bigbluebutton-Github/bigbluebutton-html5/imports/ui/services/auth/index.js


import { Tracker } from 'meteor/tracker';

import Storage from '/imports/ui/services/storage/session';

import Users from '/imports/api/1.1/users';
import { makeCall, logClient } from '/imports/ui/services/api';

const CONNECTION_TIMEOUT = Meteor.settings.public.app.connectionTimeout;

class Auth {
  constructor() {
    this._meetingID = Storage.getItem('meetingID');
    this._userID = Storage.getItem('userID');
    this._authToken = Storage.getItem('authToken');
    this._loggedIn = {
      value: false,
      tracker: new Tracker.Dependency(),
    };
  }

  get meetingID() {
    return this._meetingID;
  }

  set meetingID(meetingID) {
    this._meetingID = meetingID;
    Storage.setItem('meetingID', this._meetingID);
  }

  get userID() {
    return this._userID;
  }

  set userID(userID) {
    this._userID = userID;
    Storage.setItem('userID', this._userID);
  }

  get token() {
    return this._authToken;
  }

  set token(authToken) {
    this._authToken = authToken;
    Storage.setItem('authToken', this._authToken);
  }

  get loggedIn() {
    this._loggedIn.tracker.depend();
    return this._loggedIn.value;
  }

  set loggedIn(value) {
    this._loggedIn.value = value;
    this._loggedIn.tracker.changed();
  }

  get credentials() {
    return {
      meetingId: this.meetingID,
      requesterUserId: this.userID,
      requesterToken: this.token,
    };
  }

  set(meetingId, requesterUserId, requesterToken) {
    this.meetingID = meetingId;
    this.userID = requesterUserId;
    this.token = requesterToken;
  }

  set credentials(value) {
    throw 'Credentials are read-only';
  }

  clearCredentials() {
    this.meetingID = null;
    this.userID = null;
    this.token = null;
    this.loggedIn = false;

    return Promise.resolve(...arguments);
  }

  logout() {
    if (!this.loggedIn) {
      return Promise.resolve();
    }

    return new Promise((resolve, reject) => {
      const credentialsSnapshot = {
        meetingId: this.meetingID,
        requesterUserId: this.userID,
        requesterToken: this.token,
      };

      // make sure users who did not connect are not added to the meeting
      // do **not** use the custom call - it relies on expired data
      Meteor.call('userLogout', credentialsSnapshot, (error, result) => {
        if (error) {
          logClient('error', { error, method: 'userLogout', credentialsSnapshot });
        } else {
          this.fetchLogoutUrl()
          .then(this.clearCredentials)
          .then(resolve);
        }
      });
    });
  }

  authenticate(force) {
    if (this.loggedIn && !force) return Promise.resolve();

    return this._subscribeToCurrentUser()
      .then(this._addObserverToValidatedField.bind(this));
  }

  _subscribeToCurrentUser() {
    const credentials = this.credentials;

    return new Promise((resolve, reject) => {
      Tracker.autorun((c) => {
        if (!(credentials.meetingId && credentials.requesterToken && credentials.requesterUserId)) {
          return reject({
            error: 500,
            description: 'Authentication subscription failed due to missing credentials.',
          });
        }

        setTimeout(() => {
          c.stop();
          reject({
            error: 500,
            description: 'Authentication subscription timeout.',
          });
        }, 5000);

        const subscription = Meteor.subscribe('current-user', credentials);
        if (!subscription.ready()) return;

        resolve(c);
      });
    });
  }

  _addObserverToValidatedField(prevComp) {
    return new Promise((resolve, reject) => {
      const validationTimeout = setTimeout(() => {
        clearTimeout(validationTimeout);
        prevComp.stop();
        this.clearCredentials();
        reject({
          error: 500,
          description: 'Authentication timeout.',
        });
      }, CONNECTION_TIMEOUT);

      const didValidate = () => {
        this.loggedIn = true;
        clearTimeout(validationTimeout);
        prevComp.stop();
        resolve();
      };

      Tracker.autorun((c) => {
        const selector = { meetingId: this.meetingID, userId: this.userID };
        const query = Users.find(selector);

        const handle = query.observeChanges({
          changed: (id, fields) => {
            if (fields.validated === true) {
              c.stop();
              didValidate();
            }

            if (fields.validated === false) {
              c.stop();
              this.clearCredentials();
              reject({
                error: 401,
                description: 'Authentication failed.',
              });
            }
          },
        });
      });

      makeCall('validateAuthToken');
    });
  }

  fetchLogoutUrl() {
    const url = '/bigbluebutton/api/enter';

    return fetch(url)
      .then(response => response.json())
      .then(data => Promise.resolve(data.response.logoutURL));
  }
}

const AuthSingleton = new Auth();
export default AuthSingleton;
Remade with @gcampes changes 2017-04-25 04:18:07 +08:00
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`import { Tracker } from 'meteor/tracker';`

Add unread messages service 2016-07-07 20:50:32 +08:00			`import Storage from '/imports/ui/services/storage/session';`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00
Move api to api/1.1 2017-06-19 19:57:32 +08:00			`import Users from '/imports/api/1.1/users';`
switch console logs for logClient 2017-05-12 20:24:06 +08:00			`import { makeCall, logClient } from '/imports/ui/services/api';`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Fix client reconnection timeout 2017-05-05 22:30:15 +08:00			`const CONNECTION_TIMEOUT = Meteor.settings.public.app.connectionTimeout;`

Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`class Auth {`
			`constructor() {`
			`this._meetingID = Storage.getItem('meetingID');`
			`this._userID = Storage.getItem('userID');`
			`this._authToken = Storage.getItem('authToken');`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`this._loggedIn = {`
			`value: false,`
Linter auto fix 2017-06-03 03:25:02 +08:00			`tracker: new Tracker.Dependency(),`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`};`
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`get meetingID() {`
			`return this._meetingID;`
			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`set meetingID(meetingID) {`
			`this._meetingID = meetingID;`
			`Storage.setItem('meetingID', this._meetingID);`
			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`get userID() {`
			`return this._userID;`
			`}`
Move session/auth logic to separated services 2016-06-02 21:46:35 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`set userID(userID) {`
			`this._userID = userID;`
			`Storage.setItem('userID', this._userID);`
			`}`
fixes html5 clinet logout and nav-bar 2016-06-18 06:15:11 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`get token() {`
			`return this._authToken;`
fixes html5 clinet logout and nav-bar 2016-06-25 07:09:32 +08:00			`}`
fixes html5 clinet logout and nav-bar 2016-06-18 06:15:11 +08:00
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`set token(authToken) {`
			`this._authToken = authToken;`
			`Storage.setItem('authToken', this._authToken);`
			`}`

Refactor the i18n server code 2017-03-10 03:50:21 +08:00			`get loggedIn() {`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`this._loggedIn.tracker.depend();`
			`return this._loggedIn.value;`
Refactor the i18n server code 2017-03-10 03:50:21 +08:00			`}`

Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`set loggedIn(value) {`
			`this._loggedIn.value = value;`
			`this._loggedIn.tracker.changed();`
			`}`

Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`get credentials() {`
			`return {`
			`meetingId: this.meetingID,`
			`requesterUserId: this.userID,`
			`requesterToken: this.token,`
			`};`
			`}`

Fix the double auth problem 2017-04-27 03:56:29 +08:00			`set(meetingId, requesterUserId, requesterToken) {`
			`this.meetingID = meetingId;`
			`this.userID = requesterUserId;`
			`this.token = requesterToken;`
			`}`

Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`set credentials(value) {`
			`throw 'Credentials are read-only';`
			`}`

			`clearCredentials() {`
			`this.meetingID = null;`
			`this.userID = null;`
			`this.token = null;`
			`this.loggedIn = false;`

			`return Promise.resolve(...arguments);`
Linter auto fix 2017-06-03 03:25:02 +08:00			`}`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00
			`logout() {`
			`if (!this.loggedIn) {`
			`return Promise.resolve();`
			`}`

			`return new Promise((resolve, reject) => {`
do not allow meteor calls if credentials are null 2017-05-12 03:18:34 +08:00			`const credentialsSnapshot = {`
			`meetingId: this.meetingID,`
			`requesterUserId: this.userID,`
			`requesterToken: this.token,`
			`};`

			`// make sure users who did not connect are not added to the meeting`
			`// do not use the custom call - it relies on expired data`
			`Meteor.call('userLogout', credentialsSnapshot, (error, result) => {`
			`if (error) {`
switch console logs for logClient 2017-05-12 20:24:06 +08:00			`logClient('error', { error, method: 'userLogout', credentialsSnapshot });`
do not allow meteor calls if credentials are null 2017-05-12 03:18:34 +08:00			`} else {`
			`this.fetchLogoutUrl()`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`.then(this.clearCredentials)`
			`.then(resolve);`
do not allow meteor calls if credentials are null 2017-05-12 03:18:34 +08:00			`}`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`});`
			`});`
Linter auto fix 2017-06-03 03:25:02 +08:00			`}`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00
Fix the double auth problem 2017-04-27 03:56:29 +08:00			`authenticate(force) {`
			`if (this.loggedIn && !force) return Promise.resolve();`
Fix unauthorized on slow connection 2017-04-18 01:14:31 +08:00
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`return this._subscribeToCurrentUser()`
			`.then(this._addObserverToValidatedField.bind(this));`
			`}`

			`_subscribeToCurrentUser() {`
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`const credentials = this.credentials;`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00
			`return new Promise((resolve, reject) => {`
			`Tracker.autorun((c) => {`
do not allow meteor calls if credentials are null 2017-05-12 03:18:34 +08:00			`if (!(credentials.meetingId && credentials.requesterToken && credentials.requesterUserId)) {`
minor improve syntax based on review comment 2017-05-17 23:24:12 +08:00			`return reject({`
do not allow meteor calls if credentials are null 2017-05-12 03:18:34 +08:00			`error: 500,`
			`description: 'Authentication subscription failed due to missing credentials.',`
			`});`
			`}`

Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`setTimeout(() => {`
			`c.stop();`
Fix unauthorized on slow connection 2017-04-18 01:14:31 +08:00			`reject({`
			`error: 500,`
			`description: 'Authentication subscription timeout.',`
			`});`
			`}, 5000);`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00
			`const subscription = Meteor.subscribe('current-user', credentials);`
			`if (!subscription.ready()) return;`

			`resolve(c);`
			`});`
			`});`
			`}`

			`_addObserverToValidatedField(prevComp) {`
			`return new Promise((resolve, reject) => {`
			`const validationTimeout = setTimeout(() => {`
Fix unauthorized on slow connection 2017-04-18 01:14:31 +08:00			`clearTimeout(validationTimeout);`
			`prevComp.stop();`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`this.clearCredentials();`
Fix unauthorized on slow connection 2017-04-18 01:14:31 +08:00			`reject({`
			`error: 500,`
			`description: 'Authentication timeout.',`
			`});`
Fix client reconnection timeout 2017-05-05 22:30:15 +08:00			`}, CONNECTION_TIMEOUT);`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00
			`const didValidate = () => {`
			`this.loggedIn = true;`
			`clearTimeout(validationTimeout);`
			`prevComp.stop();`
			`resolve();`
			`};`

			`Tracker.autorun((c) => {`
			`const selector = { meetingId: this.meetingID, userId: this.userID };`
			`const query = Users.find(selector);`

			`const handle = query.observeChanges({`
			`changed: (id, fields) => {`
			`if (fields.validated === true) {`
			`c.stop();`
			`didValidate();`
			`}`

			`if (fields.validated === false) {`
			`c.stop();`
			`this.clearCredentials();`
Fix unauthorized on slow connection 2017-04-18 01:14:31 +08:00			`reject({`
			`error: 401,`
			`description: 'Authentication failed.',`
			`});`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`}`
			`},`
			`});`
			`});`

Fix a few review comments 2017-06-02 04:40:55 +08:00			`makeCall('validateAuthToken');`
Refactor Authentication flow 2017-03-11 02:33:46 +08:00			`});`
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`}`

Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`fetchLogoutUrl() {`
Linter auto fix 2017-06-03 03:25:02 +08:00			`const url = '/bigbluebutton/api/enter';`
fixes html5 clinet logout and nav-bar 2016-06-18 06:15:11 +08:00
Refactor Auth logout and credentials getter 2017-03-17 22:23:00 +08:00			`return fetch(url)`
			`.then(response => response.json())`
			`.then(data => Promise.resolve(data.response.logoutURL));`
Change Auth service to be a singleton class 2016-07-11 21:45:24 +08:00			`}`
Linter auto fix 2017-06-03 03:25:02 +08:00			`}`
fixes html5 clinet logout and nav-bar 2016-06-29 02:50:44 +08:00
Linter auto fix 2017-06-03 03:25:02 +08:00			`const AuthSingleton = new Auth();`
Fix client lint issues except those which are comment related 2017-05-16 23:37:17 +08:00			`export default AuthSingleton;`