diff options
author | Joram Wilander <jwawilander@gmail.com> | 2016-10-31 08:59:23 -0400 |
---|---|---|
committer | Christopher Speller <crspeller@gmail.com> | 2016-10-31 08:59:23 -0400 |
commit | 316b155a42a4d00fb835438ce7e0401a64e59add (patch) | |
tree | 6a64f05e948323ae7595971608d84a4420a08290 /api/websocket_router.go | |
parent | ef363fd88ebb731dbb0470ad7cb5f50de0f3845c (diff) | |
download | chat-316b155a42a4d00fb835438ce7e0401a64e59add.tar.gz chat-316b155a42a4d00fb835438ce7e0401a64e59add.tar.bz2 chat-316b155a42a4d00fb835438ce7e0401a64e59add.zip |
PLT-3562 Switch websocket over to post-connect authentication (#4327)
* Switch websocket over to post-connect authentication
* Add ability to specify token in websocket js driver, add unit tests
* Temporarily disable client websocket tests until issues are resolved
* Minor refactoring and fix status test
* Add isAuthenticated method to WebConn and minor status updates
Diffstat (limited to 'api/websocket_router.go')
-rw-r--r-- | api/websocket_router.go | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/api/websocket_router.go b/api/websocket_router.go index 34b576464..bdbd9f4d9 100644 --- a/api/websocket_router.go +++ b/api/websocket_router.go @@ -37,6 +37,37 @@ func (wr *WebSocketRouter) ServeWebSocket(conn *WebConn, r *model.WebSocketReque return } + if r.Action == model.WEBSOCKET_AUTHENTICATION_CHALLENGE { + token, ok := r.Data["token"].(string) + if !ok { + conn.WebSocket.Close() + return + } + + session := GetSession(token) + + if session == nil || session.IsExpired() { + conn.WebSocket.Close() + } else { + go SetStatusOnline(session.UserId, session.Id, false) + + conn.SessionToken = session.Token + conn.UserId = session.UserId + + resp := model.NewWebSocketResponse(model.STATUS_OK, r.Seq, nil) + resp.DoPreComputeJson() + conn.Send <- resp + } + + return + } + + if conn.SessionToken == "" { + err := model.NewLocAppError("ServeWebSocket", "api.web_socket_router.not_authenticated.app_error", nil, "") + wr.ReturnWebSocketError(conn, r, err) + return + } + var handler *webSocketHandler if h, ok := wr.handlers[r.Action]; !ok { err := model.NewLocAppError("ServeWebSocket", "api.web_socket_router.bad_action.app_error", nil, "") |