workadventure/back/src/Controller/AuthenticateController.ts

import Jwt from "jsonwebtoken";
import {ADMIN_API_TOKEN, ADMIN_API_URL, SECRET_KEY, URL_ROOM_STARTED} from "../Enum/EnvironmentVariable"; //TODO fix import by "_Enum/..."
import { uuid } from 'uuidv4';
import {HttpRequest, HttpResponse, TemplatedApp} from "uWebSockets.js";
import {BaseController} from "./BaseController";
import {adminApi, AdminApiData} from "../Services/AdminApi";

export interface TokenInterface {
    userUuid: string
}

export class AuthenticateController extends BaseController {

    constructor(private App : TemplatedApp) {
        super();
        this.login();
    }

    //permit to login on application. Return token to connect on Websocket IO.
    login(){
        this.App.options("/login", (res: HttpResponse, req: HttpRequest) => {
            this.addCorsHeaders(res);

            res.end();
        });

        this.App.post("/login", (res: HttpResponse, req: HttpRequest) => {
            (async () => {
                this.addCorsHeaders(res);

                res.onAborted(() => {
                    console.warn('Login request was aborted');
                })
                const host = req.getHeader('host');
                const param = await res.json();

                //todo: what to do if the organizationMemberToken is already used?
                const organizationMemberToken:string|null = param.organizationMemberToken;
                const mapSlug:string|null = param.mapSlug;

                try {
                    let userUuid;
                    let mapUrlStart;
                    let newUrl: string|null = null;

                    if (organizationMemberToken) {
                        const data = await adminApi.fetchMemberDataByToken(organizationMemberToken);

                        userUuid = data.userUuid;
                        mapUrlStart = data.mapUrlStart;
                        newUrl = this.getNewUrlOnAdminAuth(data)
                    } else if (mapSlug !== null) {
                        userUuid = uuid();
                        mapUrlStart = mapSlug;
                        newUrl = null;
                    } else {
                        userUuid = uuid();
                        mapUrlStart = host.replace('api.', 'maps.') + URL_ROOM_STARTED;
                        newUrl = '_/global/'+mapUrlStart;
                    }

                    const authToken = Jwt.sign({userUuid: userUuid}, SECRET_KEY, {expiresIn: '24h'});
                    res.writeStatus("200 OK").end(JSON.stringify({
                        authToken,
                        userUuid,
                        mapUrlStart,
                        newUrl,
                    }));

                } catch (e) {
                    console.log("An error happened", e)
                    res.writeStatus(e.status || "500 Internal Server Error").end('An error happened');
                }


            })();
        });
    }

    private getNewUrlOnAdminAuth(data:AdminApiData): string {
        const organizationSlug = data.organizationSlug;
        const worldSlug = data.worldSlug;
        const roomSlug = data.roomSlug;
        return '/@/'+organizationSlug+'/'+worldSlug+'/'+roomSlug;
    }
}
Refactor & Typo 2020-04-05 14:31:49 +02:00			`import Jwt from "jsonwebtoken";`
rewrote the login workflow 2020-09-25 18:29:22 +02:00			`import {ADMIN_API_TOKEN, ADMIN_API_URL, SECRET_KEY, URL_ROOM_STARTED} from "../Enum/EnvironmentVariable"; //TODO fix import by "_Enum/..."`
Multi players on the map - Fix share user position - Fix initialise map - Create function to add user on the map with back end data 2020-04-10 12:54:05 +02:00			`import { uuid } from 'uuidv4';`
Migrating to uWS 2020-09-28 18:52:54 +02:00			`import {HttpRequest, HttpResponse, TemplatedApp} from "uWebSockets.js";`
			`import {BaseController} from "./BaseController";`
temp 2020-10-06 15:37:00 +02:00			`import {adminApi, AdminApiData} from "../Services/AdminApi";`
Add authenticate - Create new controller authenticate with login root.. - Update and manage error message socket io. - Create enum for environment variables 2020-04-04 17:22:02 +02:00
Removing all "any" from back. To do this, I used generic-type-guard package which generates both an interface AND a valid type guard from code. With this, we are 100% sure that the messages we receive are validated at runtime! The client cannot pass us an object that is invalid! \o/ 2020-06-09 23:07:19 +02:00			`export interface TokenInterface {`
improvments 2020-09-28 15:02:37 +02:00			`userUuid: string`
Removing all "any" from back. To do this, I used generic-type-guard package which generates both an interface AND a valid type guard from code. With this, we are 100% sure that the messages we receive are validated at runtime! The client cannot pass us an object that is invalid! \o/ 2020-06-09 23:07:19 +02:00			`}`

Migrating to uWS 2020-09-28 18:52:54 +02:00			`export class AuthenticateController extends BaseController {`
Add authenticate - Create new controller authenticate with login root.. - Update and manage error message socket io. - Create enum for environment variables 2020-04-04 17:22:02 +02:00
Migrating to uWS 2020-09-28 18:52:54 +02:00			`constructor(private App : TemplatedApp) {`
			`super();`
Add authenticate - Create new controller authenticate with login root.. - Update and manage error message socket io. - Create enum for environment variables 2020-04-04 17:22:02 +02:00			`this.login();`
			`}`

			`//permit to login on application. Return token to connect on Websocket IO.`
			`login(){`
Migrating to uWS 2020-09-28 18:52:54 +02:00			`this.App.options("/login", (res: HttpResponse, req: HttpRequest) => {`
			`this.addCorsHeaders(res);`

			`res.end();`
			`});`

Linting app 2020-09-29 16:12:17 +02:00			`this.App.post("/login", (res: HttpResponse, req: HttpRequest) => {`
			`(async () => {`
			`this.addCorsHeaders(res);`

			`res.onAborted(() => {`
			`console.warn('Login request was aborted');`
			`})`
Adding back authentication to uws websocket 2020-09-30 10:12:40 +02:00			`const host = req.getHeader('host');`
Linting app 2020-09-29 16:12:17 +02:00			`const param = await res.json();`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00
			`//todo: what to do if the organizationMemberToken is already used?`
			`const organizationMemberToken:string\|null = param.organizationMemberToken;`
simplified mapUrl parsing 2020-10-08 18:51:24 +02:00			`const mapSlug:string\|null = param.mapSlug;`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00
			`try {`
			`let userUuid;`
			`let mapUrlStart;`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into feature/global-message + migrating to protobuf messages # Conflicts: # back/src/App.ts # back/src/Controller/IoSocketController.ts # back/yarn.lock # front/src/Connection.ts # front/src/Phaser/Game/GameScene.ts # front/src/Phaser/Login/EnableCameraScene.ts # front/src/WebRtc/SimplePeer.ts 2020-10-01 14:11:34 +02:00			`let newUrl: string\|null = null;`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00
			`if (organizationMemberToken) {`
temp 2020-10-06 15:37:00 +02:00			`const data = await adminApi.fetchMemberDataByToken(organizationMemberToken);`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00
			`userUuid = data.userUuid;`
			`mapUrlStart = data.mapUrlStart;`
			`newUrl = this.getNewUrlOnAdminAuth(data)`
simplified mapUrl parsing 2020-10-08 18:51:24 +02:00			`} else if (mapSlug !== null) {`
			`userUuid = uuid();`
			`mapUrlStart = mapSlug;`
			`newUrl = null;`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00			`} else {`
			`userUuid = uuid();`
Adding back authentication to uws websocket 2020-09-30 10:12:40 +02:00			`mapUrlStart = host.replace('api.', 'maps.') + URL_ROOM_STARTED;`
simplified mapUrl parsing 2020-10-08 18:51:24 +02:00			`newUrl = '_/global/'+mapUrlStart;`
rewrote the login workflow 2020-09-25 18:29:22 +02:00			`}`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00
			`const authToken = Jwt.sign({userUuid: userUuid}, SECRET_KEY, {expiresIn: '24h'});`
			`res.writeStatus("200 OK").end(JSON.stringify({`
			`authToken,`
			`userUuid,`
			`mapUrlStart,`
			`newUrl,`
			`}));`

			`} catch (e) {`
Adding back authentication to uws websocket 2020-09-30 10:12:40 +02:00			`console.log("An error happened", e)`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00			`res.writeStatus(e.status \|\| "500 Internal Server Error").end('An error happened');`
rewrote the login workflow 2020-09-25 18:29:22 +02:00			`}`


Linting app 2020-09-29 16:12:17 +02:00			`})();`
Fix mediam stream manage and server back down 2020-05-23 14:00:36 +02:00			`});`
Add authenticate - Create new controller authenticate with login root.. - Update and manage error message socket io. - Create enum for environment variables 2020-04-04 17:22:02 +02:00			`}`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00
improvments 2020-09-28 15:02:37 +02:00			`private getNewUrlOnAdminAuth(data:AdminApiData): string {`
rewrote the login workflow 2020-09-25 18:29:22 +02:00			`const organizationSlug = data.organizationSlug;`
			`const worldSlug = data.worldSlug;`
			`const roomSlug = data.roomSlug;`
			`return '/@/'+organizationSlug+'/'+worldSlug+'/'+roomSlug;`
			`}`
Completely getting rid of "userid" Previously, userid was generated by the "/login" route and passed along. This commit completely removes the uuid "userid" (and disables the LoginController too and any Jwt check). "userid" is replaced by the "socket id" of the connection. So a user is now identified using a socket id, which is unique for a given connection. 2020-05-14 23:19:48 +02:00			`}`