From 41d86b545dbe698547409aaff759853255e28cc6 Mon Sep 17 00:00:00 2001 From: Hri7566 Date: Tue, 5 Nov 2024 11:16:31 -0500 Subject: [PATCH] Use admin flag for admin messages --- src/ws/events/user/handlers/admin_message.ts | 25 +++++++++++++++----- 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/src/ws/events/user/handlers/admin_message.ts b/src/ws/events/user/handlers/admin_message.ts index e433b23..77c1403 100644 --- a/src/ws/events/user/handlers/admin_message.ts +++ b/src/ws/events/user/handlers/admin_message.ts @@ -8,14 +8,27 @@ export const admin_message: ServerEventListener<"admin message"> = { if (socket.rateLimits) if (!socket.rateLimits.normal["admin message"].attempt()) return; - if (typeof msg.password !== "string") { - socket.gateway.hasSentInvalidAdminMessage = true; - return; + const flags = socket.getUserFlags(); + + let hasFlag = false; + + if (flags) { + // Sometimes we don't use passwords + if (flags.admin) hasFlag = true; } - if (msg.password !== env.ADMIN_PASS) { - socket.gateway.hasSentInvalidAdminMessage = true; - return; + if (!hasFlag) { + // Did they send some kind of password? + if (typeof msg.password !== "string") { + socket.gateway.hasSentInvalidAdminMessage = true; + return; + } + + // Is the password correct? + if (msg.password !== env.ADMIN_PASS) { + socket.gateway.hasSentInvalidAdminMessage = true; + return; + } } // Probably shouldn't be using password auth in 2024