Validate messages on the backend

[karranb]

Using a package like Zod, validate the messages send by the socket clients to the socket server, returning UNPROCESSED message when a message is invalid.

EG:

Create expected message parser and type

const SetUsernameMessage = z.object({
  name: z.string(),
  version: z.string(),
  countryCode: z.string().optional(),
});

type SetUsernameMessage = z.infer<typeof SetUsernameMessage>;

validate received unknown message

handleSetUserName(socket: Socket, message: unknown): void {
      ...
      const result = SetUsernameMessage.safeParse(message)
      if (result.success === false) {
        throw new SocketError('Invalid message')
      }
      const { name, version, countryCode } = result.data
      ...
}

• Room (node_server/src/core/game/mixins/room.ts)
• Challenge (node_server/src/core/game/mixins/challenge.ts)
• Game (node_server/src/core/game/mixins/game.ts)

[khanhtranngoccva]

Hi there! I would like to be assigned this issue and try to work on it!

[karranb]

nice! feel free to ping me if you need any help =)

[khanhtranngoccva]

Hey there @karranb, I'd love how I can get the example of a typical message argument in each of the method you want to change, since it might take weeks to familiarize with the codebase.

[khanhtranngoccva]

By the way, I could not run the front-end to test your software and what it sends. I already ran "yarn install" and the runtime reports "process" not found.