more fixes

This commit is contained in:
arp 2020-10-09 16:18:25 +02:00
parent 5e54fc2c26
commit c5f8b43fec
3 changed files with 26 additions and 12 deletions

View File

@ -106,7 +106,11 @@ export class IoSocketController {
}); });
try { try {
const url = req.getUrl();
const query = parse(req.getQuery()); const query = parse(req.getQuery());
const websocketKey = req.getHeader('sec-websocket-key');
const websocketProtocol = req.getHeader('sec-websocket-protocol');
const websocketExtensions = req.getHeader('sec-websocket-extensions');
const roomId = req.getUrl().substr(6); const roomId = req.getUrl().substr(6);
@ -134,10 +138,14 @@ export class IoSocketController {
const userUuid = await jwtTokenManager.getUserUuidFromToken(token); const userUuid = await jwtTokenManager.getUserUuidFromToken(token);
console.log('uuid', userUuid);
const isGranted = await adminApi.memberIsGrantedAccessToRoom(userUuid, roomId); const isGranted = await adminApi.memberIsGrantedAccessToRoom(userUuid, roomId);
if (!isGranted) { if (!isGranted) {
throw Error('Client cannot acces this ressource.'); console.log('access not granted for user '+userUuid+' and room '+roomId);
throw new Error('Client cannot acces this ressource.')
} else {
console.log('access granted for user '+userUuid+' and room '+roomId);
} }
if (upgradeAborted.aborted) { if (upgradeAborted.aborted) {
@ -149,7 +157,7 @@ export class IoSocketController {
/* This immediately calls open handler, you must not use res after this call */ /* This immediately calls open handler, you must not use res after this call */
res.upgrade({ res.upgrade({
// Data passed here is accessible on the "websocket" socket object. // Data passed here is accessible on the "websocket" socket object.
url: req.getUrl(), url,
token, token,
userUuid, userUuid,
roomId, roomId,
@ -169,17 +177,17 @@ export class IoSocketController {
} }
}, },
/* Spell these correctly */ /* Spell these correctly */
req.getHeader('sec-websocket-key'), websocketKey,
req.getHeader('sec-websocket-protocol'), websocketProtocol,
req.getHeader('sec-websocket-extensions'), websocketExtensions,
context); context);
} catch (e) { } catch (e) {
if (e instanceof Error) { if (e instanceof Error) {
console.warn(e.message); console.log(e.message);
res.writeStatus("401 Unauthorized").end(e.message); res.writeStatus("401 Unauthorized").end(e.message);
} else { } else {
console.warn(e); console.log(e);
res.writeStatus("500 Internal Server Error").end('An error occurred'); res.writeStatus("500 Internal Server Error").end('An error occurred');
} }
return; return;

View File

@ -1,5 +1,5 @@
import {ADMIN_API_TOKEN, ADMIN_API_URL} from "../Enum/EnvironmentVariable"; import {ADMIN_API_TOKEN, ADMIN_API_URL} from "../Enum/EnvironmentVariable";
import Axios from "axios"; import Axios, {AxiosError} from "axios";
export interface AdminApiData { export interface AdminApiData {
organizationSlug: string organizationSlug: string
@ -26,10 +26,15 @@ class AdminApi {
if (!ADMIN_API_URL) { if (!ADMIN_API_URL) {
return Promise.reject('No admin backoffice set!'); return Promise.reject('No admin backoffice set!');
} }
const res = await Axios.get(ADMIN_API_URL+'/api/member/'+memberId+'/is-granted-access/'+roomId, try {
{ headers: {"Authorization" : `${ADMIN_API_TOKEN}`} } const res = await Axios.get(ADMIN_API_URL+'/api/member/is-granted-access',
{ headers: {"Authorization" : `${ADMIN_API_TOKEN}`}, params: {memberId, roomIdentifier: roomId} }
) )
return res.data === true; return !!res.data;
} catch (e) {
console.log(e.message)
return false;
}
} }
} }

View File

@ -36,6 +36,7 @@ class ConnectionManager {
this.userUuid = data.userUuid; this.userUuid = data.userUuid;
this.mapUrlStart = data.mapUrlStart; this.mapUrlStart = data.mapUrlStart;
const newUrl = data.newUrl; const newUrl = data.newUrl;
console.log('u', this.userUuid)
if (newUrl) { if (newUrl) {
history.pushState({}, '', newUrl); history.pushState({}, '', newUrl);