Add time limit(s)

1 files changed, 56 insertions, 27 deletions

diff --git a/src/http.go b/src/http.go
index 81d55b7..1e60046 100644
--- a/src/http.go
+++ b/src/http.go
@@ -36,6 +36,7 @@ func setupHTTPServer() (http.Server) {
 	r.HandleFunc("/api/startContainer", startContainerHandler).Methods("POST")
 	r.HandleFunc("/api/stopContainer", stopContainerHandler).Methods("POST")
 	r.HandleFunc("/api/getAccess", getAccessHandler).Methods("GET")
+	r.HandleFunc("/api/getTimeLimit", getTimeLimitHandler).Methods("GET")
 
 	return http.Server{
 		Addr: fmt.Sprintf("0.0.0.0:%d", *port),
@@ -113,6 +114,9 @@ func loginPostHandler(w http.ResponseWriter, r *http.Request) {
 				Expires: time.Now().Add(time.Hour * 24),
 			})
 			validRedirect = true
+
+			// register our login time for the limiter
+			registerLoginForLimiter()
 		}
 	}
 
@@ -211,30 +215,36 @@ func submitFlagHandler(w http.ResponseWriter, r *http.Request) {
 	} else {
 		// valid session token found, now search for the requested challenge
 
+		errorString := ""
 		foundChallenge := false
 		correctFlag := false
 
-		// try to find our challenge
-		for index, challenge := range challenges {
-			if challenge.Name == challengeName {
-				// found challenge, check flags
-				foundChallenge = true
-
-				if challenge.Flag == flag {
-					// our user found the flag \o/
-					challenges[index].FoundFlag = true
-					correctFlag = true
-				} else {
-					// ow, bummer :(
-					challenge.FlagTries++
+		// check if we are in the desired timeframe
+		if shouldLimit() {
+			// We are not.
+			errorString = "Time's up."
+		} else {
+			// We can check that flag. Try to find our challenge
+			for index, challenge := range challenges {
+				if challenge.Name == challengeName {
+					// found challenge, check flags
+					foundChallenge = true
+
+					if challenge.Flag == flag {
+						// our user found the flag \o/
+						challenges[index].FoundFlag = true
+						correctFlag = true
+					} else {
+						// ow, bummer :(
+						challenge.FlagTries++
+					}
+					break
 				}
-				break
 			}
 		}
 
 		// if we didn't find the challenge, write an error message
-		errorString := ""
-		if !foundChallenge {
+		if !foundChallenge && errorString != "" {
 			errorString = "no such challenge"
 		}
 
@@ -261,18 +271,26 @@ func startContainerHandler(w http.ResponseWriter, r *http.Request) {
 		http.Redirect(w, r, "/login", http.StatusTemporaryRedirect)
 	} else {
 		// valid session token found, now search for the requested challenge
-		for _, challenge := range challenges {
-			if challenge.Name == challengeName {
-				// found challenge, start container
-
-				cc, err := startChallengeContainer(challenge)
-				if err != nil {
-					log.Println(err.Error())
-					errorString = "Server error."
-				} else {
-					addressString = cc.IP
+
+		// check if we are in the desired timeframe
+		if shouldLimit() {
+			// woops! Limit starting the container.
+			errorString = "Time's up."
+		} else {
+			// we don't need to limit - start the container
+			for _, challenge := range challenges {
+				if challenge.Name == challengeName {
+					// found challenge, start container
+
+					cc, err := startChallengeContainer(challenge)
+					if err != nil {
+						log.Println(err.Error())
+						errorString = "Server error."
+					} else {
+						addressString = cc.IP
+					}
+					break
 				}
-				break
 			}
 		}
 
@@ -332,3 +350,14 @@ func getAccessHandler(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 }
+
+// Returns the configuration for the VPN
+func getTimeLimitHandler(w http.ResponseWriter, r *http.Request) {
+	// We don't need to verify session cookies.
+
+	jsonAnswer, _ := json.Marshal(map[string]string{
+		"endTimestamp": fmt.Sprintf("%d", *endTimestamp),
+		"endAfter": fmt.Sprintf("%d", *endAfter),
+	})
+	w.Write([]byte(jsonAnswer))
+}