Release 1.4.14 (#1370)

* New version of cache management (#1365) Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Exit scene acess denied detected (#1369) * Add auth token user to get right in admin and check if user have right Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Update error show Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com> * Update token generation (#1372) - Permit only decode token to get map details, - If user have token expired, set the token to null and reload the page. This feature will be updated when authentication stategy will be finished. Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com>
2021-08-15 23:13:48 +02:00 · 2021-08-15 23:13:48 +02:00 · 005a3c5a0d
commit 005a3c5a0d
parent 45a56c2e02
12 changed files with 96 additions and 16 deletions
--- a/pusher/src/Controller/BaseController.ts
+++ b/pusher/src/Controller/BaseController.ts
@ -29,7 +29,12 @@ export class BaseController {
        if (e.response) {
            res.writeStatus(e.response.status + " " + e.response.statusText);
            this.addCorsHeaders(res);
-            res.end("An error occurred: " + e.response.status + " " + e.response.statusText);
+            res.end(
+                "An error occurred: " +
+                    e.response.status +
+                    " " +
+                    (e.response.data && e.response.data.message ? e.response.data.message : e.response.statusText)
+            );
        } else {
            res.writeStatus("500 Internal Server Error");
            this.addCorsHeaders(res);
--- a/pusher/src/Controller/IoSocketController.ts
+++ b/pusher/src/Controller/IoSocketController.ts
@ -174,7 +174,7 @@ export class IoSocketController {
                        }

                        const tokenData =
-                            token && typeof token === "string" ? jwtTokenManager.decodeJWTToken(token) : null;
+                            token && typeof token === "string" ? jwtTokenManager.verifyJWTToken(token) : null;
                        const userIdentifier = tokenData ? tokenData.identifier : "";

                        let memberTags: string[] = [];
--- a/pusher/src/Controller/MapController.ts
+++ b/pusher/src/Controller/MapController.ts
@ -5,6 +5,9 @@ import { adminApi } from "../Services/AdminApi";
 import { ADMIN_API_URL } from "../Enum/EnvironmentVariable";
 import { GameRoomPolicyTypes } from "../Model/PusherRoom";
 import { MapDetailsData } from "../Services/AdminApi/MapDetailsData";
+import { socketManager } from "../Services/SocketManager";
+import { AuthTokenData, jwtTokenManager } from "../Services/JWTTokenManager";
+import { v4 } from "uuid";

 export class MapController extends BaseController {
    constructor(private App: TemplatedApp) {
@ -67,7 +70,20 @@ export class MapController extends BaseController {

            (async () => {
                try {
-                    const mapDetails = await adminApi.fetchMapDetails(query.playUri as string);
+                    let userId: string | undefined = undefined;
+                    if (query.authToken != undefined) {
+                        let authTokenData: AuthTokenData;
+                        try {
+                            authTokenData = jwtTokenManager.verifyJWTToken(query.authToken as string);
+                            userId = authTokenData.identifier;
+                        } catch (e) {
+                            // Decode token, in this case we don't need to create new token.
+                            authTokenData = jwtTokenManager.verifyJWTToken(query.authToken as string, true);
+                            userId = authTokenData.identifier;
+                            console.info("JWT expire, but decoded", userId);
+                        }
+                    }
+                    const mapDetails = await adminApi.fetchMapDetails(query.playUri as string, userId);

                    res.writeStatus("200 OK");
                    this.addCorsHeaders(res);
--- a/pusher/src/Services/AdminApi.ts
+++ b/pusher/src/Services/AdminApi.ts
@ -31,13 +31,19 @@ export interface FetchMemberDataByUuidResponse {
 }

 class AdminApi {
-    async fetchMapDetails(playUri: string): Promise<MapDetailsData | RoomRedirect> {
+    /**
+     * @var playUri: is url of the room
+     * @var userId: can to be undefined or email or uuid
+     * @return MapDetailsData|RoomRedirect
+     */
+    async fetchMapDetails(playUri: string, userId?: string): Promise<MapDetailsData | RoomRedirect> {
        if (!ADMIN_API_URL) {
            return Promise.reject(new Error("No admin backoffice set!"));
        }

-        const params: { playUri: string } = {
+        const params: { playUri: string; userId?: string } = {
            playUri,
+            userId,
        };

        const res = await Axios.get(ADMIN_API_URL + "/api/map", {
--- a/pusher/src/Services/JWTTokenManager.ts
+++ b/pusher/src/Services/JWTTokenManager.ts
@ -15,9 +15,9 @@ class JWTTokenManager {
        return Jwt.sign({ identifier }, SECRET_KEY, { expiresIn: "200d" });
    }

-    public decodeJWTToken(token: string): AuthTokenData {
+    public verifyJWTToken(token: string, ignoreExpiration: boolean = false): AuthTokenData {
        try {
-            return Jwt.verify(token, SECRET_KEY, { ignoreExpiration: false }) as AuthTokenData;
+            return Jwt.verify(token, SECRET_KEY, { ignoreExpiration }) as AuthTokenData;
        } catch (e) {
            throw { reason: tokenInvalidException, message: e.message };
        }