From d481b4b26defd3d9096513a3533ec5a0e461a981 Mon Sep 17 00:00:00 2001
From: Sainan <63328889+Sainan@users.noreply.github.com>
Date: Mon, 1 Sep 2025 04:03:04 +0200
Subject: [PATCH] forcibly close game ws connections when nonce is invalidated

---
 src/controllers/api/loginController.ts  |  4 ++--
 src/controllers/api/logoutController.ts |  4 ++--
 src/services/wsService.ts               | 25 +++++++++++++++++++++++++
 3 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/src/controllers/api/loginController.ts b/src/controllers/api/loginController.ts
index d93a9229..beac741e 100644
--- a/src/controllers/api/loginController.ts
+++ b/src/controllers/api/loginController.ts
@@ -8,7 +8,7 @@ import { createAccount, createNonce, getUsernameFromEmail, isCorrectPassword } f
 import type { IDatabaseAccountJson, ILoginRequest, ILoginResponse } from "../../types/loginTypes.ts";
 import { logger } from "../../utils/logger.ts";
 import { version_compare } from "../../helpers/inventoryHelpers.ts";
-import { sendWsBroadcastTo } from "../../services/wsService.ts";
+import { handleNonceInvalidation } from "../../services/wsService.ts";
 
 export const loginController: RequestHandler = async (request, response) => {
     const loginRequest = JSON.parse(String(request.body)) as ILoginRequest; // parse octet stream of json data to json object
@@ -74,7 +74,7 @@ export const loginController: RequestHandler = async (request, response) => {
     account.LastLogin = new Date();
     await account.save();
 
-    sendWsBroadcastTo(account._id.toString(), { nonce_updated: true });
+    handleNonceInvalidation(account._id.toString());
 
     response.json(createLoginResponse(myAddress, myUrlBase, account.toJSON(), buildLabel));
 };
diff --git a/src/controllers/api/logoutController.ts b/src/controllers/api/logoutController.ts
index d1c13c2d..371d76fa 100644
--- a/src/controllers/api/logoutController.ts
+++ b/src/controllers/api/logoutController.ts
@@ -1,6 +1,6 @@
 import type { RequestHandler } from "express";
 import { Account } from "../../models/loginModel.ts";
-import { sendWsBroadcastTo } from "../../services/wsService.ts";
+import { handleNonceInvalidation } from "../../services/wsService.ts";
 
 export const logoutController: RequestHandler = async (req, res) => {
     if (!req.query.accountId) {
@@ -21,7 +21,7 @@ export const logoutController: RequestHandler = async (req, res) => {
         }
     );
     if (stat.modifiedCount) {
-        sendWsBroadcastTo(req.query.accountId as string, { nonce_updated: true });
+        handleNonceInvalidation(req.query.accountId as string);
     }
 
     res.writeHead(200, {
diff --git a/src/services/wsService.ts b/src/services/wsService.ts
index c87325a4..2c7ebe13 100644
--- a/src/services/wsService.ts
+++ b/src/services/wsService.ts
@@ -247,3 +247,28 @@ export const sendWsBroadcastEx = (data: IWsMsgToClient, accountId?: string, excl
         }
     }
 };
+
+export const handleNonceInvalidation = (accountId: string): void => {
+    if (wsServer) {
+        for (const client of wsServer.clients) {
+            if ((client as IWsCustomData).accountId == accountId) {
+                if ((client as IWsCustomData).isGame) {
+                    client.close();
+                } else {
+                    client.send(JSON.stringify({ nonce_updated: true } satisfies IWsMsgToClient));
+                }
+            }
+        }
+    }
+    if (wssServer) {
+        for (const client of wssServer.clients) {
+            if ((client as IWsCustomData).accountId == accountId) {
+                if ((client as IWsCustomData).isGame) {
+                    client.close();
+                } else {
+                    client.send(JSON.stringify({ nonce_updated: true } satisfies IWsMsgToClient));
+                }
+            }
+        }
+    }
+};