[mirotalksfu] - add host.auth_user
هذا الالتزام موجود في:
Miroslav Pejic
@@ -17,7 +17,7 @@ async function getJoin() {
|
||||
},
|
||||
body: JSON.stringify({
|
||||
room: 'test',
|
||||
password: false,
|
||||
roomPassword: false,
|
||||
name: 'mirotalksfu',
|
||||
audio: true,
|
||||
video: true,
|
||||
|
||||
@@ -17,13 +17,13 @@ $headers = [
|
||||
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
|
||||
|
||||
$data = array(
|
||||
"room" => "test",
|
||||
"password" => false,
|
||||
"name" => "mirotalksfu",
|
||||
"audio" => true,
|
||||
"video" => true,
|
||||
"screen" => true,
|
||||
"notify" => true,
|
||||
"room" => "test",
|
||||
"roomPassword" => false,
|
||||
"name" => "mirotalksfu",
|
||||
"audio" => true,
|
||||
"video" => true,
|
||||
"screen" => true,
|
||||
"notify" => true,
|
||||
);
|
||||
$data_string = json_encode($data);
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@ headers = {
|
||||
|
||||
data = {
|
||||
"room": "test",
|
||||
"password": "false",
|
||||
"roomPassword": "false",
|
||||
"name": "mirotalksfu",
|
||||
"audio": "true",
|
||||
"video": "true",
|
||||
|
||||
@@ -7,5 +7,5 @@ MIROTALK_URL="https://sfu.mirotalk.com/api/v1/join"
|
||||
curl $MIROTALK_URL \
|
||||
--header "authorization: $API_KEY_SECRET" \
|
||||
--header "Content-Type: application/json" \
|
||||
--data '{"room":"test","password":"false","name":"mirotalksfu","audio":"true","video":"true","screen":"false","notify":"true"}' \
|
||||
--data '{"room":"test","roomPassword":"false","name":"mirotalksfu","audio":"true","video":"true","screen":"false","notify":"true"}' \
|
||||
--request POST
|
||||
@@ -40,7 +40,7 @@ dependencies: {
|
||||
* @license For commercial or closed source, contact us at license.mirotalk@gmail.com or purchase directly via CodeCanyon
|
||||
* @license CodeCanyon: https://codecanyon.net/item/mirotalk-sfu-webrtc-realtime-video-conferences/40769970
|
||||
* @author Miroslav Pejic - miroslav.pejic.85@gmail.com
|
||||
* @version 1.2.7
|
||||
* @version 1.2.8
|
||||
*
|
||||
*/
|
||||
|
||||
@@ -92,6 +92,7 @@ const host = 'https://' + 'localhost' + ':' + config.server.listen.port; // conf
|
||||
|
||||
const hostCfg = {
|
||||
protected: config.host.protected,
|
||||
user_auth: config.host.user_auth,
|
||||
users: config.host.users,
|
||||
authenticated: !config.host.protected,
|
||||
};
|
||||
@@ -269,13 +270,30 @@ function startServer() {
|
||||
|
||||
// no room name specified to join || direct join
|
||||
app.get('/join/', (req, res) => {
|
||||
if (hostCfg.authenticated && Object.keys(req.query).length > 0) {
|
||||
if (Object.keys(req.query).length > 0) {
|
||||
log.debug('Direct Join', req.query);
|
||||
// http://localhost:3010/join?room=test&password=0&name=mirotalksfu&audio=1&video=1&screen=1¬ify=1
|
||||
const { room, password, name, audio, video, screen, notify, isPresenter } = checkXSS(req.query);
|
||||
// if (room && password && name && audio && video && screen && notify) {
|
||||
if (room) {
|
||||
// http://localhost:3010/join?room=test&roomPassword=0&name=mirotalksfu&audio=1&video=1&screen=0¬ify=1
|
||||
// http://localhost:3010/join?room=test&roomPassword=0&name=mirotalksfu&audio=1&video=1&screen=0¬ify=0&username=username&password=password
|
||||
const { room, roomPassword, name, audio, video, screen, notify, username, password, isPresenter } =
|
||||
checkXSS(req.query);
|
||||
|
||||
const isPeerValid = isAuthPeer(username, password);
|
||||
|
||||
if (hostCfg.protected && isPeerValid && !hostCfg.authenticated) {
|
||||
const ip = getIP(req);
|
||||
hostCfg.authenticated = true;
|
||||
authHost = new Host(ip, true);
|
||||
log.debug('Direct Join user auth as host done', {
|
||||
ip: ip,
|
||||
username: username,
|
||||
password: password,
|
||||
});
|
||||
}
|
||||
|
||||
if (room && (hostCfg.authenticated || isPeerValid)) {
|
||||
return res.sendFile(views.room);
|
||||
} else {
|
||||
return res.sendFile(views.login);
|
||||
}
|
||||
}
|
||||
if (hostCfg.protected) {
|
||||
@@ -323,6 +341,11 @@ function startServer() {
|
||||
res.send(stats);
|
||||
});
|
||||
|
||||
// handle login if user_auth enabled
|
||||
app.get(['/login'], (req, res) => {
|
||||
res.sendFile(views.login);
|
||||
});
|
||||
|
||||
// handle logged on host protected
|
||||
app.get(['/logged'], (req, res) => {
|
||||
const ip = getIP(req);
|
||||
@@ -340,24 +363,26 @@ function startServer() {
|
||||
|
||||
// handle login on host protected
|
||||
app.post(['/login'], (req, res) => {
|
||||
if (hostCfg.protected) {
|
||||
let ip = getIP(req);
|
||||
log.debug(`Request login to host from: ${ip}`, req.body);
|
||||
const { username, password } = checkXSS(req.body);
|
||||
const isValidUser =
|
||||
hostCfg.users && hostCfg.users.some((user) => user.username === username && user.password === password);
|
||||
if (isValidUser) {
|
||||
hostCfg.authenticated = true;
|
||||
authHost = new Host(ip, true);
|
||||
log.debug('LOGIN OK', { ip: ip, authorized: authHost.isAuthorized(ip) });
|
||||
res.status(200).json({ message: 'authorized' });
|
||||
} else {
|
||||
log.debug('LOGIN KO', { ip: ip, authorized: false });
|
||||
hostCfg.authenticated = false;
|
||||
res.status(401).json({ message: 'unauthorized' });
|
||||
}
|
||||
const ip = getIP(req);
|
||||
log.debug(`Request login to host from: ${ip}`, req.body);
|
||||
|
||||
const { username, password } = checkXSS(req.body);
|
||||
|
||||
const isPeerValid = isAuthPeer(username, password);
|
||||
|
||||
if (hostCfg.protected && isPeerValid && !hostCfg.authenticated) {
|
||||
const ip = getIP(req);
|
||||
hostCfg.authenticated = true;
|
||||
authHost = new Host(ip, true);
|
||||
log.debug('HOST LOGIN OK', { ip: ip, authorized: authHost.isAuthorized(ip) });
|
||||
return res.status(200).json({ message: 'authorized' });
|
||||
}
|
||||
|
||||
if (isPeerValid) {
|
||||
log.debug('PEER LOGIN OK', { ip: ip, authorized: true });
|
||||
return res.status(200).json({ message: 'authorized' });
|
||||
} else {
|
||||
res.redirect('/');
|
||||
return res.status(401).json({ message: 'unauthorized' });
|
||||
}
|
||||
});
|
||||
|
||||
@@ -896,6 +921,26 @@ function startServer() {
|
||||
|
||||
log.debug('User joined', data);
|
||||
|
||||
// User Auth required, we check if peer valid
|
||||
if (hostCfg.user_auth) {
|
||||
const peer_username = data.peer_info.peer_username;
|
||||
const peer_password = data.peer_info.peer_password;
|
||||
|
||||
const isPeerValid = isAuthPeer(peer_username, peer_password);
|
||||
|
||||
log.debug('[' + socket.id + '] JOIN ROOM - HOST PROTECTED - USER AUTH check peer', {
|
||||
ip: peer_ip,
|
||||
peer_username: peer_username,
|
||||
peer_password: peer_password,
|
||||
peer_valid: isPeerValid,
|
||||
});
|
||||
|
||||
if (!isPeerValid) {
|
||||
// redirect peer to login page
|
||||
return cb('unauthorized');
|
||||
}
|
||||
}
|
||||
|
||||
const room = roomList.get(socket.room_id);
|
||||
|
||||
room.addPeer(new Peer(socket.id, data));
|
||||
@@ -1348,6 +1393,10 @@ function startServer() {
|
||||
}
|
||||
}
|
||||
|
||||
function isAuthPeer(username, password) {
|
||||
return hostCfg.users && hostCfg.users.some((user) => user.username === username && user.password === password);
|
||||
}
|
||||
|
||||
async function getPeerGeoLocation(ip) {
|
||||
const endpoint = config.IPLookup.getEndpoint(ip);
|
||||
log.debug('Get peer geo', { ip: ip, endpoint: endpoint });
|
||||
|
||||
@@ -25,8 +25,8 @@ module.exports = class ServerApi {
|
||||
this._host +
|
||||
'/join?room=' +
|
||||
data.room +
|
||||
'&password=' +
|
||||
data.password +
|
||||
'&roomPassword=' +
|
||||
data.roomPassword +
|
||||
'&name=' +
|
||||
data.name +
|
||||
'&audio=' +
|
||||
|
||||
@@ -39,10 +39,11 @@ module.exports = {
|
||||
host: {
|
||||
/*
|
||||
Host Protection (default: false)
|
||||
To enhance host security, enable host protection and provide valid
|
||||
To enhance host security, enable host protection - user auth and provide valid
|
||||
usernames and passwords in the users array.
|
||||
*/
|
||||
protected: false,
|
||||
user_auth: false,
|
||||
users: [
|
||||
{
|
||||
username: 'username',
|
||||
|
||||
المرجع في مشكلة جديدة
حظر مستخدم