diff --git a/app/src/RoomClient.js b/app/src/RoomClient.js index 204643d..d301b86 100644 --- a/app/src/RoomClient.js +++ b/app/src/RoomClient.js @@ -1521,24 +1521,46 @@ export default class RoomClient })); if (this._screenSharingProducer) + { this._screenSharingProducer.close(); + store.dispatch( + producerActions.removeProducer(this._screenSharingProducer.id)); + + this._screenSharingProducer = null; + } + if (this._webcamProducer) + { this._webcamProducer.close(); + store.dispatch( + producerActions.removeProducer(this._webcamProducer.id)); + + this._webcamProducer = null; + } + if (this._micProducer) + { this._micProducer.close(); - // Close mediasoup Transports. + store.dispatch( + producerActions.removeProducer(this._micProducer.id)); + + this._micProducer = null; + } + if (this._sendTransport) { this._sendTransport.close(); + this._sendTransport = null; } if (this._recvTransport) { this._recvTransport.close(); + this._recvTransport = null; } diff --git a/server/lib/Room.js b/server/lib/Room.js index 4950123..521007d 100644 --- a/server/lib/Room.js +++ b/server/lib/Room.js @@ -3,6 +3,7 @@ const axios = require('axios'); const Logger = require('./Logger'); const Lobby = require('./Lobby'); const { v4: uuidv4 } = require('uuid'); +const jwt = require('jsonwebtoken'); const userRoles = require('../userRoles'); const config = require('../config/config'); @@ -123,12 +124,27 @@ class Room extends EventEmitter this.emit('close'); } - handlePeer({ peer, token }) + verifyPeer({ id, token }) { - logger.info('handlePeer() [peer:"%s", roles:"%s", token:"%s"]', peer.id, peer.roles, token); + try + { + const decoded = jwt.verify(token, this._uuid); - // This peer is returning, reconnect - const verifiedPeer = token && token === this._uuid; + logger.info('verifyPeer() [decoded:"%o"]', decoded); + + return decoded.id === id; + } + catch (err) + { + logger.warn('verifyPeer() | invalid token'); + } + + return false; + } + + handlePeer({ peer, returning }) + { + logger.info('handlePeer() [peer:"%s", roles:"%s", returning:"%s"]', peer.id, peer.roles, returning); // Should not happen if (this._peers[peer.id]) @@ -139,7 +155,7 @@ class Room extends EventEmitter } // Returning user - if (verifiedPeer) + if (returning) this._peerJoining(peer, true); // Always let ADMIN in, even if locked else if (peer.roles.includes(userRoles.ADMIN)) @@ -356,7 +372,9 @@ class Room extends EventEmitter } else { - peer.socket.handshake.session.token = this._uuid; + const token = jwt.sign({ id: peer.id }, this._uuid, { noTimestamp: true }); + + peer.socket.handshake.session.token = token; peer.socket.handshake.session.save(); diff --git a/server/package.json b/server/package.json index 50a6831..ae1f3b9 100644 --- a/server/package.json +++ b/server/package.json @@ -25,6 +25,7 @@ "express-socket.io-session": "^1.3.5", "helmet": "^3.21.2", "ims-lti": "^3.0.2", + "jsonwebtoken": "^8.5.1", "mediasoup": "^3.5.5", "openid-client": "^3.7.3", "passport": "^0.4.0", diff --git a/server/server.js b/server/server.js index 5e19248..c1c0f61 100755 --- a/server/server.js +++ b/server/server.js @@ -469,21 +469,20 @@ async function runWebSocketServer() const room = await getOrCreateRoom({ roomId }); let peer = peers.get(peerId); + let returning = false; - if (peer) - { - if (token) - { + if (peer && !token) + { // Don't allow hijacking sessions + socket.disconnect(true); + + return; + } + else if (token && room.verifyPeer({ id: peerId, token })) + { // Returning user, remove if old peer exists + if (peer) peer.close(); - peer = null; - } - else - { - socket.disconnect(true); - - return; - } + returning = true; } peer = new Peer({ id: peerId, roomId, socket }); @@ -516,7 +515,7 @@ async function runWebSocketServer() } } - room.handlePeer({ peer, token }); + room.handlePeer({ peer, returning }); }) .catch((error) => {