Closed xand10 closed 2 years ago
Thanks for the contribution! I'd like to try to address this server-side if possible. What do you think about #216?
I think #216 is a more robust solution than this, yes. I believe the jitter also addresses the issue of a student having a better connection than another to the server.
If this doesn't get approved that is fine! We just wanted to see if we could get a client side solution just in case you wanted to have both a server-side and client-side solution running, although it's perfectly understandable that you maybe don't want too many systems that could potentially interact poorly with one another.
Thanks for getting back to us!
Closing in favor of #216. Thanks for your contribution!
This pull request implements a fix to the issue presented in #147 (Queue sign-ups vulnerable to exploitation by auto clickers).
The idea behind this change is that the reason students are currently able to use an auto clicker to attempt to join the queue is that the button remains accessible while the queue is closed and that there is no penalty associated with clicking on the button while the queue is closed.
We created three states for the “Request Help” button: “Queue Closed”, Disabled, and Active. During “Queue Closed”, the button is active but is shown in a state which suggests to the user that it cannot be interacted with quite yet. Any button clicks while the queue is closed start a timer that disallows students from joining the queue for 10 seconds. This effectively stops students from either using auto clickers or spamming the location of the button manually.
This implementation effectively penalizes students for preemptively attempting to join the queue but does not affect students who simply click join when the queue opens.