hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

closes #4248

Browse Source
v1.18.x
barisusakli 9 years ago
parent f512cb543f
commit 92fba4f396
2 changed files with 59 additions and 44 deletions
Show Stats Download Patch File Download Diff File

101
src/socket.io/index.js
Unescape Escape View File

@ -1,19 +1,19 @@
"use strict"; "use strict";
var SocketIO = require('socket.io'), var SocketIO = require('socket.io');
socketioWildcard = require('socketio-wildcard')(), var socketioWildcard = require('socketio-wildcard')();
async = require('async'), var async = require('async');
nconf = require('nconf'), var nconf = require('nconf');
cookieParser = require('cookie-parser')(nconf.get('secret')), var cookieParser = require('cookie-parser')(nconf.get('secret'));
winston = require('winston'), var winston = require('winston');
db = require('../database'), var db = require('../database');
user = require('../user'), var user = require('../user');
logger = require('../logger'), var logger = require('../logger');
ratelimit = require('../middleware/ratelimit'), var ratelimit = require('../middleware/ratelimit');
Sockets = {}, var Sockets = {};
Namespaces = {}; var Namespaces = {};
var io; var io;
@ -95,15 +95,15 @@ function onMessage(socket, payload) {
return winston.warn('[socket.io] Empty method name'); return winston.warn('[socket.io] Empty method name');
} }
var parts = eventName.toString().split('.'), var parts = eventName.toString().split('.');
namespace = parts[0], var namespace = parts[0];
methodToCall = parts.reduce(function(prev, cur) { var methodToCall = parts.reduce(function(prev, cur) {
if (prev !== null && prev[cur]) { if (prev !== null && prev[cur]) {
return prev[cur]; return prev[cur];
} else { } else {
return null; return null;
} }
}, Namespaces); }, Namespaces);
if(!methodToCall) { if(!methodToCall) {
if (process.env.NODE_ENV === 'development') { if (process.env.NODE_ENV === 'development') {
@ -123,16 +123,23 @@ function onMessage(socket, payload) {
return socket.disconnect(); return socket.disconnect();
} }
if (Namespaces[namespace].before) { async.waterfall([
Namespaces[namespace].before(socket, eventName, params, function(err) { function (next) {
if (err) { validateSession(socket, next);
return callback({message: err.message}); },
function (next) {
if (Namespaces[namespace].before) {
Namespaces[namespace].before(socket, eventName, params, next);
} else {
next();
} }
callMethod(methodToCall, socket, params, callback); },
}); function (next) {
} else { methodToCall(socket, params, next);
callMethod(methodToCall, socket, params, callback); }
} ], function(err, result) {
callback(err ? {message: err.message} : null, result);
});
} }
function requireModules() { function requireModules() {
@ -145,19 +152,33 @@ function requireModules() {
}); });
} }
function validateSession(socket, callback) {
var req = socket.request;
if (!req.signedCookies || !req.signedCookies['express.sid']) {
return callback(new Error('[[error:invalid-session]]'));
}
db.sessionStore.get(req.signedCookies['express.sid'], function(err, sessionData) {
if (err || !sessionData) {
return callback(err || new Error('[[error:invalid-session]]'));
}
callback();
});
}
function authorize(socket, callback) { function authorize(socket, callback) {
var handshake = socket.request; var request = socket.request;
if (!handshake) { if (!request) {
return callback(new Error('[[error:not-authorized]]')); return callback(new Error('[[error:not-authorized]]'));
} }
async.waterfall([ async.waterfall([
function(next) { function(next) {
cookieParser(handshake, {}, next); cookieParser(request, {}, next);
}, },
function(next) { function(next) {
db.sessionStore.get(handshake.signedCookies['express.sid'], function(err, sessionData) { db.sessionStore.get(request.signedCookies['express.sid'], function(err, sessionData) {
if (err) { if (err) {
return next(err); return next(err);
} }
@ -185,12 +206,6 @@ function addRedisAdapter(io) {
} }
} }
function callMethod(method, socket, params, callback) {
method(socket, params, function(err, result) {
callback(err ? {message: err.message} : null, result);
});
}
Sockets.in = function(room) { Sockets.in = function(room) {
return io.in(room); return io.in(room);
}; };
@ -228,9 +243,9 @@ Sockets.getOnlineAnonCount = function () {
}; };
Sockets.reqFromSocket = function(socket) { Sockets.reqFromSocket = function(socket) {
var headers = socket.request.headers, var headers = socket.request.headers;
host = headers.host, var host = headers.host;
referer = headers.referer || ''; var referer = headers.referer || '';
return { return {
ip: headers['x-forwarded-for'] || socket.ip, ip: headers['x-forwarded-for'] || socket.ip,

2
src/user/auth.js
Unescape Escape View File

@ -70,7 +70,7 @@ module.exports = function(User) {
} }
async.waterfall([ async.waterfall([
async.apply(db.getSortedSetRange, 'uid:' + uid + ':sessions', 0, -1), async.apply(db.getSortedSetRevRange, 'uid:' + uid + ':sessions', 0, -1),
function (sids, next) { function (sids, next) {
_sids = sids; _sids = sids;
async.map(sids, db.sessionStore.get.bind(db.sessionStore), next); async.map(sids, db.sessionStore.get.bind(db.sessionStore), next);

Write Preview
Loading…
Cancel
Save