8000 feat: socketio using authorization headers (backport #24858) by mergify[bot] · Pull Request #24966 · frappe/frappe · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

feat: socketio using authorization headers (backport #24858) #24966

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Feb 20, 2024
Merged

feat: socketio using authorization headers (backport #24858) #24966

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
846e001
feat: socketio using authorization headers
ankush Feb 11, 2024
5b521b9
fix: ignore if no cookies are sent
ankush Feb 12, 2024
2e2aaf4
chore: conflicts
ankush Feb 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 3 additions & 8 deletions realtime/handlers/frappe_handlers.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
const request = require("superagent");
const { get_url } = require("../utils");
const { frappe_request } = require("../utils");
const log = console.log;

const WEBSITE_ROOM = "website";
Expand Down Expand Up @@ -114,11 +113,9 @@ function notify_disconnected_documents(socket) {
function can_subscribe_doctype(args) {
if (!args) return;
if (!args.doctype) return;
request
.get(get_url(args.socket, "/api/method/frappe.realtime.can_subscribe_doctype"))
frappe_request("/api/method/frappe.realtime.can_subscribe_doctype", args.socket)
.type("form")
.query({
sid: args.socket.sid,
doctype: args.doctype,
})
.end(function (err, res) {
Expand Down Expand Up @@ -166,11 +163,9 @@ function notify_subscribed_doc_users(args) {
function can_subscribe_doc(args) {
if (!args) return;
if (!args.doctype || !args.docname) return;
request
.get(get_url(args.socket, "/api/method/frappe.realtime.can_subscribe_doc"))
frappe_request("/api/method/frappe.realtime.can_subscribe_doc", args.socket)
.type("form")
.query({
sid: args.socket.sid,
doctype: args.doctype,
docname: args.docname,
})
Expand Down
21 changes: 13 additions & 8 deletions realtime/middlewares/authenticate.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,23 +23,28 @@ function authenticate_with_frappe(socket, next) {
return;
}

let cookies = cookie.parse(socket.request.headers.cookie);
let cookies = cookie.parse(socket.request.headers.cookie || "");
let authorization_header = socket.request.headers.authorization;

if (!cookies.sid) {
next(new Error("No sid transmitted."));
if (!cookies.sid && !authorization_header) {
next(new Error("No authentication method used. Use cookie or authorization header."));
return;
}

request
.get(get_url(socket, "/api/method/frappe.realtime.get_user_info"))
let auth_req = request.get(get_url(socket, "/api/method/frappe.realtime.get_user_info"));
if (cookies.sid) {
auth_req = auth_req.query({ sid: cookies.sid });
} else {
auth_req = auth_req.set("Authorization", authorization_header);
}

auth_req
.type("form")
.query({
sid: cookies.sid,
})
.then((res) => {
socket.user = res.body.message.user;
socket.user_type = res.body.message.user_type;
socket.sid = cookies.sid;
socket.authorization_header = authorization_header;
next();
})
.catch((e) => {
Expand Down
13 changes: 13 additions & 0 deletions realtime/utils.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,23 @@
const request = require("superagent");

function get_url(socket, path) {
if (!path) {
path = "";
}
return socket.request.headers.origin + path;
}

// Authenticates a partial request created using superagent
function frappe_request(path, socket) {
const partial_req = request.get(get_url(socket, path));
if (socket.sid) {
return partial_req.query({ sid: socket.sid });
} else if (socket.authorization_header) {
return partial_req.set("Authorization", socket.authorization_header);
}
}

module.exports = {
get_url,
frappe_request,
};
0