[mirotalksfu] - improve host protection

app/src/Host.js

@@ -12,4 +12,7 @@ module.exports = class Host {
     isAuthorized(ip) {
         return this.auth.has(ip);
     }
+    deleteIP(ip) {
+        return this.auth.delete(ip);
+    }
 };

app/src/Server.js

@@ -600,6 +600,8 @@ io.on('connection', (socket) => {
         }
 
         roomList.get(socket.room_id).broadCast(socket.id, 'removeMe', removeMeData());
+
+        removeIP(socket);
     });
 
     socket.on('exitRoom', async (_, callback) => {
@@ -622,6 +624,8 @@ io.on('connection', (socket) => {
 
         socket.room_id = null;
 
+        removeIP(socket);
+
         callback('Successfully exited room');
     });
 
@@ -661,3 +665,13 @@ function getIP(req) {
 function allowedIP(ip) {
     return authHost != null && authHost.isAuthorized(ip);
 }
+function removeIP(socket) {
+    if (hostCfg.protected == true) {
+        let ip = socket.handshake.address;
+        if (ip && allowedIP(ip)) {
+            authHost.deleteIP(ip);
+            hostCfg.authenticated = false;
+            log.debug('Remove IP from auth', { ip: ip });
+        }
+    }
+}