Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
e5da173acd
PromucFlow_constructor/app/rts/src/middlewares/socket-auth.ts

69 lines
2.1 KiB
TypeScript
Raw Normal View History

fix: revamped rts server architecture (#15870) ## Description RTS node server was being used for Availability feature. Now we will be enhancing the server to utilise client side logic on the server side side like construction of AST, Evaluations logic etc. So, since our codebase was not structured for implementing such use case, so we had to revamp the structure of the codebase. #### Architecture - **Routes :** To define different paths to consume apis - **Controllers :** To capture the routing and formulate the logic to provide response to a particular request - **Middleware :** action functions that happen to be stitched in between the routes and controllers, or can be used as a part of logic that needs to be injected in between. - **Constants :** To keep static variables as per the usage without declaring it in other parts of the codebase - **Sockets :** Any socket apis exists inside this folder to properly structure every socket implementations - **Utils :** Helper functions which can be used at any stage of the application Fixes #15645 ## Type of change - New feature (non-breaking change which adds functionality) ## How Has This Been Tested? > Please describe the tests that you ran to verify your changes. Provide instructions, so we can reproduce. > Please also list any relevant details for your test configuration. - Test A - Test B ## Checklist: - [ ] My code follows the style guidelines of this project - [ ] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have made corresponding changes to the documentation - [ ] My changes generate no new warnings - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes Co-authored-by: Aishwarya UR <aishwarya@appsmith.com>
2022-08-11 09:36:02 +00:00
import { Socket } from "socket.io";
import log from "loglevel";
import axios from "axios";
const API_BASE_URL = process.env.APPSMITH_API_BASE_URL;
export async function tryAuth(socket: Socket) {
/* ********************************************************* */
// TODO: This change is not being used at the moment. Instead of using the environment variable API_BASE_URL
// we should be able to derive the API_BASE_URL from the host header. This will make configuration simpler
// for the user. The problem with this implementation is that Axios doesn't work for https endpoints currently.
// This needs to be debugged.
/* ********************************************************* */
// const host = socket.handshake.headers.host;
const connectionCookie = socket?.handshake?.headers?.cookie;
if (
connectionCookie === undefined ||
connectionCookie === null ||
connectionCookie === ""
) {
return false;
}
const matchedCookie = connectionCookie.match(/\bSESSION=\S+/);
if (!matchedCookie) {
return false;
}
const sessionCookie = matchedCookie[0];
let response;
try {
response = await axios.request({
method: "GET",
url: API_BASE_URL + "/users/me",
headers: {
Cookie: sessionCookie,
},
});
} catch (error) {
if (error.response?.status === 401) {
console.info(
"401 received when authenticating user with cookie: " + sessionCookie
);
} else if (error.response) {
log.error(
"Error response received while authentication: ",
error.response
);
} else {
log.error("Error authenticating", error);
}
return false;
}
const email = response?.data?.data?.email;
const name = response?.data?.data?.name ?? email;
// If the session check API succeeds & the email/name is anonymousUser, then the user is not authenticated
// and we should not allow them to join any rooms
if (email == null || email === "anonymousUser" || name === "anonymousUser") {
return false;
}
socket.data.email = email;
socket.data.name = name;
return true;
}
Reference in New Issue Copy Permalink