From 2ded8ba8580f49741e0d5e436f65561c8dd9ef18 Mon Sep 17 00:00:00 2001 From: syuilo Date: Fri, 6 Jan 2017 01:45:02 +0900 Subject: [PATCH] Fix bug, Support thirdparty streaming access --- src/api/streaming.ts | 40 +++++++++++++------ src/web/app/boot.js | 2 +- .../app/common/scripts/messaging-stream.ls | 2 +- src/web/app/common/scripts/stream.ls | 5 +-- 4 files changed, 31 insertions(+), 18 deletions(-) diff --git a/src/api/streaming.ts b/src/api/streaming.ts index 38068d1e3d..93d5f217b9 100644 --- a/src/api/streaming.ts +++ b/src/api/streaming.ts @@ -2,6 +2,7 @@ import * as http from 'http'; import * as websocket from 'websocket'; import * as redis from 'redis'; import User from './models/user'; +import Userkey from './models/userkey'; import homeStream from './stream/home'; import messagingStream from './stream/messaging'; @@ -17,7 +18,13 @@ module.exports = (server: http.Server) => { ws.on('request', async (request) => { const connection = request.accept(); - const user = await authenticate(connection); + const user = await authenticate(connection, request.resourceURL.query.i); + + if (user == null) { + connection.send('authentication-failed'); + connection.close(); + return; + } // Connect to Redis const subscriber = redis.createClient( @@ -41,29 +48,36 @@ module.exports = (server: http.Server) => { }); }; -function authenticate(connection: websocket.connection): Promise { - return new Promise((resolve, reject) => { - // Listen first message - connection.once('message', async (data) => { - const msg = JSON.parse(data.utf8Data); - +function authenticate(connection: websocket.connection, token: string): Promise { + return new Promise(async (resolve, reject) => { + if (token[0] == '!') { // Fetch user // SELECT _id const user = await User .findOne({ - token: msg.i + token: token }, { _id: true }); - if (user === null) { - connection.close(); - return; + resolve(user); + } else { + const userkey = await Userkey.findOne({ + key: token + }); + + if (userkey == null) { + return reject('invalid userkey'); } - connection.send('authenticated'); + // Fetch user + // SELECT _id + const user = await User + .findOne({ _id: userkey.user_id }, { + _id: true + }); resolve(user); - }); + } }); } diff --git a/src/web/app/boot.js b/src/web/app/boot.js index 5067600c6c..e8e504c2bb 100644 --- a/src/web/app/boot.js +++ b/src/web/app/boot.js @@ -39,7 +39,7 @@ try { checkForUpdate(); // Get token from cookie -const i = (document.cookie.match(/i=(\w+)/) || [null, null])[1]; +const i = (document.cookie.match(/i=(!\w+)/) || [null, null])[1]; // ユーザーをフェッチしてコールバックする module.exports = callback => { diff --git a/src/web/app/common/scripts/messaging-stream.ls b/src/web/app/common/scripts/messaging-stream.ls index 298285dc93..ac3e74f1f5 100644 --- a/src/web/app/common/scripts/messaging-stream.ls +++ b/src/web/app/common/scripts/messaging-stream.ls @@ -9,7 +9,7 @@ class Connection @event = riot.observable! @me = me host = CONFIG.api.url.replace \http \ws - @socket = new ReconnectingWebSocket "#{host}/messaging?otherparty=#{otherparty}" + @socket = new ReconnectingWebSocket "#{host}/messaging?i=#{me.token}&otherparty=#{otherparty}" @socket.add-event-listener \open @on-open @socket.add-event-listener \message @on-message diff --git a/src/web/app/common/scripts/stream.ls b/src/web/app/common/scripts/stream.ls index 534048248f..64ae03817a 100644 --- a/src/web/app/common/scripts/stream.ls +++ b/src/web/app/common/scripts/stream.ls @@ -9,13 +9,12 @@ module.exports = (me) ~> state-ev = riot.observable! event = riot.observable! - socket = new ReconnectingWebSocket CONFIG.api.url.replace \http \ws + host = CONFIG.api.url.replace \http \ws + socket = new ReconnectingWebSocket "#{host}?i=#{me.token}" socket.onopen = ~> state := \connected state-ev.trigger \connected - socket.send JSON.stringify do - i: me.token socket.onclose = ~> state := \reconnecting