From c5f8b43fec79ac7f480b72acfdd8cd89530c103a Mon Sep 17 00:00:00 2001 From: arp Date: Fri, 9 Oct 2020 16:18:25 +0200 Subject: [PATCH] more fixes --- back/src/Controller/IoSocketController.ts | 22 +++++++++++++++------- back/src/Services/AdminApi.ts | 15 ++++++++++----- front/src/Connexion/ConnectionManager.ts | 1 + 3 files changed, 26 insertions(+), 12 deletions(-) diff --git a/back/src/Controller/IoSocketController.ts b/back/src/Controller/IoSocketController.ts index 30f14134..36a52e46 100644 --- a/back/src/Controller/IoSocketController.ts +++ b/back/src/Controller/IoSocketController.ts @@ -106,7 +106,11 @@ export class IoSocketController { }); try { + const url = req.getUrl(); const query = parse(req.getQuery()); + const websocketKey = req.getHeader('sec-websocket-key'); + const websocketProtocol = req.getHeader('sec-websocket-protocol'); + const websocketExtensions = req.getHeader('sec-websocket-extensions'); const roomId = req.getUrl().substr(6); @@ -134,10 +138,14 @@ export class IoSocketController { const userUuid = await jwtTokenManager.getUserUuidFromToken(token); + console.log('uuid', userUuid); const isGranted = await adminApi.memberIsGrantedAccessToRoom(userUuid, roomId); if (!isGranted) { - throw Error('Client cannot acces this ressource.'); + console.log('access not granted for user '+userUuid+' and room '+roomId); + throw new Error('Client cannot acces this ressource.') + } else { + console.log('access granted for user '+userUuid+' and room '+roomId); } if (upgradeAborted.aborted) { @@ -149,7 +157,7 @@ export class IoSocketController { /* This immediately calls open handler, you must not use res after this call */ res.upgrade({ // Data passed here is accessible on the "websocket" socket object. - url: req.getUrl(), + url, token, userUuid, roomId, @@ -169,17 +177,17 @@ export class IoSocketController { } }, /* Spell these correctly */ - req.getHeader('sec-websocket-key'), - req.getHeader('sec-websocket-protocol'), - req.getHeader('sec-websocket-extensions'), + websocketKey, + websocketProtocol, + websocketExtensions, context); } catch (e) { if (e instanceof Error) { - console.warn(e.message); + console.log(e.message); res.writeStatus("401 Unauthorized").end(e.message); } else { - console.warn(e); + console.log(e); res.writeStatus("500 Internal Server Error").end('An error occurred'); } return; diff --git a/back/src/Services/AdminApi.ts b/back/src/Services/AdminApi.ts index de28e4ef..79a68810 100644 --- a/back/src/Services/AdminApi.ts +++ b/back/src/Services/AdminApi.ts @@ -1,5 +1,5 @@ import {ADMIN_API_TOKEN, ADMIN_API_URL} from "../Enum/EnvironmentVariable"; -import Axios from "axios"; +import Axios, {AxiosError} from "axios"; export interface AdminApiData { organizationSlug: string @@ -26,10 +26,15 @@ class AdminApi { if (!ADMIN_API_URL) { return Promise.reject('No admin backoffice set!'); } - const res = await Axios.get(ADMIN_API_URL+'/api/member/'+memberId+'/is-granted-access/'+roomId, - { headers: {"Authorization" : `${ADMIN_API_TOKEN}`} } - ) - return res.data === true; + try { + const res = await Axios.get(ADMIN_API_URL+'/api/member/is-granted-access', + { headers: {"Authorization" : `${ADMIN_API_TOKEN}`}, params: {memberId, roomIdentifier: roomId} } + ) + return !!res.data; + } catch (e) { + console.log(e.message) + return false; + } } } diff --git a/front/src/Connexion/ConnectionManager.ts b/front/src/Connexion/ConnectionManager.ts index 06f8fe03..7863df2f 100644 --- a/front/src/Connexion/ConnectionManager.ts +++ b/front/src/Connexion/ConnectionManager.ts @@ -36,6 +36,7 @@ class ConnectionManager { this.userUuid = data.userUuid; this.mapUrlStart = data.mapUrlStart; const newUrl = data.newUrl; + console.log('u', this.userUuid) if (newUrl) { history.pushState({}, '', newUrl);