From 81a08101e9bc1c33bad8795f73d7d94bd74bd74f Mon Sep 17 00:00:00 2001
From: hippoz <paperplanelive@gmail.com>
Date: Wed, 8 Sep 2021 01:02:08 +0300
Subject: [PATCH] fix secret.js and disallow YOO packet after user is already
 authenticated

---
 brainlet/api/v2/gateway/index.js | 1 +
 brainlet/secret.js               | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/brainlet/api/v2/gateway/index.js b/brainlet/api/v2/gateway/index.js
index 106fef6..465a33a 100644
--- a/brainlet/api/v2/gateway/index.js
+++ b/brainlet/api/v2/gateway/index.js
@@ -106,6 +106,7 @@ class GatewayServer extends EventEmitter {
                     const message = parseMessage(data.toString());
                     switch (message.opcodeType) {
                     case "YOO": {
+                        if (ws.session.authenticated) return closeConnectionWithCode(ws, wsCloseCodes.PAYLOAD_ERROR);
                         // The client has responded to our HELLO with a YOO packet
                         try {
                             const user = await checkToken(message.data.token);
diff --git a/brainlet/secret.js b/brainlet/secret.js
index 89ea062..26e1147 100755
--- a/brainlet/secret.js
+++ b/brainlet/secret.js
@@ -1,10 +1,10 @@
 module.exports = {
-    jwtPrivateKey: "KjEY",
+    jwtPrivateKey: "KEY",
 };
 
 // Set default values
 // You shouldn't need to touch this for configuring this
 if (module.exports.jwtPrivateKey === "KEY") {
-    console.error("[*] [config] jwtPrivateKey was not specified in secret.js. A randomly generated private key will be used instead.");
+    console.error("config: secret: jwtPrivateKey was not specified in secret.js. A randomly generated private key will be used instead.");
     module.exports.jwtPrivateKey = require("crypto").randomBytes(129).toString("base64");
 }