diff --git a/backend/lib/socket.js b/backend/lib/socket.js index e7bb235..d576d98 100644 --- a/backend/lib/socket.js +++ b/backend/lib/socket.js @@ -1,5 +1,5 @@ const auth = require("../lib/authorize_socket.js") -const { User, Friend } = require("../models") +const { User, Friend, Session, Theme } = require("../models") module.exports = { init(app, server) { const io = require("socket.io")(server, { @@ -122,6 +122,127 @@ module.exports = { socket.emit("unauthorized", { message: "Please reauth." }) + socket.on("token", async (token) => { + const session = await Session.findOne({ where: { session: token } }) + if (session) { + const user = await User.findOne({ + where: { id: session.userId }, + attributes: { + exclude: ["totp", "password", "emailToken"] + }, + include: [ + { + model: Theme, + as: "themeObject" + } + ] + }) + if (user) { + socket.user = user + socket.join(user.id) + socket.emit("authorized") + socket.join(user.id) + socket.emit("siteState", { + release: process.env.RELEASE, + notification: process.env.NOTIFICATION, + notificationType: process.env.NOTIFICATION_TYPE, + latestVersion: require("../../frontend/package.json").version + }) + const friends = await Friend.findAll({ + where: { + userId: user.id, + status: "accepted" + } + }) + await user.update({ + status: + user.storedStatus === "invisible" + ? "offline" + : user.storedStatus + }) + friends.forEach((friend) => { + io.to(friend.friendId).emit("userStatus", { + userId: user.id, + status: + user.storedStatus === "invisible" + ? "offline" + : user.storedStatus + }) + }) + socket.on("ping", () => { + socket.emit("pong") + }) + socket.on("bcBots/deleteMessage", (e) => { + if (socket.user.bot) { + socket.to(e.userId).emit("deleteMessage", e) + } else { + socket.emit("bcBots/deleteMessage", { + error: "You cannot perform this action." + }) + } + }) + socket.on("idle", async () => { + const user = await User.findOne({ + where: { + id: socket.user.id + } + }) + if (user.storedStatus === "online") { + friends.forEach((friend) => { + io.to(friend.friendId).emit("userStatus", { + userId: user.id, + status: "away" + }) + }) + io.to(user.id).emit("userStatus", { + userId: user.id, + status: "away" + }) + await user.update({ + status: "away" + }) + } + }) + socket.on("online", async () => { + const user = await User.findOne({ + where: { + id: socket.user.id + } + }) + if (user.storedStatus === "online") { + friends.forEach((friend) => { + io.to(friend.friendId).emit("userStatus", { + userId: user.id, + status: "online" + }) + }) + io.to(user.id).emit("userStatus", { + userId: user.id, + status: "online" + }) + await user.update({ + status: "online" + }) + } + }) + socket.on("disconnect", async function () { + const clients = + io.sockets.adapter.rooms.get(user.id) || new Set() + if (!clients.size || clients.size === 0) { + friends.forEach((friend) => { + io.to(friend.friendId).emit("userStatus", { + userId: user.id, + status: "offline" + }) + }) + await user.update({ + status: "offline" + }) + } + }) + } + } + }) console.log("Unauthenticated user") socket.on("reAuth", async () => { socket.disconnect() diff --git a/backend/routes/user.js b/backend/routes/user.js index fb2ff5d..a507216 100644 --- a/backend/routes/user.js +++ b/backend/routes/user.js @@ -201,7 +201,7 @@ router.post("/login", async (req, res, next) => { res.cookie("session", session.session, { maxAge: 1000 * 60 * 60 * 24 * 365, httpOnly: true, - secure: true, + secure: false, sameSite: "strict" }) res.json({ @@ -290,7 +290,7 @@ router.post("/register", limiter, async (req, res, next) => { res.cookie("session", session.session, { maxAge: 1000 * 60 * 60 * 24 * 365, httpOnly: true, - secure: true, + secure: false, sameSite: "strict" }) res.json({ diff --git a/frontend/src/App.vue b/frontend/src/App.vue index ce1cf94..604383c 100644 --- a/frontend/src/App.vue +++ b/frontend/src/App.vue @@ -771,6 +771,9 @@ export default { this.$store.dispatch("getUserInfo") }) this.$socket.connect() + this.$socket.on("unauthorized", () => { + this.$socket.emit("token", localStorage.getItem("session")) + }) document.title = this.$route.name ? this.$route.name + " - " + this.$store.state.site.name : this.$store.state.site.name || "Colubrina" diff --git a/frontend/src/main.js b/frontend/src/main.js index 839f6fe..5ab37ca 100644 --- a/frontend/src/main.js +++ b/frontend/src/main.js @@ -77,12 +77,15 @@ Vue.use(VueNativeNotification, { Vue.use({ install(Vue) { - Vue.prototype.$socket = SocketIO(process.env.VUE_APP_SOCKET_URL, { - transports: ["websocket", "polling"], - headers: { - Authorization: localStorage.getItem("session") + Vue.prototype.$socket = SocketIO( + localStorage.getItem("instance") || process.env.VUE_APP_SOCKET_URL, + { + transports: ["websocket", "polling"], + headers: { + Authorization: localStorage.getItem("session") + } } - }) + ) } }) diff --git a/frontend/src/views/Login.vue b/frontend/src/views/Login.vue index 3dbafce..ecb6cea 100644 --- a/frontend/src/views/Login.vue +++ b/frontend/src/views/Login.vue @@ -167,6 +167,9 @@ export default { } else { this.$router.push("/") } + if (this.isElectron()) { + window.location.reload() + } }) .catch((e) => { if (