From 3c9252d0a5056cf29a1a768eb9a4262ca3b78705 Mon Sep 17 00:00:00 2001
From: Thibault Duplessis <thibault.duplessis@gmail.com>
Date: Thu, 20 Sep 2012 18:33:33 +0200
Subject: [PATCH] improve firewall

---
 app/security/AuthImpl.scala | 2 +-
 app/security/Firewall.scala | 7 +++++++
 todo                        | 1 +
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/security/AuthImpl.scala b/app/security/AuthImpl.scala
index 15f5462305..1b0eff9de8 100644
--- a/app/security/AuthImpl.scala
+++ b/app/security/AuthImpl.scala
@@ -68,7 +68,7 @@ trait AuthImpl {
 
   protected def restoreUser(req: RequestHeader): Option[User] = for {
     sessionId ← req.session.get("sessionId")
-    if env.security.firewall accepts req
+    if env.security.firewall acceptsOrLog req
     username ← env.security.store.getUsername(sessionId)
     user ← (env.user.userRepo byId username).unsafePerformIO
   } yield user
diff --git a/app/security/Firewall.scala b/app/security/Firewall.scala
index 07573288e9..b7ed2c3d3b 100644
--- a/app/security/Firewall.scala
+++ b/app/security/Firewall.scala
@@ -37,6 +37,13 @@ final class Firewall(
 
   def accepts(req: RequestHeader): Boolean = !blocks(req)
 
+  def acceptsOrLog(req: RequestHeader): Boolean =
+    if (accepts(req)) true
+    else {
+      logBlock(req)
+      false
+    }
+
   def refresh { ips = fetch }
 
   def blockIp(ip: String) {
diff --git a/todo b/todo
index 3849be9681..4726f77aa9 100644
--- a/todo
+++ b/todo
@@ -52,3 +52,4 @@ send lobby new forum posts html through websockets
 in table, hide lichess_control when it's empty (watcher mode)
 BUG tournament idle resign: based on 20 seconds added time! can make black resign by playing after 19s
 tournament join, sometimes withdraws by cron
+tournament: no cheater