Briq
/
multiparty-meeting
7
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fixed server security issues.

master
Håvar Aambø Fosstveit 2019-10-24 00:01:24 +02:00
parent 6596deda2a
commit 1be82b45d8
2 changed files with 36 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
server/package.json
View File

@ -9,12 +9,15 @@
"dependencies": { "dependencies": {
"awaitqueue": "^1.0.0", "awaitqueue": "^1.0.0",
"base-64": "^0.1.0", "base-64": "^0.1.0",
"body-parser": "^1.19.0",
"colors": "^1.4.0", "colors": "^1.4.0",
"compression": "^1.7.4", "compression": "^1.7.4",
"cookie-parser": "^1.4.4",
"debug": "^4.1.1", "debug": "^4.1.1",
"express": "^4.17.1", "express": "^4.17.1",
"express-session": "^1.17.0", "express-session": "^1.17.0",
"express-socket.io-session": "^1.3.5", "express-socket.io-session": "^1.3.5",
"helmet": "^3.21.2",
"mediasoup": "^3.0.12", "mediasoup": "^3.0.12",
"openid-client": "^3.7.3", "openid-client": "^3.7.3",
"passport": "^0.4.0", "passport": "^0.4.0",

47
server/server.js
View File

@ -7,12 +7,15 @@ const fs = require('fs');
const http = require('http'); const http = require('http');
const spdy = require('spdy'); const spdy = require('spdy');
const express = require('express'); const express = require('express');
const bodyParser = require('body-parser');
const cookieParser = require('cookie-parser');
const compression = require('compression'); const compression = require('compression');
const mediasoup = require('mediasoup'); const mediasoup = require('mediasoup');
const AwaitQueue = require('awaitqueue'); const AwaitQueue = require('awaitqueue');
const Logger = require('./lib/Logger'); const Logger = require('./lib/Logger');
const Room = require('./lib/Room'); const Room = require('./lib/Room');
const base64 = require('base-64'); const base64 = require('base-64');
const helmet = require('helmet');
// auth // auth
const passport = require('passport'); const passport = require('passport');
const { Issuer, Strategy } = require('openid-client'); const { Issuer, Strategy } = require('openid-client');
@ -49,20 +52,24 @@ const tls =
const app = express(); const app = express();
app.use(helmet.hsts());
app.use(cookieParser());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
const session = expressSession({ const session = expressSession({
secret : config.cookieSecret, secret : config.cookieSecret,
resave : true, resave : true,
saveUninitialized : true, saveUninitialized : true,
cookie : { secure: true } cookie : {
secure : true,
httpOnly : true
}
}); });
app.use(session); app.use(session);
let httpsServer;
let io;
let oidcClient;
let oidcStrategy;
passport.serializeUser((user, done) => passport.serializeUser((user, done) =>
{ {
done(null, user); done(null, user);
@ -73,6 +80,11 @@ passport.deserializeUser((user, done) =>
done(null, user); done(null, user);
}); });
let httpsServer;
let io;
let oidcClient;
let oidcStrategy;
const auth = config.auth; const auth = config.auth;
async function run() async function run()
@ -261,15 +273,20 @@ async function setupAuth(oidcIssuer)
room.peerAuthenticated(state.peerId); room.peerAuthenticated(state.peerId);
io.sockets.socket(state.id).emit('notification', const socket = io.sockets.socket(state.id);
{
method : 'auth', if (socket)
data : {
socket.emit('notification',
{ {
displayName : displayName, method : 'auth',
picture : photo data :
} {
}); displayName : displayName,
picture : photo
}
});
}
res.send(''); res.send('');
} }
@ -335,6 +352,8 @@ async function runWebSocketServer()
{ {
const { roomId, peerId } = socket.handshake.query; const { roomId, peerId } = socket.handshake.query;
logger.info('socket.io "connection" | [session:"%o"]', socket.handshake.session);
if (!roomId || !peerId) if (!roomId || !peerId)
{ {
logger.warn('connection request without roomId and/or peerId'); logger.warn('connection request without roomId and/or peerId');