bigbluebutton-Github/bigbluebutton-html5/imports/api/users/server/methods/validateAuthToken.js

39 lines
1.8 KiB
JavaScript
Raw Normal View History

2017-02-07 23:29:27 +08:00
import { Meteor } from 'meteor/meteor';
import RedisPubSub from '/imports/startup/server/redis';
2017-02-07 23:29:27 +08:00
import Logger from '/imports/startup/server/logger';
import upsertValidationState from '/imports/api/auth-token-validation/server/modifiers/upsertValidationState';
import { ValidationStates } from '/imports/api/auth-token-validation';
import pendingAuthenticationsStore from '../store/pendingAuthentications';
import BannedUsers from '../store/bannedUsers';
2017-02-07 23:29:27 +08:00
export default function validateAuthToken(meetingId, requesterUserId, requesterToken, externalId) {
const REDIS_CONFIG = Meteor.settings.private.redis;
2017-10-12 09:02:23 +08:00
const CHANNEL = REDIS_CONFIG.channels.toAkkaApps;
const EVENT_NAME = 'ValidateAuthTokenReqMsg';
2017-02-07 23:29:27 +08:00
2021-01-30 01:27:13 +08:00
Logger.debug('ValidateAuthToken method called', { meetingId, requesterUserId, requesterToken, externalId });
// Check if externalId is banned from the meeting
if (externalId) {
if (BannedUsers.has(meetingId, externalId)) {
Logger.warn(`A banned user with extId ${externalId} tried to enter in meeting ${meetingId}`);
return { invalid: true, reason: 'User has been banned', error_type: 'user_banned' };
}
}
if (!meetingId) return false;
// Store reference of methodInvocationObject ( to postpone the connection userId definition )
pendingAuthenticationsStore.add(meetingId, requesterUserId, requesterToken, this);
upsertValidationState(meetingId, requesterUserId, ValidationStates.VALIDATING, this.connection.id);
2017-06-03 03:25:02 +08:00
const payload = {
2017-10-12 09:02:23 +08:00
userId: requesterUserId,
authToken: requesterToken,
2017-02-07 23:29:27 +08:00
};
Logger.info(`User '${requesterUserId}' is trying to validate auth token for meeting '${meetingId}' from connection '${this.connection.id}'`);
2017-02-07 23:29:27 +08:00
2017-10-12 09:02:23 +08:00
return RedisPubSub.publishUserMessage(CHANNEL, EVENT_NAME, meetingId, requesterUserId, payload);
2017-06-03 03:25:02 +08:00
}