rooooms are mostly dooone, misc routes, instance management stubs, and matchmaking base

src/routes/match/root.ts

@@ -1,7 +1,50 @@
 import { createHonoRoute, routeImporter } from "../../util/import.ts";
+import { Context, Next } from "@hono/hono";
+import z from "zod";
+import { HonoEnv } from "../../util/types.ts";
+import { statusResponse } from "../../util/api.ts";
+import { HTTPStatus } from "@oneday/http-status";
+import Logging from "@proxnet/undead-logging";
+
+const log = new Logging("MatchRoute");
 
 export const route = createHonoRoute('/match');
 
+const loginLockBodySchema = z.object({
+    LoginLock: z.uuidv4()
+});
+export const loginLockMiddleware = async (c: Context<HonoEnv>, nxt: Next) => {
+    function unauthorized() {
+        return statusResponse(c, HTTPStatus.Unauthorized);
+    }
+
+    if (c.req.header("Content-Type") !== "application/x-www-form-urlencoded") return unauthorized();
+    try {
+        const form = await c.req.formData();
+
+        const body = await loginLockBodySchema.safeParseAsync(Object.fromEntries(form.entries()));
+        if (body.success) {
+            if (typeof c.get('profile') == 'undefined') {
+                log.w(`Profile was not set, cannot validate LoginLock. Was the request authorized?`);
+                return statusResponse(c, HTTPStatus.InternalServerError);
+            }
+
+            const profile = c.get('profile');
+
+            const loginLock = await profile.Matchmaking.getLoginLock();
+            if (!loginLock) await profile.Matchmaking.setLoginLock(body.data.LoginLock);
+            else if (body.data.LoginLock !== loginLock) {
+                log.w(`LoginLock did not match. The token for this profile could be compromised or the client is an unknown state.`);
+                return unauthorized();
+            }
+            
+            return await nxt();
+        } else return unauthorized();
+    } catch {
+        return unauthorized();
+    }
+}
+
 await routeImporter(route.app, 'src/routes/match/', [
     'routes'
 ]);