Detect vote or response replay/caching

2023-06-03 21:51:07 -07:00
parent 8c8133ff52
commit 3cebbc3425
2 changed files with 22 additions and 6 deletions
--- a/candidate.go
+++ b/candidate.go
@@ -142,6 +142,16 @@ func (c *Candidate) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	if time.Since(v.VoteSent).Abs() > 15*time.Second {
+		http.Error(
+			w,
+			fmt.Sprintf("excessive time difference (%.1f seconds); delay, replay, or clock skew", time.Since(v.VoteSent).Seconds()),
+			http.StatusBadRequest,
+		)
+	}
+
+	c.resp.ResponseSent = time.Now().UTC()
+
 	js = lo.Must(json.Marshal(c.resp))

 	w.Header().Set("Content-Type", "application/json")