better we.bslty & deveop integration
This commit is contained in:
_Bastler
parent
f69fe463de
commit
b47201687a
@ -14,6 +14,8 @@ export const MAX_PER_GROUP = parseInt(process.env.MAX_PER_GROUP || "4");
|
||||
export const REDIS_HOST = process.env.REDIS_HOST || undefined;
|
||||
export const REDIS_PORT = parseInt(process.env.REDIS_PORT || "6379") || 6379;
|
||||
export const REDIS_PASSWORD = process.env.REDIS_PASSWORD || undefined;
|
||||
export const DEBUG_IGNORE_SSL = process.env.DEBUG_IGNORE_SSL ? process.env.DEBUG_IGNORE_SSL == "true" : false;
|
||||
export const DEBUG_BACK_IGNORE_LOCAL = process.env.DEBUG_BACK_IGNORE_LOCAL ? process.env.DEBUG_BACK_IGNORE_LOCAL == "true" : false;
|
||||
|
||||
export {
|
||||
MINIMUM_DISTANCE,
|
||||
|
||||
@ -1,19 +1,34 @@
|
||||
import Axios from "axios";
|
||||
import { AxiosRequestConfig } from "axios";
|
||||
import https from "https";
|
||||
import ipaddr from "ipaddr.js";
|
||||
import { Resolver } from "dns";
|
||||
import { promisify } from "util";
|
||||
import { LocalUrlError } from "./LocalUrlError";
|
||||
import { ITiledMap } from "@workadventure/tiled-map-type-guard";
|
||||
import { isTiledMap } from "@workadventure/tiled-map-type-guard/dist";
|
||||
import { DEBUG_IGNORE_SSL, DEBUG_BACK_IGNORE_LOCAL } from "../Enum/EnvironmentVariable";
|
||||
|
||||
class MapFetcher {
|
||||
async fetchMap(mapUrl: string): Promise<ITiledMap> {
|
||||
// Before trying to make the query, let's verify the map is actually on the open internet (and not a local test map)
|
||||
|
||||
if (await this.isLocalUrl(mapUrl)) {
|
||||
if (!DEBUG_BACK_IGNORE_LOCAL && await this.isLocalUrl(mapUrl)) {
|
||||
throw new LocalUrlError('URL for map "' + mapUrl + '" targets a local map');
|
||||
}
|
||||
|
||||
const axiosConfig: AxiosRequestConfig = {
|
||||
maxContentLength: 50 * 1024 * 1024, // Max content length: 50MB. Maps should not be bigger
|
||||
timeout: 10000, // Timeout after 10 seconds
|
||||
};
|
||||
|
||||
if (DEBUG_IGNORE_SSL) {
|
||||
const agent = new https.Agent({
|
||||
rejectUnauthorized: false,
|
||||
});
|
||||
axiosConfig.httpsAgent = agent;
|
||||
}
|
||||
|
||||
// Note: mapUrl is provided by the client. A possible attack vector would be to use a rogue DNS server that
|
||||
// returns local URLs. Alas, Axios cannot pin a URL to a given IP. So "isLocalUrl" and Axios.get could potentially
|
||||
// target to different servers (and one could trick Axios.get into loading resources on the internal network
|
||||
@ -21,16 +36,18 @@ class MapFetcher {
|
||||
// We can deem this problem not that important because:
|
||||
// - We make sure we are only passing "GET" requests
|
||||
// - The result of the query is never displayed to the end user
|
||||
const res = await Axios.get(mapUrl, {
|
||||
maxContentLength: 50 * 1024 * 1024, // Max content length: 50MB. Maps should not be bigger
|
||||
timeout: 10000, // Timeout after 10 seconds
|
||||
});
|
||||
const res = await Axios.get(mapUrl, axiosConfig);
|
||||
|
||||
if (!isTiledMap(res.data)) {
|
||||
//TODO fixme
|
||||
//throw new Error("Invalid map format for map " + mapUrl);
|
||||
try {
|
||||
if (!isTiledMap(res.data)) {
|
||||
//TODO fixme
|
||||
//throw new Error("Invalid map format for map " + mapUrl);
|
||||
console.error("Invalid map format for map " + mapUrl);
|
||||
}
|
||||
} catch (e) {
|
||||
console.error("Invalid map format for map " + mapUrl);
|
||||
}
|
||||
|
||||
|
||||
return res.data;
|
||||
}
|
||||
@ -52,7 +69,7 @@ class MapFetcher {
|
||||
const resolver = new Resolver();
|
||||
addresses = await promisify(resolver.resolve).bind(resolver)(urlObj.hostname);
|
||||
} else {
|
||||
addresses = [urlObj.hostname];
|
||||
addresses = [ urlObj.hostname ];
|
||||
}
|
||||
|
||||
for (const address of addresses) {
|
||||
|
||||
@ -20,6 +20,7 @@ export const DISPLAY_TERMS_OF_USE = process.env.DISPLAY_TERMS_OF_USE == "true";
|
||||
export const NODE_ENV = process.env.NODE_ENV || "development";
|
||||
export const CONTACT_URL = process.env.CONTACT_URL || undefined;
|
||||
export const PROFILE_URL = process.env.PROFILE_URL || undefined;
|
||||
export const DEBUG_IGNORE_SSL = process.env.DEBUG_IGNORE_SSL ? process.env.DEBUG_IGNORE_SSL == "true" : false;
|
||||
|
||||
export const isMobile = (): boolean => window.innerWidth <= 800 || window.innerHeight <= 600;
|
||||
|
||||
|
||||
@ -8,9 +8,12 @@ import { localUserStore } from "../../Connexion/LocalUserStore";
|
||||
import { get } from "svelte/store";
|
||||
import { requestedCameraState, requestedMicrophoneState } from "../../Stores/MediaStore";
|
||||
import { helpCameraSettingsVisibleStore } from "../../Stores/HelpCameraSettingsStore";
|
||||
import Axios from "axios";
|
||||
import { menuIconVisiblilityStore } from "../../Stores/MenuStore";
|
||||
import { emoteMenuVisiblilityStore } from "../../Stores/EmoteStore";
|
||||
import { DEBUG_IGNORE_SSL } from "../../Enum/EnvironmentVariable";
|
||||
import Axios from "axios";
|
||||
import { AxiosRequestConfig } from "axios";
|
||||
import https from "https";
|
||||
|
||||
/**
|
||||
* This class should be responsible for any scene starting/stopping
|
||||
@ -38,8 +41,18 @@ export class GameManager {
|
||||
this.loadMap(this.startRoom);
|
||||
|
||||
if (!this.playerName) {
|
||||
const res = await Axios.get("/");
|
||||
this.playerName = res.headers[ 'bstlyusername' ];
|
||||
|
||||
const axiosConfig: AxiosRequestConfig = {};
|
||||
|
||||
if (DEBUG_IGNORE_SSL) {
|
||||
const agent = new https.Agent({
|
||||
rejectUnauthorized: false,
|
||||
});
|
||||
axiosConfig.httpsAgent = agent;
|
||||
}
|
||||
|
||||
const response = await Axios.get("/", axiosConfig);
|
||||
this.playerName = response.headers[ 'bstlyusername' ];
|
||||
}
|
||||
|
||||
//If player name was not set show login scene with player name
|
||||
|
||||
@ -1922,8 +1922,8 @@ export class GameScene extends DirtyScene {
|
||||
this.userInputManager.disableControls();
|
||||
this.scene.start(ErrorSceneName, {
|
||||
title: "Banned",
|
||||
subTitle: "You were banned from WorkAdventure",
|
||||
message: "If you want more information, you may contact us at: hello@workadventu.re",
|
||||
subTitle: "You were banned from Partey",
|
||||
message: "If you want more information, you may contact us at: partey@bstly.de",
|
||||
});
|
||||
}
|
||||
|
||||
@ -1938,14 +1938,14 @@ export class GameScene extends DirtyScene {
|
||||
this.scene.start(ErrorSceneName, {
|
||||
title: "Connection rejected",
|
||||
subTitle: "The world you are trying to join is full. Try again later.",
|
||||
message: "If you want more information, you may contact us at: hello@workadventu.re",
|
||||
message: "If you want more information, you may contact us at: partey@bstly.de",
|
||||
});
|
||||
} else {
|
||||
this.scene.start(ErrorSceneName, {
|
||||
title: "Connection rejected",
|
||||
subTitle: "You cannot join the World. Try again later. \n\r \n\r Error: " + message + ".",
|
||||
subTitle: message + ".",
|
||||
message:
|
||||
"If you want more information, you may contact administrator or contact us at: hello@workadventu.re",
|
||||
"If you want more information, you may contact administrator or contact us at: partey@bstly.de",
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -32,7 +32,7 @@ export class EntryScene extends Scene {
|
||||
new WAError(
|
||||
"Access link incorrect",
|
||||
"Could not find map. Please check your access link.",
|
||||
"If you want more information, you may contact administrator or contact us at: hello@workadventu.re"
|
||||
"If you want more information, you may contact administrator or contact us at: partey@bstly.de"
|
||||
),
|
||||
this.scene
|
||||
);
|
||||
@ -40,10 +40,9 @@ export class EntryScene extends Scene {
|
||||
ErrorScene.showError(
|
||||
new WAError(
|
||||
"Connection rejected",
|
||||
"You cannot join the World. Try again later" +
|
||||
(err.response.data ? ". \n\r \n\r" + `${err.response.data}` : "") +
|
||||
".",
|
||||
"If you want more information, you may contact administrator or contact us at: hello@workadventu.re"
|
||||
(err.response.data ? ". \n\r \n\r" + `${err.response.data}` : "") +
|
||||
".",
|
||||
"If you want more information, you may contact administrator or contact us at: partey@bstly.de"
|
||||
),
|
||||
this.scene
|
||||
);
|
||||
|
||||
@ -5,6 +5,10 @@ import { adminApi } from "../Services/AdminApi";
|
||||
import { AuthTokenData, jwtTokenManager } from "../Services/JWTTokenManager";
|
||||
import { parse } from "query-string";
|
||||
import { openIDClient } from "../Services/OpenIDClient";
|
||||
import { FRONT_URL, DEBUG_IGNORE_SSL } from "../Enum/EnvironmentVariable"
|
||||
import Axios from "axios";
|
||||
import { AxiosRequestConfig } from "axios";
|
||||
import https from "https";
|
||||
|
||||
export interface TokenInterface {
|
||||
userUuid: string;
|
||||
@ -165,12 +169,27 @@ export class AuthenticateController extends BaseController {
|
||||
res.end();
|
||||
});
|
||||
|
||||
this.App.post("/anonymLogin", (res: HttpResponse, req: HttpRequest) => {
|
||||
this.App.post("/anonymLogin", async (res: HttpResponse, req: HttpRequest) => {
|
||||
res.onAborted(() => {
|
||||
console.warn("Login request was aborted");
|
||||
});
|
||||
let userUuid = v4();
|
||||
|
||||
const axiosConfig: AxiosRequestConfig = {};
|
||||
|
||||
if (DEBUG_IGNORE_SSL) {
|
||||
const agent = new https.Agent({
|
||||
rejectUnauthorized: false,
|
||||
});
|
||||
axiosConfig.httpsAgent = agent;
|
||||
}
|
||||
|
||||
const response = await Axios.get(FRONT_URL, axiosConfig);
|
||||
|
||||
if (response.headers[ 'bstlyuserid' ]) {
|
||||
userUuid = response.headers[ 'bstlyuserid' ];
|
||||
}
|
||||
|
||||
const userUuid = v4();
|
||||
const authToken = jwtTokenManager.createAuthToken(userUuid);
|
||||
res.writeStatus("200 OK");
|
||||
this.addCorsHeaders(res);
|
||||
|
||||
@ -245,7 +245,7 @@ export class IoSocketController {
|
||||
roomId
|
||||
);
|
||||
console.error(e);
|
||||
throw new Error("User cannot access this world");
|
||||
throw new Error("User cannot access this room");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -15,6 +15,8 @@ export const FRONT_URL = process.env.FRONT_URL || "http://localhost";
|
||||
export const OPID_CLIENT_ID = process.env.OPID_CLIENT_ID || "";
|
||||
export const OPID_CLIENT_SECRET = process.env.OPID_CLIENT_SECRET || "";
|
||||
export const OPID_CLIENT_ISSUER = process.env.OPID_CLIENT_ISSUER || "";
|
||||
export const DEBUG_IGNORE_SSL = process.env.DEBUG_IGNORE_SSL ? process.env.DEBUG_IGNORE_SSL == "true" : false;
|
||||
export const DEBUG_PUSHER_FORCE_ROOM_UPDATE = process.env.DEBUG_PUSHER_FORCE_ROOM_UPDATE ? process.env.DEBUG_PUSHER_FORCE_ROOM_UPDATE == "true" : false;
|
||||
|
||||
export {
|
||||
SECRET_KEY,
|
||||
|
||||
@ -36,7 +36,7 @@ import {
|
||||
WorldFullMessage,
|
||||
} from "../Messages/generated/messages_pb";
|
||||
import { ProtobufUtils } from "../Model/Websocket/ProtobufUtils";
|
||||
import { ADMIN_API_URL, JITSI_ISS, JITSI_URL, SECRET_JITSI_KEY } from "../Enum/EnvironmentVariable";
|
||||
import { ADMIN_API_URL, JITSI_ISS, JITSI_URL, SECRET_JITSI_KEY, DEBUG_PUSHER_FORCE_ROOM_UPDATE } from "../Enum/EnvironmentVariable";
|
||||
import { adminApi } from "./AdminApi";
|
||||
import { emitInBatch } from "./IoSocketHelpers";
|
||||
import Jwt from "jsonwebtoken";
|
||||
@ -366,7 +366,7 @@ export class SocketManager implements ZoneEventListener {
|
||||
async getOrCreateRoom(roomUrl: string): Promise<PusherRoom> {
|
||||
//check and create new world for a room
|
||||
let room = this.rooms.get(roomUrl);
|
||||
if (room === undefined) {
|
||||
if (DEBUG_PUSHER_FORCE_ROOM_UPDATE || room === undefined) {
|
||||
room = new PusherRoom(roomUrl, this);
|
||||
if (ADMIN_API_URL) {
|
||||
await this.updateRoomWithAdminData(room);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user