a %iB"@sdZddlZddlZddlZddlmZddlmZmZm Z ddl Z ddl m Z e e dddZGd d d Ze eeeeeefd d d Ze eeefdddZdS)z] Purchase Validation and Anti-Cheat Handles rate limiting, idempotency, and IAP validation. N)wraps)DictAnyOptional)get_database_connection) max_calls time_windowcsifdd}|S)a Rate limiting decorator. Args: max_calls: Maximum calls allowed time_window: Time window in seconds Usage: @rate_limit(max_calls=10, time_window=60) def some_function(player_id: int, ...): ... cs$ttdfdd }|S)N) player_idcst|vr.fdd|D|<ng|<t|krjtd|djddddS||g|Ri|S) Ncsg|]}|kr|qSr ).0t)nowrr 8/var/www/lichun.app/lichun/ws/monetization/validation.py &zBrate_limit..decorator..wrapper..zRate limit exceeded for player z on Fz-Too many requests. Please wait and try again.ZRATE_LIMIT_EXCEEDEDsuccessmessage error_code)timelenloggingwarning__name__append)r argskwargs)callsfuncrr)r rwrapper sz.rate_limit..decorator..wrapper)rint)rrrrr)rr decoratorszrate_limit..decoratorr )rrr"r r!r rate_limits r#c@sXeZdZdZeeeedddZeeedddZ eeee ee fdd d Z d S) IdempotencyManagerzN Prevent double-processing of transactions (especially IAP receipts). )r transaction_idreturncCst|d|S)z Generate idempotency key from transaction. Args: player_id: The player's ID transaction_id: Unique transaction ID Returns: SHA256 hash as idempotency key :)hashlibsha256encode hexdigest)r r%r r r generate_keyBs zIdempotencyManager.generate_key)idempotency_keyr&c Csd}d}zzPt}|jdd}|d|f|}|ddkWW|rN||rZ|Sty}z8td|WYd}~W|r||r|dSd}~00W|r||r|n|r||r|0dS) z Check if transaction already processed. Args: idempotency_key: The idempotency key Returns: True if already processed, False otherwise NT) dictionaryzOSELECT COUNT(*) as count FROM processed_transactions WHERE idempotency_key = %scountrz Error checking idempotency key: F)rcursorexecutefetchoneclose Exceptionrerror)r-connr0resulter r rcheck_processedPs@    z"IdempotencyManager.check_processed)r-r transaction_datac Csd}d}zz2t}|}|d||t|f|Wn@ty|}z(|rX|t d|WYd}~n d}~00W|r| |r| n|r| |r| 0dS)z Mark transaction as processed. Args: idempotency_key: The idempotency key player_id: The player's ID transaction_data: Transaction data to store NzINSERT INTO processed_transactions (idempotency_key, player_id, transaction_data) VALUES (%s, %s, %s)z(Error marking transaction as processed: ) rr0r1jsondumpscommitr4rollbackrr5r3)r-r r:r6r0r8r r rmark_processedts,  ( z!IdempotencyManager.mark_processedN) r __module__ __qualname____doc__ staticmethodr strr,boolr9rrr?r r r rr$=s #r$)r receipt_datar% product_idr&c Cs@t||}t|r2td|ddddSdddd d }zd d i}|d d krt||||d d||d }|d krddlm}||d||d|d|ddWSddddWSn(t d|d|d ddddWSWnLt y:} z2tj d|d| ddddd dWYd!} ~ Sd!} ~ 00d!S)"a, Validate IAP purchase with Apple. Args: player_id: The player's ID receipt_data: Base64 encoded receipt from Apple transaction_id: Unique transaction ID product_id: Product identifier Returns: dict with 'success' and 'diamonds_awarded' keys z%Duplicate IAP transaction attempted: FzTransaction already processedZDUPLICATE_TRANSACTIONrdi,ii)zcom.baolife.diamonds.smallzcom.baolife.diamonds.mediumzcom.baolife.diamonds.largezcom.baolife.diamonds.megastatusrr)r%rGZvalidation_status)award_diamondsZ iap_purchase_TzSuccessfully purchased z diamonds)rdiamonds_awardedrzInvalid product IDZINVALID_PRODUCTz!IAP validation failed for player z : status zPurchase validation failedZVALIDATION_FAILEDz Error validating IAP for player z: )exc_infozServer error during validation SERVER_ERRORN) r$r,r9rrr?getdiamond_economyrKr5r4) r rFr%rGZidem_keyZdiamond_packagesZvalidation_resultZdiamond_amountrKr8r r rvalidate_iap_receiptsV         rQ)r message_datac Cs|d}|d}|d}t|||gsB||dddddSt||||}|d r||d d |d |d dddlm}||}||d|dn||d|dd|d ddS)z WebSocket handler for IAP validation. Args: player_id: The player's ID message_data: Message containing receipt_data, transaction_id, product_id send_to_client: Function to send response to client rFr%rGr5INVALID_REQUESTz*Missing required fields for IAP validation)typerrNrZpurchaseValidatedTrLr)rTrrLrrJ)get_diamond_balanceZ diamondUpdate)rTZbalancerPURCHASE_FAILED)rOallrQrPrU) r rRsend_to_clientrFr%rGr7rU new_balancer r rhandle_validate_purchases:      rZ)rBr(rr; functoolsrtypingrrrrdatabaserr r#r$rDrQrZr r r rs  -] X