Merge pull request #10574 from jfsiebel/fix-reconnect-flow

Fix reconnection flow

bigbluebutton-html5/imports/api/users/server/methods.js

@@ -8,7 +8,6 @@ import toggleUserLock from './methods/toggleUserLock';
 import setUserEffectiveConnectionType from './methods/setUserEffectiveConnectionType';
 import userActivitySign from './methods/userActivitySign';
 import userLeftMeeting from './methods/userLeftMeeting';
-import checkSessionToken from './methods/checkSessionToken';
 
 Meteor.methods({
   setEmojiStatus,
@@ -20,5 +19,4 @@ Meteor.methods({
   setUserEffectiveConnectionType,
   userActivitySign,
   userLeftMeeting,
-  checkSessionToken,
 });

bigbluebutton-html5/imports/api/users/server/methods/checkSessionToken.js

@@ -1,28 +0,0 @@
-import Users from '/imports/api/users';
-import Logger from '/imports/startup/server/logger';
-import BannedUsers from '../store/bannedUsers';
-
-export default function checkSessionToken(meetingId, requesterUserId, requesterToken, externalId) {
-  // Check if externalId is banned from the meeting
-  if (externalId) {
-    if (BannedUsers.has(meetingId, externalId)) {
-      Logger.warn(`A banned user with extId ${externalId} tried to enter in meeting ${meetingId}`);
-      return { invalid: true, reason: 'User has been banned' };
-    }
-  }
-
-  // Prevent users who have left or been ejected to use the same sessionToken again.
-  const isUserInvalid = Users.findOne({
-    meetingId,
-    userId: requesterUserId,
-    authToken: requesterToken,
-    $or: [{ ejected: true }, { loggedOut: true }],
-  });
-
-  if (isUserInvalid) {
-    Logger.warn(`An invalid sessionToken tried to validateAuthToken meetingId=${meetingId} authToken=${requesterToken}`);
-    return { invalid: true, reason: 'User has an invalid sessionToken' };
-  }
-
-  return { invalid: false };
-}

bigbluebutton-html5/imports/api/users/server/methods/validateAuthToken.js

@@ -2,12 +2,35 @@ import { Meteor } from 'meteor/meteor';
 import RedisPubSub from '/imports/startup/server/redis';
 import Logger from '/imports/startup/server/logger';
 import pendingAuthenticationsStore from '../store/pendingAuthentications';
+import BannedUsers from '../store/bannedUsers';
+import Users from '/imports/api/users';
 
-export default function validateAuthToken(meetingId, requesterUserId, requesterToken) {
+export default function validateAuthToken(meetingId, requesterUserId, requesterToken, externalId) {
   const REDIS_CONFIG = Meteor.settings.private.redis;
   const CHANNEL = REDIS_CONFIG.channels.toAkkaApps;
   const EVENT_NAME = 'ValidateAuthTokenReqMsg';
 
+  // Check if externalId is banned from the meeting
+  if (externalId) {
+    if (BannedUsers.has(meetingId, externalId)) {
+      Logger.warn(`A banned user with extId ${externalId} tried to enter in meeting ${meetingId}`);
+      return { invalid: true, reason: 'User has been banned' };
+    }
+  }
+
+  // Prevent users who have left or been ejected to use the same sessionToken again.
+  const isUserInvalid = Users.findOne({
+    meetingId,
+    userId: requesterUserId,
+    authToken: requesterToken,
+    $or: [{ ejected: true }, { loggedOut: true }],
+  });
+
+  if (isUserInvalid) {
+    Logger.warn(`An invalid sessionToken tried to validateAuthToken meetingId=${meetingId} authToken=${requesterToken}`);
+    return { invalid: true, reason: 'User has an invalid sessionToken' };
+  }
+
   // Store reference of methodInvocationObject ( to postpone the connection userId definition )
   pendingAuthenticationsStore.add(meetingId, requesterUserId, requesterToken, this);
 

bigbluebutton-html5/imports/ui/services/auth/index.js

@@ -218,7 +218,7 @@ class Auth {
         });
       }, CONNECTION_TIMEOUT);
 
-      const result = await makeCall('checkSessionToken', this.meetingID, this.userID, this.token, this.externUserID);
+      const result = await makeCall('validateAuthToken', this.meetingID, this.userID, this.token, this.externUserID);
 
       if (result && result.invalid) {
         clearTimeout(validationTimeout);