feat: 코드 리뷰 기반 전면 개선 — 보안, 검증, 테스트, 안정성
- 체인 nonce 경쟁 조건 수정 (operatorMu + per-user mutex) - 등록/SSAFY 원자적 트랜잭션 (wallet+profile 롤백 보장) - IdempotencyRequired 미들웨어 (SETNX 원자적 클레임) - 런치 티켓 API (JWT URL 노출 방지) - HttpOnly 쿠키 refresh token - SSAFY OAuth state 파라미터 (CSRF 방지) - Refresh 시 DB 조회로 최신 role 사용 - 공지사항/유저목록 페이지네이션 - BodyLimit 미들웨어 (1MB, upload 제외) - 입력 검증 강화 (닉네임, 게임데이터, 공지 길이) - 에러 메시지 내부 정보 노출 방지 - io.LimitReader (RPC 10MB, SSAFY 1MB) - RequestID 비출력 문자 제거 - 단위 테스트 (auth 11, announcement 9, bossraid 16) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -70,7 +70,7 @@ func (c *Client) Call(method string, params any, out any) error {
|
||||
return fmt.Errorf("RPC HTTP error: status %d", resp.StatusCode)
|
||||
}
|
||||
|
||||
body, err := io.ReadAll(resp.Body)
|
||||
body, err := io.ReadAll(io.LimitReader(resp.Body, 10*1024*1024))
|
||||
if err != nil {
|
||||
return fmt.Errorf("read RPC response: %w", err)
|
||||
}
|
||||
|
||||
@@ -9,6 +9,7 @@ import (
|
||||
"fmt"
|
||||
"io"
|
||||
"log"
|
||||
"sync"
|
||||
|
||||
"github.com/tolelom/tolchain/core"
|
||||
tocrypto "github.com/tolelom/tolchain/crypto"
|
||||
@@ -22,6 +23,8 @@ type Service struct {
|
||||
operatorWallet *wallet.Wallet
|
||||
encKeyBytes []byte // 32-byte AES-256 key
|
||||
userResolver func(username string) (uint, error)
|
||||
operatorMu sync.Mutex // serialises operator-nonce transactions
|
||||
userMu sync.Map // per-user mutex (keyed by userID uint)
|
||||
}
|
||||
|
||||
// SetUserResolver sets the callback that resolves username → userID.
|
||||
@@ -209,9 +212,18 @@ func (s *Service) GetListing(listingID string) (json.RawMessage, error) {
|
||||
return s.client.GetListing(listingID)
|
||||
}
|
||||
|
||||
// getUserMu returns a per-user mutex, creating one if it doesn't exist.
|
||||
func (s *Service) getUserMu(userID uint) *sync.Mutex {
|
||||
v, _ := s.userMu.LoadOrStore(userID, &sync.Mutex{})
|
||||
return v.(*sync.Mutex)
|
||||
}
|
||||
|
||||
// ---- User Transaction Methods ----
|
||||
|
||||
func (s *Service) Transfer(userID uint, to string, amount uint64) (*SendTxResult, error) {
|
||||
mu := s.getUserMu(userID)
|
||||
mu.Lock()
|
||||
defer mu.Unlock()
|
||||
w, pubKey, err := s.loadUserWallet(userID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -228,6 +240,9 @@ func (s *Service) Transfer(userID uint, to string, amount uint64) (*SendTxResult
|
||||
}
|
||||
|
||||
func (s *Service) TransferAsset(userID uint, assetID, to string) (*SendTxResult, error) {
|
||||
mu := s.getUserMu(userID)
|
||||
mu.Lock()
|
||||
defer mu.Unlock()
|
||||
w, pubKey, err := s.loadUserWallet(userID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -244,6 +259,9 @@ func (s *Service) TransferAsset(userID uint, assetID, to string) (*SendTxResult,
|
||||
}
|
||||
|
||||
func (s *Service) ListOnMarket(userID uint, assetID string, price uint64) (*SendTxResult, error) {
|
||||
mu := s.getUserMu(userID)
|
||||
mu.Lock()
|
||||
defer mu.Unlock()
|
||||
w, pubKey, err := s.loadUserWallet(userID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -260,6 +278,9 @@ func (s *Service) ListOnMarket(userID uint, assetID string, price uint64) (*Send
|
||||
}
|
||||
|
||||
func (s *Service) BuyFromMarket(userID uint, listingID string) (*SendTxResult, error) {
|
||||
mu := s.getUserMu(userID)
|
||||
mu.Lock()
|
||||
defer mu.Unlock()
|
||||
w, pubKey, err := s.loadUserWallet(userID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -276,6 +297,9 @@ func (s *Service) BuyFromMarket(userID uint, listingID string) (*SendTxResult, e
|
||||
}
|
||||
|
||||
func (s *Service) CancelListing(userID uint, listingID string) (*SendTxResult, error) {
|
||||
mu := s.getUserMu(userID)
|
||||
mu.Lock()
|
||||
defer mu.Unlock()
|
||||
w, pubKey, err := s.loadUserWallet(userID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -292,6 +316,9 @@ func (s *Service) CancelListing(userID uint, listingID string) (*SendTxResult, e
|
||||
}
|
||||
|
||||
func (s *Service) EquipItem(userID uint, assetID, slot string) (*SendTxResult, error) {
|
||||
mu := s.getUserMu(userID)
|
||||
mu.Lock()
|
||||
defer mu.Unlock()
|
||||
w, pubKey, err := s.loadUserWallet(userID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -308,6 +335,9 @@ func (s *Service) EquipItem(userID uint, assetID, slot string) (*SendTxResult, e
|
||||
}
|
||||
|
||||
func (s *Service) UnequipItem(userID uint, assetID string) (*SendTxResult, error) {
|
||||
mu := s.getUserMu(userID)
|
||||
mu.Lock()
|
||||
defer mu.Unlock()
|
||||
w, pubKey, err := s.loadUserWallet(userID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -340,6 +370,8 @@ func (s *Service) getOperatorNonce() (uint64, error) {
|
||||
}
|
||||
|
||||
func (s *Service) MintAsset(templateID, ownerPubKey string, properties map[string]any) (*SendTxResult, error) {
|
||||
s.operatorMu.Lock()
|
||||
defer s.operatorMu.Unlock()
|
||||
if err := s.ensureOperator(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -355,6 +387,8 @@ func (s *Service) MintAsset(templateID, ownerPubKey string, properties map[strin
|
||||
}
|
||||
|
||||
func (s *Service) GrantReward(recipientPubKey string, tokenAmount uint64, assets []core.MintAssetPayload) (*SendTxResult, error) {
|
||||
s.operatorMu.Lock()
|
||||
defer s.operatorMu.Unlock()
|
||||
if err := s.ensureOperator(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -370,6 +404,8 @@ func (s *Service) GrantReward(recipientPubKey string, tokenAmount uint64, assets
|
||||
}
|
||||
|
||||
func (s *Service) RegisterTemplate(id, name string, schema map[string]any, tradeable bool) (*SendTxResult, error) {
|
||||
s.operatorMu.Lock()
|
||||
defer s.operatorMu.Unlock()
|
||||
if err := s.ensureOperator(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user