mirror of
https://github.com/NodeBB/NodeBB.git
synced 2025-11-06 14:05:46 +01:00
closes #4248
This commit is contained in:
barisusakli
@@ -1,19 +1,19 @@
|
||||
"use strict";
|
||||
|
||||
var SocketIO = require('socket.io'),
|
||||
socketioWildcard = require('socketio-wildcard')(),
|
||||
async = require('async'),
|
||||
nconf = require('nconf'),
|
||||
cookieParser = require('cookie-parser')(nconf.get('secret')),
|
||||
winston = require('winston'),
|
||||
var SocketIO = require('socket.io');
|
||||
var socketioWildcard = require('socketio-wildcard')();
|
||||
var async = require('async');
|
||||
var nconf = require('nconf');
|
||||
var cookieParser = require('cookie-parser')(nconf.get('secret'));
|
||||
var winston = require('winston');
|
||||
|
||||
db = require('../database'),
|
||||
user = require('../user'),
|
||||
logger = require('../logger'),
|
||||
ratelimit = require('../middleware/ratelimit'),
|
||||
var db = require('../database');
|
||||
var user = require('../user');
|
||||
var logger = require('../logger');
|
||||
var ratelimit = require('../middleware/ratelimit');
|
||||
|
||||
Sockets = {},
|
||||
Namespaces = {};
|
||||
var Sockets = {};
|
||||
var Namespaces = {};
|
||||
|
||||
var io;
|
||||
|
||||
@@ -95,15 +95,15 @@ function onMessage(socket, payload) {
|
||||
return winston.warn('[socket.io] Empty method name');
|
||||
}
|
||||
|
||||
var parts = eventName.toString().split('.'),
|
||||
namespace = parts[0],
|
||||
methodToCall = parts.reduce(function(prev, cur) {
|
||||
if (prev !== null && prev[cur]) {
|
||||
return prev[cur];
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}, Namespaces);
|
||||
var parts = eventName.toString().split('.');
|
||||
var namespace = parts[0];
|
||||
var methodToCall = parts.reduce(function(prev, cur) {
|
||||
if (prev !== null && prev[cur]) {
|
||||
return prev[cur];
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}, Namespaces);
|
||||
|
||||
if(!methodToCall) {
|
||||
if (process.env.NODE_ENV === 'development') {
|
||||
@@ -123,16 +123,23 @@ function onMessage(socket, payload) {
|
||||
return socket.disconnect();
|
||||
}
|
||||
|
||||
if (Namespaces[namespace].before) {
|
||||
Namespaces[namespace].before(socket, eventName, params, function(err) {
|
||||
if (err) {
|
||||
return callback({message: err.message});
|
||||
async.waterfall([
|
||||
function (next) {
|
||||
validateSession(socket, next);
|
||||
},
|
||||
function (next) {
|
||||
if (Namespaces[namespace].before) {
|
||||
Namespaces[namespace].before(socket, eventName, params, next);
|
||||
} else {
|
||||
next();
|
||||
}
|
||||
callMethod(methodToCall, socket, params, callback);
|
||||
});
|
||||
} else {
|
||||
callMethod(methodToCall, socket, params, callback);
|
||||
}
|
||||
},
|
||||
function (next) {
|
||||
methodToCall(socket, params, next);
|
||||
}
|
||||
], function(err, result) {
|
||||
callback(err ? {message: err.message} : null, result);
|
||||
});
|
||||
}
|
||||
|
||||
function requireModules() {
|
||||
@@ -145,19 +152,33 @@ function requireModules() {
|
||||
});
|
||||
}
|
||||
|
||||
function authorize(socket, callback) {
|
||||
var handshake = socket.request;
|
||||
function validateSession(socket, callback) {
|
||||
var req = socket.request;
|
||||
if (!req.signedCookies || !req.signedCookies['express.sid']) {
|
||||
return callback(new Error('[[error:invalid-session]]'));
|
||||
}
|
||||
db.sessionStore.get(req.signedCookies['express.sid'], function(err, sessionData) {
|
||||
if (err || !sessionData) {
|
||||
return callback(err || new Error('[[error:invalid-session]]'));
|
||||
}
|
||||
|
||||
if (!handshake) {
|
||||
callback();
|
||||
});
|
||||
}
|
||||
|
||||
function authorize(socket, callback) {
|
||||
var request = socket.request;
|
||||
|
||||
if (!request) {
|
||||
return callback(new Error('[[error:not-authorized]]'));
|
||||
}
|
||||
|
||||
async.waterfall([
|
||||
function(next) {
|
||||
cookieParser(handshake, {}, next);
|
||||
cookieParser(request, {}, next);
|
||||
},
|
||||
function(next) {
|
||||
db.sessionStore.get(handshake.signedCookies['express.sid'], function(err, sessionData) {
|
||||
db.sessionStore.get(request.signedCookies['express.sid'], function(err, sessionData) {
|
||||
if (err) {
|
||||
return next(err);
|
||||
}
|
||||
@@ -185,12 +206,6 @@ function addRedisAdapter(io) {
|
||||
}
|
||||
}
|
||||
|
||||
function callMethod(method, socket, params, callback) {
|
||||
method(socket, params, function(err, result) {
|
||||
callback(err ? {message: err.message} : null, result);
|
||||
});
|
||||
}
|
||||
|
||||
Sockets.in = function(room) {
|
||||
return io.in(room);
|
||||
};
|
||||
@@ -228,9 +243,9 @@ Sockets.getOnlineAnonCount = function () {
|
||||
};
|
||||
|
||||
Sockets.reqFromSocket = function(socket) {
|
||||
var headers = socket.request.headers,
|
||||
host = headers.host,
|
||||
referer = headers.referer || '';
|
||||
var headers = socket.request.headers;
|
||||
var host = headers.host;
|
||||
var referer = headers.referer || '';
|
||||
|
||||
return {
|
||||
ip: headers['x-forwarded-for'] || socket.ip,
|
||||
|
||||
Reference in New Issue
Block a user