* chore: Refactor saving session data to prevent saving older sessions

* chore: Refactor saving system data to prevent saving older sessions

* Refactor saving session and system data to prevent saving older versions

api/endpoints.go

@@ -143,7 +143,7 @@ func handleGameTitleStats(w http.ResponseWriter, r *http.Request) {
 }
 
 func handleGameClassicSessionCount(w http.ResponseWriter, r *http.Request) {
-	_, _ = w.Write([]byte(strconv.Itoa(classicSessionCount)))
+	w.Write([]byte(strconv.Itoa(classicSessionCount)))
 }
 
 func handleGetSessionData(w http.ResponseWriter, r *http.Request) {
@@ -162,14 +162,12 @@ func handleGetSessionData(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
-	var clientSessionId string
-	if r.URL.Query().Has("clientSessionId") {
-		clientSessionId = r.URL.Query().Get("clientSessionId")
-	} else {
+	if !r.URL.Query().Has("clientSessionId") {
 		httpError(w, r, fmt.Errorf("missing clientSessionId"), http.StatusBadRequest)
+		return
 	}
 
-	err = db.UpdateActiveSession(uuid, clientSessionId)
+	err = db.UpdateActiveSession(uuid, r.URL.Query().Get("clientSessionId"))
 	if err != nil {
 		httpError(w, r, fmt.Errorf("failed to update active session: %s", err), http.StatusBadRequest)
 		return
@@ -434,10 +432,7 @@ func legacyHandleSaveData(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
-	var clientSessionId string
-	if r.URL.Query().Has("clientSessionId") {
-		clientSessionId = r.URL.Query().Get("clientSessionId")
-	}
+	clientSessionId := r.URL.Query().Get("clientSessionId")
 	if clientSessionId == "" {
 		clientSessionId = legacyClientSessionId
 	}
@@ -709,14 +704,12 @@ func handleGetSystemData(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	var clientSessionId string
-	if r.URL.Query().Has("clientSessionId") {
-		clientSessionId = r.URL.Query().Get("clientSessionId")
-	} else {
+	if !r.URL.Query().Has("clientSessionId") {
 		httpError(w, r, fmt.Errorf("missing clientSessionId"), http.StatusBadRequest)
+		return
 	}
 
-	err = db.UpdateActiveSession(uuid, clientSessionId)
+	err = db.UpdateActiveSession(uuid, r.URL.Query().Get("clientSessionId"))
 	if err != nil {
 		httpError(w, r, fmt.Errorf("failed to update active session: %s", err), http.StatusBadRequest)
 		return
@@ -823,5 +816,5 @@ func handleDailyRankingPageCount(w http.ResponseWriter, r *http.Request) {
 		httpError(w, r, err, http.StatusInternalServerError)
 	}
 
-	_, _ = w.Write([]byte(strconv.Itoa(count)))
+	w.Write([]byte(strconv.Itoa(count)))
 }

db/savedata.go

@@ -20,6 +20,7 @@ package db
 import (
 	"bytes"
 	"encoding/gob"
+	"errors"
 
 	"github.com/pagefaultgames/rogueserver/defs"
 )
@@ -69,8 +70,13 @@ func ReadSystemSaveData(uuid []byte) (defs.SystemSaveData, error) {
 }
 
 func StoreSystemSaveData(uuid []byte, data defs.SystemSaveData) error {
+	systemData, err := ReadSystemSaveData(uuid)
+	if err == nil && systemData.Timestamp > data.Timestamp {
+		return errors.New("attempted to save an older system save")
+	}
+
 	var buf bytes.Buffer
-	err := gob.NewEncoder(&buf).Encode(data)
+	err = gob.NewEncoder(&buf).Encode(data)
 	if err != nil {
 		return err
 	}
@@ -120,8 +126,13 @@ func GetLatestSessionSaveDataSlot(uuid []byte) (int, error) {
 }
 
 func StoreSessionSaveData(uuid []byte, data defs.SessionSaveData, slot int) error {
+	session, err := ReadSessionSaveData(uuid, slot)
+	if err == nil && session.Seed == data.Seed && session.WaveIndex > data.WaveIndex {
+		return errors.New("attempted to save an older session")
+	}
+
 	var buf bytes.Buffer
-	err := gob.NewEncoder(&buf).Encode(data)
+	err = gob.NewEncoder(&buf).Encode(data)
 	if err != nil {
 		return err
 	}