lbehm/workadventure
1
0
Fork 0
Code Issues Pull requests Releases Activity

Adding a new endpoint to verify the JWT token server-side before connecting

Browse source
This commit is contained in:
David Négrier 2020-10-15 16:48:42 +02:00
parent 36d73333f5
commit a348001036
2 changed files with 59 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
back/src/Controller/AuthenticateController.ts
View file

@ -3,6 +3,7 @@ import {HttpRequest, HttpResponse, TemplatedApp} from "uWebSockets.js";
import {BaseController} from "./BaseController";
import {adminApi} from "../Services/AdminApi";
import {jwtTokenManager} from "../Services/JWTTokenManager";
import {parse} from "query-string";
export interface TokenInterface {
userUuid: string
@ -13,11 +14,12 @@ export class AuthenticateController extends BaseController {
constructor(private App : TemplatedApp) {
super();
this.register();
this.verify();
this.anonymLogin();
}
//Try to login with an admin token
register(){
private register(){
this.App.options("/register", (res: HttpResponse, req: HttpRequest) => {
this.addCorsHeaders(res);
@ -36,7 +38,7 @@ export class AuthenticateController extends BaseController {
//todo: what to do if the organizationMemberToken is already used?
const organizationMemberToken:string|null = param.organizationMemberToken;
try {
if (typeof organizationMemberToken != 'string') throw new Error('No organization token');
const data = await adminApi.fetchMemberDataByToken(organizationMemberToken);
@ -68,8 +70,41 @@ export class AuthenticateController extends BaseController {
}
private verify(){
this.App.options("/verify", (res: HttpResponse, req: HttpRequest) => {
this.addCorsHeaders(res);
res.end();
});
this.App.get("/verify", (res: HttpResponse, req: HttpRequest) => {
(async () => {
this.addCorsHeaders(res);
const query = parse(req.getQuery());
res.onAborted(() => {
console.warn('verify request was aborted');
})
try {
await jwtTokenManager.createJWTToken(query.token as string);
} catch (e) {
res.writeStatus("400 Bad Request").end(JSON.stringify({
"success": false,
"message": "Invalid JWT token"
}));
}
res.writeStatus("200 OK").end(JSON.stringify({
"success": true
}));
})();
});
}
//permit to login on application. Return token to connect on Websocket IO.
anonymLogin(){
private anonymLogin(){
this.App.options("/anonymLogin", (res: HttpResponse, req: HttpRequest) => {
this.addCorsHeaders(res);

26
front/src/Connexion/ConnectionManager.ts
View file

@ -35,11 +35,16 @@ class ConnectionManager {
const localUser = localUserStore.getLocalUser();
if (localUser && localUser.jwtToken && localUser.uuid) {
this.localUser = localUser
this.localUser = localUser;
try {
await this.verifyToken(localUser.jwtToken);
} catch(e) {
// If the token is invalid, let's generate an anonymous one.
console.error('JWT token invalid. Did it expire? Login anonymously instead.');
await this.anonymousLogin();
}
} else {
const data = await Axios.post(`${API_URL}/anonymLogin`).then(res => res.data);
this.localUser = new LocalUser(data.userUuid, data.authToken);
localUserStore.saveUser(this.localUser);
await this.anonymousLogin();
}
let roomId: string
if (connexionType === GameConnexionTypes.empty) {
@ -54,7 +59,8 @@ class ConnectionManager {
const localUser = localUserStore.getLocalUser();
if (localUser) {
this.localUser = localUser
this.localUser = localUser;
await this.verifyToken(localUser.jwtToken);
const room = new Room(window.location.pathname + window.location.hash);
return Promise.resolve(room);
} else {
@ -66,6 +72,16 @@ class ConnectionManager {
return Promise.reject('Invalid URL');
}
private async verifyToken(token: string): Promise<void> {
await Axios.get(`${API_URL}/verify`, {params: {token}});
}
private async anonymousLogin(): Promise<void> {
const data = await Axios.post(`${API_URL}/anonymLogin`).then(res => res.data);
this.localUser = new LocalUser(data.userUuid, data.authToken);
localUserStore.saveUser(this.localUser);
}
public initBenchmark(): void {
this.localUser = new LocalUser('', 'test');
}