workadventure/back/src/Controller/AuthenticateController.ts

import { v4 } from 'uuid';
import {HttpRequest, HttpResponse, TemplatedApp} from "uWebSockets.js";
import {BaseController} from "./BaseController";
import {adminApi} from "../Services/AdminApi";
import {jwtTokenManager} from "../Services/JWTTokenManager";
import {parse} from "query-string";

export interface TokenInterface {
    userUuid: string
}

export class AuthenticateController extends BaseController {

    constructor(private App : TemplatedApp) {
        super();
        this.register();
        this.verify();
        this.anonymLogin();
    }

    //Try to login with an admin token
    private register(){
        this.App.options("/register", (res: HttpResponse, req: HttpRequest) => {
            this.addCorsHeaders(res);

            res.end();
        });

        this.App.post("/register", (res: HttpResponse, req: HttpRequest) => {
            (async () => {
                this.addCorsHeaders(res);

                res.onAborted(() => {
                    console.warn('Login request was aborted');
                })
                const host = req.getHeader('host');
                const param = await res.json();

                //todo: what to do if the organizationMemberToken is already used?
                const organizationMemberToken:string|null = param.organizationMemberToken;

                try {
                    if (typeof organizationMemberToken != 'string') throw new Error('No organization token');
                    const data = await adminApi.fetchMemberDataByToken(organizationMemberToken);

                    const userUuid = data.userUuid;
                    const organizationSlug = data.organizationSlug;
                    const worldSlug = data.worldSlug;
                    const roomSlug = data.roomSlug;
                    const mapUrlStart = data.mapUrlStart;

                    const authToken = jwtTokenManager.createJWTToken(userUuid);
                    res.writeStatus("200 OK").end(JSON.stringify({
                        authToken,
                        userUuid,
                        organizationSlug,
                        worldSlug,
                        roomSlug,
                        mapUrlStart,
                    }));

                } catch (e) {
                    console.log("An error happened", e)
                    res.writeStatus(e.status || "500 Internal Server Error").end('An error happened');
                }


            })();
        });

    }

    private verify(){
        this.App.options("/verify", (res: HttpResponse, req: HttpRequest) => {
            this.addCorsHeaders(res);

            res.end();
        });

        this.App.get("/verify", (res: HttpResponse, req: HttpRequest) => {
            (async () => {
                this.addCorsHeaders(res);

                const query = parse(req.getQuery());

                res.onAborted(() => {
                    console.warn('verify request was aborted');
                })

                try {
                    await jwtTokenManager.getUserUuidFromToken(query.token as string);
                } catch (e) {
                    res.writeStatus("400 Bad Request").end(JSON.stringify({
                        "success": false,
                        "message": "Invalid JWT token"
                    }));
                }
                res.writeStatus("200 OK").end(JSON.stringify({
                    "success": true
                }));
            })();
        });

    }

    //permit to login on application. Return token to connect on Websocket IO.
    private anonymLogin(){
        this.App.options("/anonymLogin", (res: HttpResponse, req: HttpRequest) => {
            this.addCorsHeaders(res);

            res.end();
        });

        this.App.post("/anonymLogin", (res: HttpResponse, req: HttpRequest) => {
            this.addCorsHeaders(res);

            res.onAborted(() => {
                console.warn('Login request was aborted');
            })

            const userUuid = v4();
            const authToken = jwtTokenManager.createJWTToken(userUuid);
            res.writeStatus("200 OK").end(JSON.stringify({
                authToken,
                userUuid,
            }));
        });
    }
}
Migrating to uuid v4 2020-10-01 16:51:51 +02:00			`import { v4 } from 'uuid';`
Migrating to uWS 2020-09-28 18:52:54 +02:00			`import {HttpRequest, HttpResponse, TemplatedApp} from "uWebSockets.js";`
			`import {BaseController} from "./BaseController";`
rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00			`import {adminApi} from "../Services/AdminApi";`
some fixes 2020-10-09 14:53:18 +02:00			`import {jwtTokenManager} from "../Services/JWTTokenManager";`
Adding a new endpoint to verify the JWT token server-side before connecting 2020-10-15 16:48:42 +02:00			`import {parse} from "query-string";`
Add authenticate - Create new controller authenticate with login root.. - Update and manage error message socket io. - Create enum for environment variables 2020-04-04 17:22:02 +02:00
Removing all "any" from back. To do this, I used generic-type-guard package which generates both an interface AND a valid type guard from code. With this, we are 100% sure that the messages we receive are validated at runtime! The client cannot pass us an object that is invalid! \o/ 2020-06-09 23:07:19 +02:00			`export interface TokenInterface {`
improvments 2020-09-28 15:02:37 +02:00			`userUuid: string`
Removing all "any" from back. To do this, I used generic-type-guard package which generates both an interface AND a valid type guard from code. With this, we are 100% sure that the messages we receive are validated at runtime! The client cannot pass us an object that is invalid! \o/ 2020-06-09 23:07:19 +02:00			`}`

Migrating to uWS 2020-09-28 18:52:54 +02:00			`export class AuthenticateController extends BaseController {`
Add authenticate - Create new controller authenticate with login root.. - Update and manage error message socket io. - Create enum for environment variables 2020-04-04 17:22:02 +02:00
Migrating to uWS 2020-09-28 18:52:54 +02:00			`constructor(private App : TemplatedApp) {`
			`super();`
rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00			`this.register();`
Adding a new endpoint to verify the JWT token server-side before connecting 2020-10-15 16:48:42 +02:00			`this.verify();`
rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00			`this.anonymLogin();`
Add authenticate - Create new controller authenticate with login root.. - Update and manage error message socket io. - Create enum for environment variables 2020-04-04 17:22:02 +02:00			`}`

rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00			`//Try to login with an admin token`
Adding a new endpoint to verify the JWT token server-side before connecting 2020-10-15 16:48:42 +02:00			`private register(){`
rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00			`this.App.options("/register", (res: HttpResponse, req: HttpRequest) => {`
Migrating to uWS 2020-09-28 18:52:54 +02:00			`this.addCorsHeaders(res);`

			`res.end();`
			`});`

rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00			`this.App.post("/register", (res: HttpResponse, req: HttpRequest) => {`
Linting app 2020-09-29 16:12:17 +02:00			`(async () => {`
			`this.addCorsHeaders(res);`

			`res.onAborted(() => {`
			`console.warn('Login request was aborted');`
			`})`
Adding back authentication to uws websocket 2020-09-30 10:12:40 +02:00			`const host = req.getHeader('host');`
Linting app 2020-09-29 16:12:17 +02:00			`const param = await res.json();`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00
			`//todo: what to do if the organizationMemberToken is already used?`
			`const organizationMemberToken:string\|null = param.organizationMemberToken;`
Adding a new endpoint to verify the JWT token server-side before connecting 2020-10-15 16:48:42 +02:00
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00			`try {`
rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00			`if (typeof organizationMemberToken != 'string') throw new Error('No organization token');`
			`const data = await adminApi.fetchMemberDataByToken(organizationMemberToken);`

			`const userUuid = data.userUuid;`
			`const organizationSlug = data.organizationSlug;`
			`const worldSlug = data.worldSlug;`
			`const roomSlug = data.roomSlug;`
			`const mapUrlStart = data.mapUrlStart;`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00
some fixes 2020-10-09 14:53:18 +02:00			`const authToken = jwtTokenManager.createJWTToken(userUuid);`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00			`res.writeStatus("200 OK").end(JSON.stringify({`
			`authToken,`
			`userUuid,`
rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00			`organizationSlug,`
			`worldSlug,`
			`roomSlug,`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00			`mapUrlStart,`
			`}));`

			`} catch (e) {`
Adding back authentication to uws websocket 2020-09-30 10:12:40 +02:00			`console.log("An error happened", e)`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00			`res.writeStatus(e.status \|\| "500 Internal Server Error").end('An error happened');`
rewrote the login workflow 2020-09-25 18:29:22 +02:00			`}`


Linting app 2020-09-29 16:12:17 +02:00			`})();`
Fix mediam stream manage and server back down 2020-05-23 14:00:36 +02:00			`});`
rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00
Add authenticate - Create new controller authenticate with login root.. - Update and manage error message socket io. - Create enum for environment variables 2020-04-04 17:22:02 +02:00			`}`
Merge branch 'develop' of github.com:thecodingmachine/workadventure into uws # Conflicts: # back/src/Controller/AdminController.ts # back/src/Controller/AuthenticateController.ts # back/src/Controller/IoSocketController.ts # back/src/Controller/MapController.ts # benchmark/index.ts # front/src/Connexion/RoomConnection.ts 2020-09-29 17:12:28 +02:00
Adding a new endpoint to verify the JWT token server-side before connecting 2020-10-15 16:48:42 +02:00			`private verify(){`
			`this.App.options("/verify", (res: HttpResponse, req: HttpRequest) => {`
			`this.addCorsHeaders(res);`

			`res.end();`
			`});`

			`this.App.get("/verify", (res: HttpResponse, req: HttpRequest) => {`
			`(async () => {`
			`this.addCorsHeaders(res);`

			`const query = parse(req.getQuery());`

			`res.onAborted(() => {`
			`console.warn('verify request was aborted');`
			`})`

			`try {`
Fixing JWT verify 2020-10-15 16:54:04 +02:00			`await jwtTokenManager.getUserUuidFromToken(query.token as string);`
Adding a new endpoint to verify the JWT token server-side before connecting 2020-10-15 16:48:42 +02:00			`} catch (e) {`
			`res.writeStatus("400 Bad Request").end(JSON.stringify({`
			`"success": false,`
			`"message": "Invalid JWT token"`
			`}));`
			`}`
			`res.writeStatus("200 OK").end(JSON.stringify({`
			`"success": true`
			`}));`
			`})();`
			`});`

			`}`

rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00			`//permit to login on application. Return token to connect on Websocket IO.`
Adding a new endpoint to verify the JWT token server-side before connecting 2020-10-15 16:48:42 +02:00			`private anonymLogin(){`
rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00			`this.App.options("/anonymLogin", (res: HttpResponse, req: HttpRequest) => {`
			`this.addCorsHeaders(res);`

			`res.end();`
			`});`

			`this.App.post("/anonymLogin", (res: HttpResponse, req: HttpRequest) => {`
lint fixes 2020-10-13 15:55:30 +02:00			`this.addCorsHeaders(res);`
rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00
lint fixes 2020-10-13 15:55:30 +02:00			`res.onAborted(() => {`
			`console.warn('Login request was aborted');`
			`})`
rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00
lint fixes 2020-10-13 15:55:30 +02:00			`const userUuid = v4();`
			`const authToken = jwtTokenManager.createJWTToken(userUuid);`
			`res.writeStatus("200 OK").end(JSON.stringify({`
			`authToken,`
			`userUuid,`
			`}));`
rewrote the authorisation flow: give more responsability to gameManager and less to gameScene 2020-10-12 16:23:07 +02:00			`});`
rewrote the login workflow 2020-09-25 18:29:22 +02:00			`}`
Completely getting rid of "userid" Previously, userid was generated by the "/login" route and passed along. This commit completely removes the uuid "userid" (and disables the LoginController too and any Jwt check). "userid" is replaced by the "socket id" of the connection. So a user is now identified using a socket id, which is unique for a given connection. 2020-05-14 23:19:48 +02:00			`}`