Merge branch 'develop' of github.com:thecodingmachine/workadventure into feature/global-message

+ migrating to protobuf messages # Conflicts: # back/src/App.ts # back/src/Controller/IoSocketController.ts # back/yarn.lock # front/src/Connection.ts # front/src/Phaser/Game/GameScene.ts # front/src/Phaser/Login/EnableCameraScene.ts # front/src/WebRtc/SimplePeer.ts
2020-10-01 14:11:34 +02:00 · 2020-10-01 14:11:34 +02:00 · d3fa901691
commit d3fa901691
parent 7f4014cccf e42f1a6a21
87 changed files with 7429 additions and 1891 deletions
--- a/back/src/Controller/AuthenticateController.ts
+++ b/back/src/Controller/AuthenticateController.ts
@ -1,40 +1,95 @@
-import {Application, Request, Response} from "express";
 import Jwt from "jsonwebtoken";
-import {BAD_REQUEST, OK} from "http-status-codes";
-import {SECRET_KEY, URL_ROOM_STARTED} from "../Enum/EnvironmentVariable"; //TODO fix import by "_Enum/..."
+import {ADMIN_API_TOKEN, ADMIN_API_URL, SECRET_KEY, URL_ROOM_STARTED} from "../Enum/EnvironmentVariable"; //TODO fix import by "_Enum/..."
 import { uuid } from 'uuidv4';
+import {HttpRequest, HttpResponse, TemplatedApp} from "uWebSockets.js";
+import {BaseController} from "./BaseController";
+import Axios from "axios";

 export interface TokenInterface {
-    name: string,
-    userId: string
+    userUuid: string
 }

-export class AuthenticateController {
-    App : Application;
+interface AdminApiData {
+    organizationSlug: string
+    worldSlug: string
+    roomSlug: string
+    mapUrlStart: string
+    userUuid: string
+}

-    constructor(App : Application) {
-        this.App = App;
+export class AuthenticateController extends BaseController {
+
+    constructor(private App : TemplatedApp) {
+        super();
        this.login();
    }

    //permit to login on application. Return token to connect on Websocket IO.
    login(){
-        // For now, let's completely forget the /login route.
-        this.App.post("/login", (req: Request, res: Response) => {
-            const param = req.body;
-            /*if(!param.name){
-                return res.status(BAD_REQUEST).send({
-                    message: "email parameter is empty"
-                });
-            }*/
-            //TODO check user email for The Coding Machine game
-            const userId = uuid();
-            const token = Jwt.sign({name: param.name, userId: userId} as TokenInterface, SECRET_KEY, {expiresIn: '24h'});
-            return res.status(OK).send({
-                token: token,
-                mapUrlStart: URL_ROOM_STARTED,
-                userId: userId,
-            });
+        this.App.options("/login", (res: HttpResponse, req: HttpRequest) => {
+            this.addCorsHeaders(res);
+
+            res.end();
+        });
+
+        this.App.post("/login", (res: HttpResponse, req: HttpRequest) => {
+            (async () => {
+                this.addCorsHeaders(res);
+
+                res.onAborted(() => {
+                    console.warn('Login request was aborted');
+                })
+                const host = req.getHeader('host');
+                const param = await res.json();
+
+                //todo: what to do if the organizationMemberToken is already used?
+                const organizationMemberToken:string|null = param.organizationMemberToken;
+
+                try {
+                    let userUuid;
+                    let mapUrlStart;
+                    let newUrl: string|null = null;
+
+                    if (organizationMemberToken) {
+                        if (!ADMIN_API_URL) {
+                            return res.status(401).send('No admin backoffice set!');
+                        }
+                        //todo: this call can fail if the corresponding world is not activated or if the token is invalid. Handle that case.
+                        const data = await Axios.get(ADMIN_API_URL+'/api/login-url/'+organizationMemberToken,
+                            { headers: {"Authorization" : `${ADMIN_API_TOKEN}`} }
+                        ).then((res): AdminApiData => res.data);
+
+                        userUuid = data.userUuid;
+                        mapUrlStart = data.mapUrlStart;
+                        newUrl = this.getNewUrlOnAdminAuth(data)
+                    } else {
+                        userUuid = uuid();
+                        mapUrlStart = host.replace('api.', 'maps.') + URL_ROOM_STARTED;
+                        newUrl = null;
+                    }
+
+                    const authToken = Jwt.sign({userUuid: userUuid}, SECRET_KEY, {expiresIn: '24h'});
+                    res.writeStatus("200 OK").end(JSON.stringify({
+                        authToken,
+                        userUuid,
+                        mapUrlStart,
+                        newUrl,
+                    }));
+
+                } catch (e) {
+                    console.log("An error happened", e)
+                    res.writeStatus(e.status || "500 Internal Server Error").end('An error happened');
+                }
+
+
+            })();
        });
    }
+
+    private getNewUrlOnAdminAuth(data:AdminApiData): string {
+        const organizationSlug = data.organizationSlug;
+        const worldSlug = data.worldSlug;
+        const roomSlug = data.roomSlug;
+        return '/@/'+organizationSlug+'/'+worldSlug+'/'+roomSlug;
+    }
 }