Merge branch 'develop' of github.com:thecodingmachine/workadventure into improve_logging

2021-11-24 15:36:35 +01:00 · 2021-11-24 15:36:35 +01:00 · a1107bd20e
commit a1107bd20e
parent dd89f12c2e dc58f16418
71 changed files with 10373 additions and 520 deletions
--- a/pusher/src/Controller/MapController.ts
+++ b/pusher/src/Controller/MapController.ts
@ -2,9 +2,9 @@ import { HttpRequest, HttpResponse, TemplatedApp } from "uWebSockets.js";
 import { BaseController } from "./BaseController";
 import { parse } from "query-string";
 import { adminApi } from "../Services/AdminApi";
-import { ADMIN_API_URL } from "../Enum/EnvironmentVariable";
+import { ADMIN_API_URL, DISABLE_ANONYMOUS, FRONT_URL } from "../Enum/EnvironmentVariable";
 import { GameRoomPolicyTypes } from "../Model/PusherRoom";
-import { MapDetailsData } from "../Services/AdminApi/MapDetailsData";
+import { isMapDetailsData, MapDetailsData } from "../Services/AdminApi/MapDetailsData";
 import { socketManager } from "../Services/SocketManager";
 import { AuthTokenData, jwtTokenManager } from "../Services/JWTTokenManager";
 import { v4 } from "uuid";
@ -21,7 +21,6 @@ export class MapController extends BaseController {
    getMapUrl() {
        this.App.options("/map", (res: HttpResponse, req: HttpRequest) => {
            this.addCorsHeaders(res);
-
            res.end();
        });

@ -65,6 +64,7 @@ export class MapController extends BaseController {
                        tags: [],
                        textures: [],
                        contactPage: undefined,
+                        authenticationMandatory: DISABLE_ANONYMOUS,
                    } as MapDetailsData)
                );

@ -80,14 +80,26 @@ export class MapController extends BaseController {
                            authTokenData = jwtTokenManager.verifyJWTToken(query.authToken as string);
                            userId = authTokenData.identifier;
                        } catch (e) {
-                            // Decode token, in this case we don't need to create new token.
-                            authTokenData = jwtTokenManager.verifyJWTToken(query.authToken as string, true);
-                            userId = authTokenData.identifier;
-                            log.info("JWT expire, but decoded", userId);
+                            try {
+                                // Decode token, in this case we don't need to create new token.
+                                authTokenData = jwtTokenManager.verifyJWTToken(query.authToken as string, true);
+                                userId = authTokenData.identifier;
+                                log.info("JWT expire, but decoded", userId);
+                            } catch (e) {
+                                // The token was not good, redirect user on login page
+                                res.writeStatus("500");
+                                res.writeHeader("Access-Control-Allow-Origin", FRONT_URL);
+                                res.end("Token decrypted error");
+                                return;
+                            }
                        }
                    }
                    const mapDetails = await adminApi.fetchMapDetails(query.playUri as string, userId);

+                    if (isMapDetailsData(mapDetails) && DISABLE_ANONYMOUS) {
+                        mapDetails.authenticationMandatory = true;
+                    }
+
                    res.writeStatus("200 OK");
                    this.addCorsHeaders(res);
                    res.end(JSON.stringify(mapDetails));