mirror of
https://github.com/NodeBB/NodeBB.git
synced 2025-11-16 02:36:16 +01:00
Merge remote-tracking branch 'origin/master' into develop
This commit is contained in:
Julian Lam
@@ -7,225 +7,241 @@ var url = require('url');
|
||||
var cookieParser = require('cookie-parser')(nconf.get('secret'));
|
||||
|
||||
var db = require('../database');
|
||||
var user = require('../user');
|
||||
var logger = require('../logger');
|
||||
var ratelimit = require('../middleware/ratelimit');
|
||||
|
||||
(function (Sockets) {
|
||||
var Namespaces = {};
|
||||
var io;
|
||||
|
||||
Sockets.init = function (server) {
|
||||
requireModules();
|
||||
var Namespaces = {};
|
||||
var io;
|
||||
|
||||
var SocketIO = require('socket.io');
|
||||
var socketioWildcard = require('socketio-wildcard')();
|
||||
io = new SocketIO({
|
||||
path: nconf.get('relative_path') + '/socket.io'
|
||||
});
|
||||
var Sockets = module.exports;
|
||||
|
||||
addRedisAdapter(io);
|
||||
Sockets.init = function (server) {
|
||||
requireModules();
|
||||
|
||||
io.use(socketioWildcard);
|
||||
io.use(authorize);
|
||||
var SocketIO = require('socket.io');
|
||||
var socketioWildcard = require('socketio-wildcard')();
|
||||
io = new SocketIO({
|
||||
path: nconf.get('relative_path') + '/socket.io'
|
||||
});
|
||||
|
||||
io.on('connection', onConnection);
|
||||
addRedisAdapter(io);
|
||||
|
||||
io.listen(server, {
|
||||
transports: nconf.get('socket.io:transports')
|
||||
});
|
||||
io.use(socketioWildcard);
|
||||
io.use(authorize);
|
||||
|
||||
Sockets.server = io;
|
||||
};
|
||||
io.on('connection', onConnection);
|
||||
|
||||
function onConnection(socket) {
|
||||
socket.ip = socket.request.headers['x-forwarded-for'] || socket.request.connection.remoteAddress;
|
||||
io.listen(server, {
|
||||
transports: nconf.get('socket.io:transports')
|
||||
});
|
||||
|
||||
logger.io_one(socket, socket.uid);
|
||||
Sockets.server = io;
|
||||
};
|
||||
|
||||
onConnect(socket);
|
||||
function onConnection(socket) {
|
||||
socket.ip = socket.request.headers['x-forwarded-for'] || socket.request.connection.remoteAddress;
|
||||
|
||||
socket.on('*', function (payload) {
|
||||
onMessage(socket, payload);
|
||||
});
|
||||
logger.io_one(socket, socket.uid);
|
||||
|
||||
onConnect(socket);
|
||||
|
||||
socket.on('*', function (payload) {
|
||||
onMessage(socket, payload);
|
||||
});
|
||||
}
|
||||
|
||||
function onConnect(socket) {
|
||||
if (socket.uid) {
|
||||
socket.join('uid_' + socket.uid);
|
||||
socket.join('online_users');
|
||||
} else {
|
||||
socket.join('online_guests');
|
||||
}
|
||||
|
||||
function onConnect(socket) {
|
||||
if (socket.uid) {
|
||||
socket.join('uid_' + socket.uid);
|
||||
socket.join('online_users');
|
||||
socket.join('sess_' + socket.request.signedCookies[nconf.get('sessionKey')]);
|
||||
io.sockets.sockets[socket.id].emit('checkSession', socket.uid);
|
||||
}
|
||||
|
||||
function onMessage(socket, payload) {
|
||||
if (!payload.data.length) {
|
||||
return winston.warn('[socket.io] Empty payload');
|
||||
}
|
||||
|
||||
var eventName = payload.data[0];
|
||||
var params = payload.data[1];
|
||||
var callback = typeof payload.data[payload.data.length - 1] === 'function' ? payload.data[payload.data.length - 1] : function () {
|
||||
};
|
||||
|
||||
if (!eventName) {
|
||||
return winston.warn('[socket.io] Empty method name');
|
||||
}
|
||||
|
||||
var parts = eventName.toString().split('.');
|
||||
var namespace = parts[0];
|
||||
var methodToCall = parts.reduce(function (prev, cur) {
|
||||
if (prev !== null && prev[cur]) {
|
||||
return prev[cur];
|
||||
} else {
|
||||
socket.join('online_guests');
|
||||
return null;
|
||||
}
|
||||
}, Namespaces);
|
||||
|
||||
socket.join('sess_' + socket.request.signedCookies[nconf.get('sessionKey')]);
|
||||
io.sockets.sockets[socket.id].emit('checkSession', socket.uid);
|
||||
if (!methodToCall) {
|
||||
if (process.env.NODE_ENV === 'development') {
|
||||
winston.warn('[socket.io] Unrecognized message: ' + eventName);
|
||||
}
|
||||
return callback({message: '[[error:invalid-event]]'});
|
||||
}
|
||||
|
||||
function onMessage(socket, payload) {
|
||||
if (!payload.data.length) {
|
||||
return winston.warn('[socket.io] Empty payload');
|
||||
}
|
||||
socket.previousEvents = socket.previousEvents || [];
|
||||
socket.previousEvents.push(eventName);
|
||||
if (socket.previousEvents.length > 20) {
|
||||
socket.previousEvents.shift();
|
||||
}
|
||||
|
||||
var eventName = payload.data[0];
|
||||
var params = payload.data[1];
|
||||
var callback = typeof payload.data[payload.data.length - 1] === 'function' ? payload.data[payload.data.length - 1] : function () {
|
||||
};
|
||||
if (!eventName.startsWith('admin.') && ratelimit.isFlooding(socket)) {
|
||||
winston.warn('[socket.io] Too many emits! Disconnecting uid : ' + socket.uid + '. Events : ' + socket.previousEvents);
|
||||
return socket.disconnect();
|
||||
}
|
||||
|
||||
if (!eventName) {
|
||||
return winston.warn('[socket.io] Empty method name');
|
||||
}
|
||||
|
||||
var parts = eventName.toString().split('.');
|
||||
var namespace = parts[0];
|
||||
var methodToCall = parts.reduce(function (prev, cur) {
|
||||
if (prev !== null && prev[cur]) {
|
||||
return prev[cur];
|
||||
async.waterfall([
|
||||
function (next) {
|
||||
checkMaintenance(socket, next);
|
||||
},
|
||||
function (next) {
|
||||
validateSession(socket, next);
|
||||
},
|
||||
function (next) {
|
||||
if (Namespaces[namespace].before) {
|
||||
Namespaces[namespace].before(socket, eventName, params, next);
|
||||
} else {
|
||||
return null;
|
||||
next();
|
||||
}
|
||||
}, Namespaces);
|
||||
},
|
||||
function (next) {
|
||||
methodToCall(socket, params, next);
|
||||
}
|
||||
], function (err, result) {
|
||||
callback(err ? {message: err.message} : null, result);
|
||||
});
|
||||
}
|
||||
|
||||
if (!methodToCall) {
|
||||
if (process.env.NODE_ENV === 'development') {
|
||||
winston.warn('[socket.io] Unrecognized message: ' + eventName);
|
||||
}
|
||||
return callback({message: '[[error:invalid-event]]'});
|
||||
function requireModules() {
|
||||
var modules = ['admin', 'categories', 'groups', 'meta', 'modules',
|
||||
'notifications', 'plugins', 'posts', 'topics', 'user', 'blacklist', 'flags'
|
||||
];
|
||||
|
||||
modules.forEach(function (module) {
|
||||
Namespaces[module] = require('./' + module);
|
||||
});
|
||||
}
|
||||
|
||||
function checkMaintenance(socket, callback) {
|
||||
var meta = require('../meta');
|
||||
if (parseInt(meta.config.maintenanceMode, 10) !== 1) {
|
||||
return setImmediate(callback);
|
||||
}
|
||||
user.isAdministrator(socket.uid, function (err, isAdmin) {
|
||||
if (err || isAdmin) {
|
||||
return callback(err);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
function validateSession(socket, callback) {
|
||||
var req = socket.request;
|
||||
if (!req.signedCookies || !req.signedCookies[nconf.get('sessionKey')]) {
|
||||
return callback(new Error('[[error:invalid-session]]'));
|
||||
}
|
||||
db.sessionStore.get(req.signedCookies[nconf.get('sessionKey')], function (err, sessionData) {
|
||||
if (err || !sessionData) {
|
||||
return callback(err || new Error('[[error:invalid-session]]'));
|
||||
}
|
||||
|
||||
socket.previousEvents = socket.previousEvents || [];
|
||||
socket.previousEvents.push(eventName);
|
||||
if (socket.previousEvents.length > 20) {
|
||||
socket.previousEvents.shift();
|
||||
}
|
||||
callback();
|
||||
});
|
||||
}
|
||||
|
||||
if (!eventName.startsWith('admin.') && ratelimit.isFlooding(socket)) {
|
||||
winston.warn('[socket.io] Too many emits! Disconnecting uid : ' + socket.uid + '. Events : ' + socket.previousEvents);
|
||||
return socket.disconnect();
|
||||
}
|
||||
function authorize(socket, callback) {
|
||||
var request = socket.request;
|
||||
|
||||
async.waterfall([
|
||||
function (next) {
|
||||
validateSession(socket, next);
|
||||
},
|
||||
function (next) {
|
||||
if (Namespaces[namespace].before) {
|
||||
Namespaces[namespace].before(socket, eventName, params, next);
|
||||
} else {
|
||||
next();
|
||||
if (!request) {
|
||||
return callback(new Error('[[error:not-authorized]]'));
|
||||
}
|
||||
|
||||
async.waterfall([
|
||||
function (next) {
|
||||
cookieParser(request, {}, next);
|
||||
},
|
||||
function (next) {
|
||||
db.sessionStore.get(request.signedCookies[nconf.get('sessionKey')], function (err, sessionData) {
|
||||
if (err) {
|
||||
return next(err);
|
||||
}
|
||||
},
|
||||
function (next) {
|
||||
methodToCall(socket, params, next);
|
||||
}
|
||||
], function (err, result) {
|
||||
callback(err ? {message: err.message} : null, result);
|
||||
});
|
||||
}
|
||||
|
||||
function requireModules() {
|
||||
var modules = [
|
||||
'admin', 'categories', 'groups', 'meta', 'modules',
|
||||
'notifications', 'plugins', 'posts', 'topics', 'user',
|
||||
'blacklist', 'flags'
|
||||
];
|
||||
|
||||
modules.forEach(function (module) {
|
||||
Namespaces[module] = require('./' + module);
|
||||
});
|
||||
}
|
||||
|
||||
function validateSession(socket, callback) {
|
||||
var req = socket.request;
|
||||
if (!req.signedCookies || !req.signedCookies[nconf.get('sessionKey')]) {
|
||||
return callback(new Error('[[error:invalid-session]]'));
|
||||
if (sessionData && sessionData.passport && sessionData.passport.user) {
|
||||
request.session = sessionData;
|
||||
socket.uid = parseInt(sessionData.passport.user, 10);
|
||||
} else {
|
||||
socket.uid = 0;
|
||||
}
|
||||
next();
|
||||
});
|
||||
}
|
||||
db.sessionStore.get(req.signedCookies[nconf.get('sessionKey')], function (err, sessionData) {
|
||||
if (err || !sessionData) {
|
||||
return callback(err || new Error('[[error:invalid-session]]'));
|
||||
}
|
||||
], callback);
|
||||
}
|
||||
|
||||
callback();
|
||||
});
|
||||
function addRedisAdapter(io) {
|
||||
if (nconf.get('redis')) {
|
||||
var redisAdapter = require('socket.io-redis');
|
||||
var redis = require('../database/redis');
|
||||
var pub = redis.connect();
|
||||
var sub = redis.connect({return_buffers: true});
|
||||
io.adapter(redisAdapter({pubClient: pub, subClient: sub}));
|
||||
} else if (nconf.get('isCluster') === 'true') {
|
||||
winston.warn('[socket.io] Clustering detected, you are advised to configure Redis as a websocket store.');
|
||||
}
|
||||
}
|
||||
|
||||
Sockets.in = function (room) {
|
||||
return io.in(room);
|
||||
};
|
||||
|
||||
Sockets.getUserSocketCount = function (uid) {
|
||||
if (!io) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
function authorize(socket, callback) {
|
||||
var request = socket.request;
|
||||
var room = io.sockets.adapter.rooms['uid_' + uid];
|
||||
return room ? room.length : 0;
|
||||
};
|
||||
|
||||
if (!request) {
|
||||
return callback(new Error('[[error:not-authorized]]'));
|
||||
}
|
||||
|
||||
async.waterfall([
|
||||
function (next) {
|
||||
cookieParser(request, {}, next);
|
||||
},
|
||||
function (next) {
|
||||
db.sessionStore.get(request.signedCookies[nconf.get('sessionKey')], function (err, sessionData) {
|
||||
if (err) {
|
||||
return next(err);
|
||||
}
|
||||
if (sessionData && sessionData.passport && sessionData.passport.user) {
|
||||
request.session = sessionData;
|
||||
socket.uid = parseInt(sessionData.passport.user, 10);
|
||||
} else {
|
||||
socket.uid = 0;
|
||||
}
|
||||
next();
|
||||
});
|
||||
}
|
||||
], callback);
|
||||
Sockets.reqFromSocket = function (socket, payload, event) {
|
||||
var headers = socket.request ? socket.request.headers : {};
|
||||
var encrypted = socket.request ? !!socket.request.connection.encrypted : false;
|
||||
var host = headers.host;
|
||||
var referer = headers.referer || '';
|
||||
var data = ((payload || {}).data || []);
|
||||
|
||||
if (!host) {
|
||||
host = url.parse(referer).host || '';
|
||||
}
|
||||
|
||||
function addRedisAdapter(io) {
|
||||
if (nconf.get('redis')) {
|
||||
var redisAdapter = require('socket.io-redis');
|
||||
var redis = require('../database/redis');
|
||||
var pub = redis.connect();
|
||||
var sub = redis.connect({return_buffers: true});
|
||||
io.adapter(redisAdapter({pubClient: pub, subClient: sub}));
|
||||
} else if (nconf.get('isCluster') === 'true') {
|
||||
winston.warn('[socket.io] Clustering detected, you are advised to configure Redis as a websocket store.');
|
||||
}
|
||||
}
|
||||
|
||||
Sockets.in = function (room) {
|
||||
return io.in(room);
|
||||
};
|
||||
|
||||
Sockets.getUserSocketCount = function (uid) {
|
||||
if (!io) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
var room = io.sockets.adapter.rooms['uid_' + uid];
|
||||
return room ? room.length : 0;
|
||||
return {
|
||||
uid: socket.uid,
|
||||
params: data[1],
|
||||
method: event || data[0],
|
||||
body: payload,
|
||||
ip: headers['x-forwarded-for'] || socket.ip,
|
||||
host: host,
|
||||
protocol: encrypted ? 'https' : 'http',
|
||||
secure: encrypted,
|
||||
url: referer,
|
||||
path: referer.substr(referer.indexOf(host) + host.length),
|
||||
headers: headers
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
Sockets.reqFromSocket = function (socket, payload, event) {
|
||||
var headers = socket.request ? socket.request.headers : {};
|
||||
var encrypted = socket.request ? !!socket.request.connection.encrypted : false;
|
||||
var host = headers.host;
|
||||
var referer = headers.referer || '';
|
||||
var data = ((payload || {}).data || []);
|
||||
|
||||
if (!host) {
|
||||
host = url.parse(referer).host || '';
|
||||
}
|
||||
|
||||
return {
|
||||
uid: socket.uid,
|
||||
params: data[1],
|
||||
method: event || data[0],
|
||||
body: payload,
|
||||
ip: headers['x-forwarded-for'] || socket.ip,
|
||||
host: host,
|
||||
protocol: encrypted ? 'https' : 'http',
|
||||
secure: encrypted,
|
||||
url: referer,
|
||||
path: referer.substr(referer.indexOf(host) + host.length),
|
||||
headers: headers
|
||||
};
|
||||
};
|
||||
|
||||
}(exports));
|
||||
|
||||
Reference in New Issue
Block a user