From 4f0140ea361458dec8d67da71c640dede8630662 Mon Sep 17 00:00:00 2001 From: Torjus Date: Mon, 23 Jul 2018 13:25:43 +0200 Subject: [PATCH] Fix authorization logic --- app/lib/RoomClient.js | 4 ++++ server/package-lock.json | 5 +++++ server/package.json | 1 + server/server.js | 33 +++++++++++++++++++++++++-------- 4 files changed, 35 insertions(+), 8 deletions(-) diff --git a/app/lib/RoomClient.js b/app/lib/RoomClient.js index 2965718..9b7a338 100644 --- a/app/lib/RoomClient.js +++ b/app/lib/RoomClient.js @@ -1089,6 +1089,10 @@ export default class RoomClient text : `Authenticated successfully: ${request.data}` } )); + + this.closeLoginWindow(); + + break; } case 'raisehand-message': diff --git a/server/package-lock.json b/server/package-lock.json index babdc6e..4e0c50e 100644 --- a/server/package-lock.json +++ b/server/package-lock.json @@ -439,6 +439,11 @@ } } }, + "base-64": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/base-64/-/base-64-0.1.0.tgz", + "integrity": "sha1-eAqZyE59YAJgNhURxId2E78k9rs=" + }, "bcrypt-pbkdf": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", diff --git a/server/package.json b/server/package.json index 47ae7e9..273b577 100644 --- a/server/package.json +++ b/server/package.json @@ -7,6 +7,7 @@ "license": "MIT", "main": "lib/index.js", "dependencies": { + "base-64": "^0.1.0", "colors": "^1.1.2", "debug": "^3.1.0", "express": "^4.16.3", diff --git a/server/server.js b/server/server.js index 3817352..7ac62d4 100755 --- a/server/server.js +++ b/server/server.js @@ -13,6 +13,8 @@ const protooServer = require('protoo-server'); const Logger = require('./lib/Logger'); const Room = require('./lib/Room'); const Dataporten = require('passport-dataporten'); +const utils = require('./util'); +const base64 = require('base-64'); /* eslint-disable no-console */ console.log('- process.env.DEBUG:', process.env.DEBUG); @@ -42,7 +44,18 @@ const dataporten = new Dataporten.Setup(config.oauth2); app.use(dataporten.passport.initialize()); app.use(dataporten.passport.session()); -dataporten.setupAuthenticate(app, '/login'); +app.get('/login', (req, res, next) => +{ + dataporten.passport.authenticate('dataporten', { + state : base64.encode(JSON.stringify({ + roomId : req.query.roomId, + peerName : req.query.peerName, + code : utils.random(10) + })) + + })(req, res, next); +}); + dataporten.setupLogout(app, '/logout'); app.get( @@ -52,28 +65,32 @@ app.get( (req, res) => { - res.redirect(req.session.redirectToAfterLogin || '/'); + const state = JSON.parse(base64.decode(req.query.state)); - if (rooms.has(req.query.roomId)) + if (rooms.has(state.roomId)) { - const room = rooms.get(req.query.roomId)._protooRoom; + const room = rooms.get(state.roomId)._protooRoom; - if (room.hasPeer(req.query.peerName)) + if (room.hasPeer(state.peerName)) { - const peer = room.getPeer(req.query.peerName); + const peer = room.getPeer(state.peerName); peer.send('auth', { - name : req.user.displayName, - picture : req.user.photos[0] + name : req.user.data.displayName, + picture : req.user.data.photos[0] }); } } + + res.send(''); } ); // Serve all files in the public folder as static files. app.use(express.static('public')); +app.use((req, res) => res.sendFile(`${__dirname}/public/index.html`)); + const httpsServer = https.createServer(tls, app); httpsServer.listen(config.listeningPort, '0.0.0.0', () =>