From 11790210a202e4e238df9e0cbf0a73a0cdf314d9 Mon Sep 17 00:00:00 2001
From: Miroslav Pejic <miroslav.pejic.85@gmail.com>
Date: Thu, 10 Feb 2022 08:30:06 +0100
Subject: [PATCH] [mirotalksfu] - improve host protection

---
 app/src/Host.js   |  3 +++
 app/src/Server.js | 14 ++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/app/src/Host.js b/app/src/Host.js
index d4b52b29..c4d9fd71 100644
--- a/app/src/Host.js
+++ b/app/src/Host.js
@@ -12,4 +12,7 @@ module.exports = class Host {
     isAuthorized(ip) {
         return this.auth.has(ip);
     }
+    deleteIP(ip) {
+        return this.auth.delete(ip);
+    }
 };
diff --git a/app/src/Server.js b/app/src/Server.js
index 259afd9c..8659c42e 100644
--- a/app/src/Server.js
+++ b/app/src/Server.js
@@ -600,6 +600,8 @@ io.on('connection', (socket) => {
         }
 
         roomList.get(socket.room_id).broadCast(socket.id, 'removeMe', removeMeData());
+
+        removeIP(socket);
     });
 
     socket.on('exitRoom', async (_, callback) => {
@@ -622,6 +624,8 @@ io.on('connection', (socket) => {
 
         socket.room_id = null;
 
+        removeIP(socket);
+
         callback('Successfully exited room');
     });
 
@@ -661,3 +665,13 @@ function getIP(req) {
 function allowedIP(ip) {
     return authHost != null && authHost.isAuthorized(ip);
 }
+function removeIP(socket) {
+    if (hostCfg.protected == true) {
+        let ip = socket.handshake.address;
+        if (ip && allowedIP(ip)) {
+            authHost.deleteIP(ip);
+            hostCfg.authenticated = false;
+            log.debug('Remove IP from auth', { ip: ip });
+        }
+    }
+}