[mirotalksfu] - check if valid token, update dep

2024-04-25 22:06:42 +02:00
--- a/app/src/Peer.js
+++ b/app/src/Peer.js
@@ -246,6 +246,8 @@ module.exports = class Peer {

            const { id, type, kind, rtpParameters, producerPaused } = consumer;

+            this.consumers.set(id, consumer);
+
            if (['simulcast', 'svc'].includes(type)) {
                // simulcast - L1T3/L2T3/L3T3 | svc - L3T3
                const { scalabilityMode } = rtpParameters.encodings[0];
@@ -268,8 +270,6 @@ module.exports = class Peer {
                log.debug('Consumer ----->', { type: type, kind: kind });
            }

-            this.consumers.set(id, consumer);
-
            consumer.on('transportclose', () => {
                log.debug('Consumer "transportclose" event');
                this.removeConsumer(id);
--- a/app/src/Server.js
+++ b/app/src/Server.js
@@ -41,7 +41,7 @@ dependencies: {
 * @license For commercial or closed source, contact us at license.mirotalk@gmail.com or purchase directly via CodeCanyon
 * @license CodeCanyon: https://codecanyon.net/item/mirotalk-sfu-webrtc-realtime-video-conferences/40769970
 * @author  Miroslav Pejic - miroslav.pejic.85@gmail.com
- * @version 1.4.22
+ * @version 1.4.23
 *
 */

@@ -364,6 +364,12 @@ function startServer() {

            if (token) {
                try {
+                    const validToken = await isValidToken(token);
+
+                    if (!validToken) {
+                        return res.status(401).json({ message: 'Invalid Token' });
+                    }
+
                    const { username, password, presenter } = checkXSS(decodeToken(token));
                    peerUsername = username;
                    peerPassword = password;
@@ -915,6 +921,12 @@ function startServer() {
                // Check JWT
                if (peer_token) {
                    try {
+                        const validToken = await isValidToken(peer_token);
+
+                        if (!validToken) {
+                            return cb('unauthorized');
+                        }
+
                        const { username, password, presenter } = checkXSS(decodeToken(peer_token));

                        const isPeerValid = await isAuthPeer(username, password);
@@ -937,7 +949,10 @@ function startServer() {
                            peer_presenter: is_presenter,
                        });
                    } catch (err) {
-                        log.error('[Join] - JWT error', { error: err.message, token: peer_token });
+                        log.error('[Join] - JWT error', {
+                            error: err.message,
+                            token: peer_token,
+                        });
                        return cb('unauthorized');
                    }
                } else {
@@ -1965,6 +1980,20 @@ function startServer() {
        }
    }

+    async function isValidToken(token) {
+        return new Promise((resolve, reject) => {
+            jwt.verify(token, jwtCfg.JWT_KEY, (err, decoded) => {
+                if (err) {
+                    // Token is invalid
+                    resolve(false);
+                } else {
+                    // Token is valid
+                    resolve(true);
+                }
+            });
+        });
+    }
+
    function encodeToken(token) {
        if (!token) return '';