Further work on sessions and authentication

2019-10-18 14:56:02 +02:00 · 2019-10-18 14:56:02 +02:00 · 4181afd1a3
parent 3495245e37
commit 4181afd1a3
5 changed files with 103 additions and 34 deletions
--- a/app/src/RoomClient.js
+++ b/app/src/RoomClient.js
@ -305,7 +305,7 @@ export default class RoomClient

 	login()
 	{
-		const url = `/auth/login?roomId=${this._roomId}&peerId=${this._peerId}`;
+		const url = `/auth/login?id=${this._signalingSocket.io.engine.id}`;

 		this._loginWindow = window.open(url, 'loginWindow');
 	}
--- a/server/lib/Lobby.js
+++ b/server/lib/Lobby.js
@ -34,6 +34,32 @@ class Lobby extends EventEmitter
 		this._peers = {};
 	}

+	authCallback(data, roomLocked)
+	{
+		logger.debug('authCallback() | [data:"%o", roomLocked:"%s"]', data, roomLocked);
+
+		const {
+			peerId,
+			displayName,
+			picture
+		} = data;
+
+		const peer = this._peers[peerId];
+
+		if (peer)
+		{
+			this._notification(peer.socket, 'auth', {
+				displayName : displayName,
+				picture     : picture
+			});
+
+			if (!roomLocked)
+			{
+				this.promotePeer(peerId);
+			}
+		}
+	}
+
 	peerList()
 	{
 		logger.info('peerList()');
@ -41,6 +67,11 @@ class Lobby extends EventEmitter
 		return Object.values(this._peers).map((peer) => ({ peerId: peer.peerId, displayName: peer.displayName }));
 	}

+	hasPeer(peerId)
+	{
+		return Boolean(this._peers[peerId]);
+	}
+
 	promoteAllPeers()
 	{
 		logger.info('promoteAllPeers()');
@ -58,9 +89,12 @@ class Lobby extends EventEmitter

 		const peer = this._peers[peerId];

-		this.emit('promotePeer', peer);
+		if (peer)
+		{
+			this.emit('promotePeer', peer);

-		delete this._peers[peerId];
+			delete this._peers[peerId];
+		}
 	}

 	parkPeer({ peerId, consume, socket })
@ -119,6 +153,20 @@ class Lobby extends EventEmitter
 			}
 		}
 	}
+
+	_notification(socket, method, data = {}, broadcast = false)
+	{
+		if (broadcast)
+		{
+			socket.broadcast.to(this._roomId).emit(
+				'notification', { method, data }
+			);
+		}
+		else
+		{
+			socket.emit('notification', { method, data });
+		}
+	}
 }

 module.exports = Lobby;
--- a/server/lib/Room.js
+++ b/server/lib/Room.js
@ -260,6 +260,10 @@ class Room extends EventEmitter
 				picture     : picture
 			});
 		}
+		else if (this._lobby.hasPeer(peerId))
+		{
+			this._lobby.authCallback(data, this._locked);
+		}
 	}

 	_handlePeer({ peer, consume })
--- a/server/package.json
+++ b/server/package.json
@ -11,12 +11,16 @@
    "base-64": "^0.1.0",
    "colors": "^1.1.2",
    "compression": "^1.7.3",
+    "connect-redis": "^4.0.3",
+    "cookie-parser": "^1.4.4",
    "debug": "^4.1.0",
    "express": "^4.16.3",
    "express-session": "^1.16.1",
    "mediasoup": "^3.0.12",
    "openid-client": "^2.5.0",
    "passport": "^0.4.0",
+    "passport.socketio": "^3.7.0",
+    "redis": "^2.8.0",
    "socket.io": "^2.1.1",
    "spdy": "^4.0.0"
  },
--- a/server/server.js
+++ b/server/server.js
@ -20,6 +20,12 @@ const base64 = require('base-64');
 const passport = require('passport');
 const { Issuer, Strategy } = require('openid-client');
 const session = require('express-session');
+const passportSocketIo = require('passport.socketio');
+const cookieParser = require('cookie-parser');
+// Session storage
+const redis = require('redis');
+const RedisStore = require('connect-redis')(session);
+const redisClient = redis.createClient();

 /* eslint-disable no-console */
 console.log('- process.env.DEBUG:', process.env.DEBUG);
@ -49,6 +55,8 @@ const tls =
 	key  : fs.readFileSync(config.tls.key)
 };

+const sessionStore = new RedisStore({ client: redisClient });
+
 const app = express();
 let httpsServer;
 let oidcClient;
@ -202,6 +210,7 @@ async function setupAuth(oidcIssuer)
 		secret            : config.cookieSecret,
 		resave            : true,
 		saveUninitialized : true,
+		store             : sessionStore,
 		cookie            : { secure: true }
 	}));

@ -213,9 +222,8 @@ async function setupAuth(oidcIssuer)
 	{
 		passport.authenticate('oidc', {
 			state : base64.encode(JSON.stringify({
-				roomId : req.query.roomId,
-				peerId : req.query.peerId,
-				code   : utils.random(10)
+				id   : req.query.id,
+				code : utils.random(10)
 			}))
 		})(req, res, next);
 	});
@ -235,39 +243,37 @@ async function setupAuth(oidcIssuer)
 		{
 			const state = JSON.parse(base64.decode(req.query.state));

-			if (rooms.has(state.roomId))
+			let displayName;
+			let photo;
+
+			if (req.user != null)
 			{
-				let displayName;
-				let photo;
+				if (req.user.displayName != null)
+					displayName = req.user.displayName;
+				else
+					displayName = '';

-				if (req.user != null)
+				if (
+					req.user.Photos != null &&
+					req.user.Photos[0] != null &&
+					req.user.Photos[0].value != null
+				)
+					photo = req.user.Photos[0].value;
+				else
+					photo = '/static/media/buddy.403cb9f6.svg';
+			}
+
+			// const room = rooms.get(state.roomId);
+
+			io.sockets.socket(state.id).emit('notification',
+			{
+				method: 'auth',
+				data :
 				{
-					if (req.user.displayName != null)
-						displayName = req.user.displayName;
-					else
-						displayName = '';
-
-					if (
-						req.user.Photos != null &&
-						req.user.Photos[0] != null &&
-						req.user.Photos[0].value != null
-					)
-						photo = req.user.Photos[0].value;
-					else
-						photo = '/static/media/buddy.403cb9f6.svg';
-				}
-
-				const data =
-				{
-					peerId      : state.peerId,
 					displayName : displayName,
 					picture     : photo
-				};
-
-				const room = rooms.get(state.roomId);
-
-				room.authCallback(data);
-			}
+				}
+			});

 			res.send('');
 		}
@ -322,6 +328,13 @@ async function runWebSocketServer()
 {
 	const io = require('socket.io')(httpsServer);

+	io.use(passportSocketIo.authorize({
+		secret       : config.cookieSecret,
+		passport     : passport,
+		cookieParser : cookieParser,
+		store        : sessionStore,
+	}));
+
 	// Handle connections from clients.
 	io.on('connection', (socket) =>
 	{