public/immich
1
0
Fork 0
mirror of https://github.com/immich-app/immich.git synced 2025-11-17 12:52:38 +09:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(web,server): web socket auth (for web) (#4632)

Browse Source
This commit is contained in:
Jason Rasmussen
2023-10-24 18:07:24 -04:00
committed by GitHub
parent 3021eca8e5
commit 0fb1d33f17
5 changed files with 39 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/src/domain/auth/auth.service.ts
View File

@@ -147,7 +147,7 @@ export class AuthService {
return mapAdminSignupResponse(admin);
}
async validate(headers: IncomingHttpHeaders, params: Record<string, string>): Promise<AuthUserDto | null> {
async validate(headers: IncomingHttpHeaders, params: Record<string, string>): Promise<AuthUserDto> {
const shareKey = (headers['x-immich-share-key'] || params.key) as string;
const userToken = (headers['x-immich-user-token'] ||
params.userToken ||

5
server/src/immich/app.guard.ts
View File

@@ -99,11 +99,6 @@ export class AppGuard implements CanActivate {
const req = context.switchToHttp().getRequest<AuthRequest>();
const authDto = await this.authService.validate(req.headers, req.query as Record<string, string>);
if (!authDto) {
this.logger.warn(`Denied access to authenticated route: ${req.path}`);
return false;
}
if (authDto.isPublicUser && !isSharedRoute) {
this.logger.warn(`Denied access to non-shared route: ${req.path}`);
return false;

18
server/src/infra/repositories/communication.repository.ts
View File

@@ -18,26 +18,22 @@ export class CommunicationRepository implements OnGatewayConnection, OnGatewayDi
async handleConnection(client: Socket) {
try {
this.logger.log(`New websocket connection: ${client.id}`);
this.logger.log(`Websocket Connect: ${client.id}`);
const user = await this.authService.validate(client.request.headers, {});
if (user) {
await client.join(user.id);
for (const callback of this.onConnectCallbacks) {
await callback(user.id);
}
} else {
client.emit('error', 'unauthorized');
client.disconnect();
await client.join(user.id);
for (const callback of this.onConnectCallbacks) {
await callback(user.id);
}
} catch (e) {
} catch (error: Error | any) {
this.logger.error(`Websocket connection error: ${error}`, error?.stack);
client.emit('error', 'unauthorized');
client.disconnect();
}
}
async handleDisconnect(client: Socket) {
this.logger.log(`Websocket Disconnect: ${client.id}`);
await client.leave(client.nsp.name);
this.logger.log(`Client ${client.id} disconnected from Websocket`);
}
send(event: CommunicationEvent, userId: string, data: any) {