mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-15 23:54:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(realtime): Allow connections for guest users

Browse source 
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
This commit is contained in:
Tilman Vatteroth 2022-10-03 18:39:44 +02:00
parent 4ab66dfe2d
commit a97f7e8fd1
8 changed files with 139 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

18
backend/src/realtime/websocket/websocket.gateway.ts
View file

@ -52,10 +52,12 @@ export class WebsocketGateway implements OnGatewayConnection {
extractNoteIdFromRequestUrl(request),
);
const username = user?.username ?? 'guest';
if (!(await this.permissionsService.mayRead(user, note))) {
//TODO: [mrdrogdrog] inform client about reason of disconnect.
this.logger.log(
`Access denied to note '${note.id}' for user '${user.username}'`,
`Access denied to note '${note.id}' for user '${username}'`,
'handleConnection',
);
clientSocket.close();
@ -65,7 +67,7 @@ export class WebsocketGateway implements OnGatewayConnection {
this.logger.debug(
`New realtime connection to note '${note.id}' (${
note.publicId
}) by user '${user.username}' from ${
}) by user '${username}' from ${
request.socket.remoteAddress ?? 'unknown'
}`,
);
@ -98,11 +100,15 @@ export class WebsocketGateway implements OnGatewayConnection {
*/
private async findUserByRequestSession(
request: IncomingMessage,
): Promise<User> {
const sessionId =
this.sessionService.extractVerifiedSessionIdFromRequest(request);
): Promise<User | null> {
const sessionId = this.sessionService.extractSessionIdFromRequest(request);
if (sessionId.isEmpty()) {
return null;
}
const username = await this.sessionService.fetchUsernameForSessionId(
sessionId,
sessionId.get(),
);
return await this.userService.getUserByUsername(username);
}