bigbluebutton-Github/bigbluebutton-html5/imports/ui/services/auth/index.js

/* eslint prefer-promise-reject-errors: 0 */
import { Tracker } from 'meteor/tracker';

import Storage from '/imports/ui/services/storage/session';

import Users from '/imports/api/users';
import { makeCall, log } from '/imports/ui/services/api';

const CONNECTION_TIMEOUT = Meteor.settings.public.app.connectionTimeout;

class Auth {
  constructor() {
    this._meetingID = Storage.getItem('meetingID');
    this._userID = Storage.getItem('userID');
    this._authToken = Storage.getItem('authToken');
    this._sessionToken = Storage.getItem('sessionToken');
    this._logoutURL = Storage.getItem('logoutURL');
    this._loggedIn = {
      value: false,
      tracker: new Tracker.Dependency(),
    };
  }

  get meetingID() {
    return this._meetingID;
  }

  set meetingID(meetingID) {
    this._meetingID = meetingID;
    Storage.setItem('meetingID', this._meetingID);
  }

  set sessionToken(sessionToken) {
    this._sessionToken = sessionToken;
    Storage.setItem('sessionToken', this._sessionToken);
  }

  get sessionToken() {
    return this._sessionToken;
  }

  get userID() {
    return this._userID;
  }

  set userID(userID) {
    this._userID = userID;
    Storage.setItem('userID', this._userID);
  }

  get token() {
    return this._authToken;
  }

  set token(authToken) {
    this._authToken = authToken;
    Storage.setItem('authToken', this._authToken);
  }

  set logoutURL(logoutURL) {
    this._logoutURL = logoutURL;
    Storage.setItem('logoutURL', this._logoutURL);
  }

  get logoutURL() {
    return this._logoutURL;
  }

  get loggedIn() {
    this._loggedIn.tracker.depend();
    return this._loggedIn.value;
  }

  set loggedIn(value) {
    this._loggedIn.value = value;
    this._loggedIn.tracker.changed();
  }

  get credentials() {
    return {
      meetingId: this.meetingID,
      requesterUserId: this.userID,
      requesterToken: this.token,
      logoutURL: this.logoutURL,
      sessionToken: this.sessionToken,
    };
  }

  set(meetingId, requesterUserId, requesterToken, logoutURL, sessionToken) {
    this.meetingID = meetingId;
    this.userID = requesterUserId;
    this.token = requesterToken;
    this.logoutURL = logoutURL;
    this.sessionToken = sessionToken;
  }

  clearCredentials(...args) {
    this.meetingID = null;
    this.userID = null;
    this.token = null;
    this.loggedIn = false;
    this.logoutURL = null;
    this.sessionToken = null;

    return Promise.resolve(...args);
  }

  logout() {
    if (!this.loggedIn) {
      return Promise.resolve();
    }

    return new Promise((resolve) => {
      resolve(this._logoutURL);
    });
  }

  authenticate(force) {
    if (this.loggedIn && !force) return Promise.resolve();

    if (!(this.meetingID && this.userID && this.token)) {
      return Promise.reject({
        error: 401,
        description: 'Authentication failed due to missing credentials.',
      });
    }

    return this.validateAuthToken();
  }

  validateAuthToken() {
    return new Promise((resolve, reject) => {
      let computation = null;

      const validationTimeout = setTimeout(() => {
        computation.stop();
        reject({
          error: 401,
          description: 'Authentication timeout.',
        });
      }, CONNECTION_TIMEOUT);

      Tracker.autorun((c) => {
        computation = c;
        const subscription = Meteor.subscribe('current-user', this.credentials);

        if (!subscription.ready()) return;

        const selector = { meetingId: this.meetingID, userId: this.userID };
        const User = Users.findOne(selector);

        // Skip in case the user is not in the collection yet or is a dummy user
        if (!User || !('intId' in User)) return;

        if (User.validated === true) {
          computation.stop();
          clearTimeout(validationTimeout);

          if (User.ejected) {
            this.loggedIn = false;

            return reject({
              error: 401,
              description: 'User has been ejected.',
            });
          }

          this.loggedIn = true;
          resolve();
        }
      });

      makeCall('validateAuthToken');
    });
  }
}

const AuthSingleton = new Auth();
export default AuthSingleton;
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`/* eslint prefer-promise-reject-errors: 0 */`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`import { Tracker } from 'meteor/tracker';`

Add unread messages service 2016-07-07 20:50:32 +08:00			`import Storage from '/imports/ui/services/storage/session';`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00
Removing unnecessary 2x from the collections, publishers, subscriptions and logs 2017-10-13 03:07:02 +08:00			`import Users from '/imports/api/users';`
Refactor logger from client to server 2017-10-24 20:58:46 +08:00			`import { makeCall, log } from '/imports/ui/services/api';`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Fix client reconnection timeout 2017-05-05 22:30:15 +08:00			`const CONNECTION_TIMEOUT = Meteor.settings.public.app.connectionTimeout;`

Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`class Auth {`
			`constructor() {`
			`this._meetingID = Storage.getItem('meetingID');`
			`this._userID = Storage.getItem('userID');`
			`this._authToken = Storage.getItem('authToken');`
Dynamic fetching the stun/turn servers 2017-07-19 20:44:47 +08:00			`this._sessionToken = Storage.getItem('sessionToken');`
Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`this._logoutURL = Storage.getItem('logoutURL');`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`this._loggedIn = {`
			`value: false,`
Linter auto fix 2017-06-03 03:25:02 +08:00			`tracker: new Tracker.Dependency(),`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`};`
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`get meetingID() {`
			`return this._meetingID;`
			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`set meetingID(meetingID) {`
			`this._meetingID = meetingID;`
			`Storage.setItem('meetingID', this._meetingID);`
			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Dynamic fetching the stun/turn servers 2017-07-19 20:44:47 +08:00			`set sessionToken(sessionToken) {`
			`this._sessionToken = sessionToken;`
			`Storage.setItem('sessionToken', this._sessionToken);`
			`}`

			`get sessionToken() {`
			`return this._sessionToken;`
			`}`

Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`get userID() {`
			`return this._userID;`
			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`set userID(userID) {`
			`this._userID = userID;`
			`Storage.setItem('userID', this._userID);`
			`}`
fixes html5 clinet logout and nav-bar 2016-06-18 06:15:11 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`get token() {`
			`return this._authToken;`
fixes html5 clinet logout and nav-bar 2016-06-25 07:09:32 +08:00			`}`
fixes html5 clinet logout and nav-bar 2016-06-18 06:15:11 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`set token(authToken) {`
			`this._authToken = authToken;`
			`Storage.setItem('authToken', this._authToken);`
			`}`

Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`set logoutURL(logoutURL) {`
			`this._logoutURL = logoutURL;`
			`Storage.setItem('logoutURL', this._logoutURL);`
			`}`

			`get logoutURL() {`
			`return this._logoutURL;`
			`}`

Refactor the i18n server code 2017-03-10 03:50:21 +08:00			`get loggedIn() {`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`this._loggedIn.tracker.depend();`
			`return this._loggedIn.value;`
Refactor the i18n server code 2017-03-10 03:50:21 +08:00			`}`

Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`set loggedIn(value) {`
			`this._loggedIn.value = value;`
			`this._loggedIn.tracker.changed();`
			`}`

Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`get credentials() {`
			`return {`
			`meetingId: this.meetingID,`
			`requesterUserId: this.userID,`
			`requesterToken: this.token,`
Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`logoutURL: this.logoutURL,`
Dynamic fetching the stun/turn servers 2017-07-19 20:44:47 +08:00			`sessionToken: this.sessionToken,`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`};`
			`}`

Dynamic fetching the stun/turn servers 2017-07-19 20:44:47 +08:00			`set(meetingId, requesterUserId, requesterToken, logoutURL, sessionToken) {`
Fix the double auth problem 2017-04-27 03:56:29 +08:00			`this.meetingID = meetingId;`
			`this.userID = requesterUserId;`
			`this.token = requesterToken;`
Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`this.logoutURL = logoutURL;`
Dynamic fetching the stun/turn servers 2017-07-19 20:44:47 +08:00			`this.sessionToken = sessionToken;`
Fix the double auth problem 2017-04-27 03:56:29 +08:00			`}`

Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`clearCredentials(...args) {`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`this.meetingID = null;`
			`this.userID = null;`
			`this.token = null;`
			`this.loggedIn = false;`
Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`this.logoutURL = null;`
Dynamic fetching the stun/turn servers 2017-07-19 20:44:47 +08:00			`this.sessionToken = null;`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00
Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`return Promise.resolve(...args);`
Linter auto fix 2017-06-03 03:25:02 +08:00			`}`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00
			`logout() {`
			`if (!this.loggedIn) {`
			`return Promise.resolve();`
			`}`

Fix the html5 2.0 user logout 2017-07-15 00:59:02 +08:00			`return new Promise((resolve) => {`
fix error in logoutURL 2017-12-14 02:59:24 +08:00			`resolve(this._logoutURL);`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`});`
Linter auto fix 2017-06-03 03:25:02 +08:00			`}`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00
Fix the double auth problem 2017-04-27 03:56:29 +08:00			`authenticate(force) {`
			`if (this.loggedIn && !force) return Promise.resolve();`
Fix unauthorized on slow connection 2017-04-18 01:14:31 +08:00
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`if (!(this.meetingID && this.userID && this.token)) {`
			`return Promise.reject({`
			`error: 401,`
			`description: 'Authentication failed due to missing credentials.',`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`});`
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`}`

			`return this.validateAuthToken();`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`}`

Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`validateAuthToken() {`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`return new Promise((resolve, reject) => {`
Fix bug when users re-validate after refresh 2017-12-19 20:19:47 +08:00			`let computation = null;`

Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`const validationTimeout = setTimeout(() => {`
Fix bug when users re-validate after refresh 2017-12-19 20:19:47 +08:00			`computation.stop();`
Fix unauthorized on slow connection 2017-04-18 01:14:31 +08:00			`reject({`
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`error: 401,`
Fix unauthorized on slow connection 2017-04-18 01:14:31 +08:00			`description: 'Authentication timeout.',`
			`});`
Fix client reconnection timeout 2017-05-05 22:30:15 +08:00			`}, CONNECTION_TIMEOUT);`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00
			`Tracker.autorun((c) => {`
Fix bug when users re-validate after refresh 2017-12-19 20:19:47 +08:00			`computation = c;`
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`const subscription = Meteor.subscribe('current-user', this.credentials);`
Fix bug when users re-validate after refresh 2017-12-19 20:19:47 +08:00
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`if (!subscription.ready()) return;`

Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`const selector = { meetingId: this.meetingID, userId: this.userID };`
Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`const User = Users.findOne(selector);`

			`// Skip in case the user is not in the collection yet or is a dummy user`
			`if (!User \|\| !('intId' in User)) return;`

			`if (User.validated === true) {`
clean up code 2018-01-30 03:07:02 +08:00			`computation.stop();`
			`clearTimeout(validationTimeout);`

check if user was ejected 2018-01-30 02:17:52 +08:00			`if (User.ejected) {`
			`this.loggedIn = false;`

			`return reject({`
			`error: 401,`
			`description: 'User has been ejected.',`
			`});`
			`}`

Simplify auth code and remove clearCredentials on errors. Fix #4812 2017-12-14 01:40:46 +08:00			`this.loggedIn = true;`
			`resolve();`
			`}`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`});`

Removing unnecessary 2x from the collections, publishers, subscriptions and logs 2017-10-13 03:07:02 +08:00			`makeCall('validateAuthToken');`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`});`
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`}`
Linter auto fix 2017-06-03 03:25:02 +08:00			`}`
fixes html5 clinet logout and nav-bar 2016-06-29 02:50:44 +08:00
Linter auto fix 2017-06-03 03:25:02 +08:00			`const AuthSingleton = new Auth();`
Fix client lint issues except those which are comment related 2017-05-16 23:37:17 +08:00			`export default AuthSingleton;`