cordis/server/server-controller.ts
2021-10-30 12:26:41 -05:00

849 lines
35 KiB
TypeScript

import * as crypto from 'crypto';
import * as moment from 'moment';
import sizeOf from 'image-size';
import * as FileType from 'file-type';
import * as sharp from 'sharp';
import * as socketio from 'socket.io';
import Logger from '../logger/logger';
import DB from './db';
const LOG = new Logger('db');
const MAX_TEXT_MESSAGE_LENGTH = 1024 * 2; // 2 KB character message max
const MAX_RESOURCE_SIZE = 1024 * 1024 * 50; // 50 MB max resource size
const MAX_AVATAR_SIZE = 1024 * 128; // 128 KB max avatar size
const MAX_DISPLAY_NAME_LENGTH = 32; // 32 char max display name length
const MAX_CHANNEL_NAME_LENGTH = 32; // 32 char max channel name length
const MAX_CHANNEL_FLAVOR_TEXT_LENGTH = 256; // 256 char max channel flavor text length
const MAX_ICON_SIZE = 1024 * 128; // 128 KB max server icon size
const MAX_SERVER_NAME_LENGTH = 64; // 64 char max server name length
interface IIdentity {
serverId: string | null;
memberId: string | null;
verified: boolean;
publicKey: crypto.KeyObject | null;
challenge: Buffer | null
}
interface IChecks {
verified?: boolean;
privileges?: string[];
}
function formatDate(date: Date): string {
return moment(date).format('YYYY-MM-DD HH:mm:ss');
}
let connected: IIdentity[] = [];
class EventError extends Error {
public cause: Error | undefined;
public extended_message: string | undefined;
constructor(message: string, cause?: Error, extended_message?: string) {
super(message);
this.name = 'EventError';
this.cause = cause;
this.extended_message = extended_message;
}
}
class SignatureError extends Error {
constructor(message: string) {
super(message);
this.name = 'SignatureError';
}
}
function bindEvent(
client: socketio.Socket,
identity: IIdentity | null,
checks: IChecks | null,
name: string,
signature: string[],
handler: ((...args: any[]) => Promise<void>)
) {
client.on(name, async (...args) => {
let respond = (_result: string) => {};
try {
if (signature.length != args.length) {
throw new SignatureError('invalid length');
}
for (let i = 0; i < signature.length; ++i) {
if (signature[i] == 'buffer') {
if (!Buffer.isBuffer(args[i])) {
throw new SignatureError('invalid types');
}
} else {
if (typeof args[i] !== signature[i]) {
throw new SignatureError('invalid types');
}
}
}
if (signature[signature.length - 1] === 'function') {
respond = args[args.length - 1];
}
if (checks && checks.verified && (!identity || !identity.verified)) {
throw new EventError('not verified');
}
if (checks && checks.privileges) {
for (let privilege of checks.privileges) {
if (!identity || !identity.serverId || !identity.memberId) {
throw new EventError('not authorized');
}
let hasPrivilege: boolean;
try {
hasPrivilege = await DB.hasPrivilege(identity.serverId, identity.memberId, privilege);
} catch (e) {
throw new EventError('not authorized', e, 'unable to check privilege');
}
if (!hasPrivilege) {
throw new EventError('not authorized');
}
}
}
//LOG.debug(`c#${client.id}: ${name}`);
try {
await handler(...args);
} catch (e) {
if (e instanceof EventError) {
throw e;
} else {
throw new EventError(`unable to handle ${name} request`, e);
}
}
} catch (e) {
if (e instanceof SignatureError) {
LOG.warn(`c#${client.id}: ${name} request does not match expected signature`, { signature, args });
// do not respond to requests with invalid signatures
} else if (e instanceof EventError) {
LOG.warn(`c#${client.id}: ${e.message}${e.extended_message ? ' / ' + e.extended_message : ''}`, e.cause);
respond(e.message);
} else {
LOG.error('caught unhandled error', e);
}
}
})
}
function bindRegistrationEvents(io: socketio.Server, client: socketio.Socket): void { // non-identity events
/*
* Register for a server with a token
* @param token The token sent in the .cordis file
* @param publicKeyBuff The client's public key
* @param displayName The client's display name
* @param avatarBuff The client's avatar image
* @param respond function(errStr, member) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.member The member created by the registration
*/
bindEvent(
client, null, null,
'register-with-token', [ 'string', 'buffer', 'string', 'buffer', 'function' ],
async (token, publicKeyBuff, displayName, avatarBuff, respond) => {
if (displayName.length > MAX_DISPLAY_NAME_LENGTH || displayName.length == 0) {
throw new EventError('invalid display name');
}
if (avatarBuff.length > MAX_AVATAR_SIZE) {
throw new EventError('invalid avatar');
}
let typeResult = await FileType.fromBuffer(avatarBuff);
if (!typeResult || ['image/png', 'image/jpeg', 'image/jpg'].indexOf(typeResult.mime) == -1) {
throw new EventError('invalid avatar mime type');
}
if (!(await DB.isTokenReal(token))) {
throw new EventError('not a real token');
}
if (await DB.isTokenTaken(token)) {
throw new EventError('token already used');
}
if (!(await DB.isTokenActive(token))) {
throw new EventError('token expired');
}
const { serverId, memberId } = await DB.registerWithToken(token, publicKeyBuff, displayName, avatarBuff);
const member = await DB.getMember(serverId, memberId);
LOG.info(`c#${client.id}: registered with t#${token} as u#${member.id} / ${member.display_name}`);
respond(null, member);
io.to(serverId).emit('new-member', member);
}
);
}
function bindChallengeVerificationEvents(io: socketio.Server, client: socketio.Socket, identity: IIdentity): void {
identity.memberId = null;
identity.serverId = null;
identity.publicKey = null;
identity.challenge = null;
identity.verified = false;
/*
* Request a challenge for login
* @param publicKeyBuff The public key encoded with der/spki
* @param respond function(err, challenge) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.algo Signature algorithm to use
* @param respond.type Signature response type to use
* @param respond.challenge Challenge buffer to sign generated by crypto.randomBytes
*/
bindEvent(
client, null, null,
'challenge', [ 'buffer', 'function' ],
async (publicKeyBuff, respond) => {
identity.verified = false;
identity.memberId = null;
identity.serverId = null;
identity.publicKey = crypto.createPublicKey({ key: publicKeyBuff, format: 'der', type: 'spki' });
try {
let memberInfo = await DB.getMemberInfo(identity.publicKey);
identity.memberId = memberInfo.member_id;
identity.serverId = memberInfo.server_id;
} catch (e) {
// unable to find a member with the specified public key
throw new EventError('unauthorized public key', e);
}
LOG.debug(`c#${client.id}: challenging for u#${identity.memberId}`);
if (connected.find(i => i.memberId == identity.memberId && i.verified)) {
throw new EventError('member already connected');
}
identity.challenge = crypto.randomBytes(64);
respond(null, 'sha512', 'hex', identity.challenge);
}
);
/*
* Verify a signature for login
* @param signature The signed challenge using the client's private key
* @param respond function(errStr, memberId) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.member Signed in member object
* @param respond.server Signed in server object
*/
bindEvent(
client, null, null,
'verify', [ 'string', 'function' ],
async (signature, respond) => {
if (connected.find(i => i.memberId == identity.memberId && i.verified)) {
throw new EventError('member already connected');
}
if (!identity.challenge) {
throw new EventError('challenge not requested');
}
if (!identity.publicKey) {
throw new EventError('publicKey not provided')
}
if (!identity.serverId) {
throw new EventError('serverId not targeted')
}
if (!identity.memberId) {
throw new EventError('memberId not targeted')
}
let verify = crypto.createVerify('sha512');
verify.write(identity.challenge);
verify.end();
let verified: boolean;
try {
verified = verify.verify(identity.publicKey, signature, 'hex');
} catch (e) {
throw new EventError('unable to verify signature', e);
}
if (!verified) {
throw new EventError('invalid signature');
}
try {
await DB.setMemberStatus(identity.serverId, identity.memberId, 'online');
let member = await DB.getMember(identity.serverId, identity.memberId);
io.to(identity.serverId).emit('update-member', member);
} catch (e) {
LOG.warn('unable to set status for m#' + identity.memberId, e);
// not killing here since this should not be a game ender. Most likely, the SQL server is bad though
}
identity.verified = true;
client.join(identity.serverId); // join the socket.io server room
LOG.info(`c#${client.id}: verified as s#${identity.serverId} u#${identity.memberId}`);
respond(null, identity.memberId);
}
);
}
function bindAdminEvents(io: socketio.Server, client: socketio.Socket, identity: IIdentity): void {
/*
* Sets the name of the server
* @param name The new name of the server
* @param respond function(errStr, serverMeta) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.serverMeta The update server metadata information
*/
bindEvent(
client, identity,
{ verified: true, privileges: [ 'modify_profile' ] },
'set-name', [ 'string', 'function' ],
async (name, respond) => {
if (name.length == 0 || name.length > MAX_SERVER_NAME_LENGTH) throw new EventError('invalid server name');
if (!identity.serverId) throw new EventError('identity no serverId');
let newMeta = await DB.setName(identity.serverId, name);
respond(null, newMeta);
io.emit('update-server', newMeta);
}
);
/*
* Sets the icon of the server
* @param iconBuff The new icon buffer of the server
* @param respond function(errStr, serverMeta) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.serverMeta The update server metadata information
*/
bindEvent(
client, identity,
{ verified: true, privileges: [ 'modify_profile' ] },
'set-icon', [ 'buffer', 'function' ],
async (iconBuff, respond) => {
if (iconBuff.length == 0 || iconBuff.length > MAX_ICON_SIZE) throw new EventError('invalid server icon');
if (!identity.serverId) throw new EventError('identity no serverId');
let typeResult = await FileType.fromBuffer(iconBuff);
if (!typeResult || !['image/png', 'image/jpeg', 'image/jpg'].includes(typeResult.mime)) {
throw new EventError('detected invalid mime type');
}
let iconResourceId = await DB.insertResource(identity.serverId, iconBuff);
let newMeta = await DB.setIcon(identity.serverId, iconResourceId);
respond(null, newMeta);
io.emit('update-server', newMeta);
}
);
/*
* Creates a text channel
* @param name The name of the new channel
* @param flavorText The flavor text of the new channel (can be null)
* @para repsond function(errStr, channel) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.channel The created channel
*/
bindEvent(
client, identity,
{ verified: true, privileges: [ 'modify_channels' ] },
'create-text-channel', [ 'string', 'string', 'function' ],
async (name, flavorText, respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
flavorText = flavorText || null;
if (name.length == 0 || name.length > MAX_CHANNEL_NAME_LENGTH || !(/^[A-Za-z0-9-]+$/.exec(name))) {
throw new EventError('invalid channel name');
}
if (flavorText != null && (flavorText.length == 0 || flavorText.length > MAX_CHANNEL_FLAVOR_TEXT_LENGTH)) {
throw new EventError('invalid flavor text');
}
let newChannel = await DB.createChannel(identity.serverId, name, flavorText);
respond(null, newChannel);
io.to(identity.serverId).emit('new-channel', newChannel);
}
);
/*
* Updates a channel
* @param channelId The uuid of the channel to update
* @param name The new name of the channel
* @param flavorText The new flavor text of the channel
* @param respond function(errStr, message) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.channel Updated channel
*/
bindEvent(
client, identity,
{ verified: true, privileges: [ 'modify_channels' ] },
'update-channel', [ 'string', 'string', 'string', 'function' ],
async (channelId, name, flavorText, respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
flavorText = flavorText || null;
if (name.length == 0 || name.length > MAX_CHANNEL_NAME_LENGTH || !(/^[A-Za-z0-9-]+$/.exec(name))) {
throw new EventError('invalid name');
}
if (flavorText != null && (flavorText.length == 0 || flavorText.length > MAX_CHANNEL_FLAVOR_TEXT_LENGTH)) {
throw new EventError('invalid flavor text');
}
let updatedChannel = await DB.updateChannel(identity.serverId, channelId, name, flavorText);
respond(null, updatedChannel);
io.to(identity.serverId).emit('update-channel', updatedChannel);
}
);
/*
* Gets the list of tokens that have been or are available to use
* @param respond function(errStr, message) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.tokens The list of outstanding tokens in form of [ { token, member_id, created, expires } ]
*/
bindEvent(
client, identity,
{ verified: true, privileges: [ 'modify_members' ] },
'fetch-tokens', [ 'function' ],
async (respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
LOG.debug(`u#${identity.memberId}: fetching tokens`);
let tokens = await DB.getTokens(identity.serverId);
respond(null, tokens);
}
);
/*
* Revokes a token so that it can no longer be used
* @param token The token to revoke
* @param respond function(errStr) as a socket.io response function
* @param respond.errStr Error string if an error, else null
*/
bindEvent(
client, identity,
{ verified: true, privileges: [ 'modify_members' ] },
'revoke-token', [ 'string', 'function' ],
async (token, respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
if (!(await DB.isTokenReal(token))) {
throw new EventError('fake token');
}
if (!(await DB.isTokenForServer(token, identity.serverId))) {
throw new EventError('fake token', undefined, 'tried to revoke token for a different server');
}
if (await DB.isTokenTaken(token)) {
throw new EventError('token already taken');
}
LOG.debug(`u#${identity.memberId}: revoking t#${token}`);
await DB.revokeToken(token);
respond(null);
}
);
}
function bindActionEvents(io: socketio.Server, client: socketio.Socket, identity: IIdentity) {
/*
* Send a message to a channel
* @param channelId The uuid of the channel to send a message to
* @param text The text of the message
* @param respond function(errStr, message) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.message Sent message data object parsed from PostgreSQL
*/
bindEvent(
client, identity,
{ verified: true },
'send-message', [ 'string', 'string', 'function' ],
async (channelId, text, respond) => {
if (text.length > MAX_TEXT_MESSAGE_LENGTH) throw new EventError('message is too long');
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
let message = await DB.insertMessage(identity.serverId, channelId, identity.memberId, text);
LOG.info(`m#${message.id} ch#${message.channel_id} s@${formatDate(message.sent_dtg)} u#${message.member_id}: ${message.text}`);
respond(null, message);
io.to(identity.serverId).emit('new-message', message);
}
);
/*
* Send a message with a resource to a channel
* @param channelId The uuid of the channel to send a message to
* @param text The text of the message
* @param resource The resource buffer of the message
* @param resourceName The name of the resource
* @param respond function(errStr, message) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.message Sent message data object parsed from PostgreSQL
*/
bindEvent(
client, identity,
{ verified: true },
'send-message-with-resource', [ 'string', 'string', 'buffer', 'string', 'function' ],
async (channelId, text, resource, resourceName, respond) => {
if (text && text.length > MAX_TEXT_MESSAGE_LENGTH) throw new EventError('message is too long');
if (resource.length > MAX_RESOURCE_SIZE) throw new EventError('resource is too large');
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
resourceName = resourceName.trim();
resourceName = resourceName.replace(/[^A-Za-z0-9 \.]/g, '_'); // only alphanumerics for file names
LOG.info(`u#${identity.memberId}: resource message with resource of size: ${resource.length} bytes`);
// Try to get the dimensions of the resource if it is an image so that we can scale it down for the preview
let fileType = (await FileType.fromBuffer(resource)) ?? { mime: null, ext: null };
let dimensions: { width: number | null, height: number | null } = { width: null, height: null };
switch (fileType.mime) {
case 'image/png':
case 'image/jpeg':
case 'image/gif':
let size = sizeOf(resource);
dimensions.width = size.width ?? null;
dimensions.height = size.height ?? null;
break;
}
// Pre-scale the image (optimized for the electron discord client's max-dimensions of 400x300)
let resourcePreview: Buffer | null = null;
if (dimensions.width != null && dimensions.height != null) {
let previewWidth = dimensions.width;
let previewHeight = dimensions.height;
if (previewWidth > 400) {
let scale = 400 / previewWidth;
previewWidth *= scale;
previewHeight *= scale;
}
if (previewHeight > 300) {
let scale = 300 / previewHeight;
previewWidth *= scale;
previewHeight *= scale;
}
// jpeg for image compression and trash visuals B)
resourcePreview = await sharp(resource).resize(Math.floor(previewWidth), Math.floor(previewHeight)).jpeg().toBuffer();
}
let message: any | null = null;
try {
await DB.queueTransaction(async () => {
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no serverId');
let resourcePreviewId: string | null = null;
if (resourcePreview) {
resourcePreviewId = await DB.insertResource(identity.serverId, resourcePreview);
}
let resourceId = await DB.insertResource(identity.serverId, resource);
message = await DB.insertMessageWithResource(identity.serverId, channelId, identity.memberId, text, resourceId, resourceName, dimensions.width, dimensions.height, resourcePreviewId);
});
} catch (e) {
throw new EventError('unable to insert message with resource');
}
LOG.info(`m#${message.id} ch#${message.channel_id} s@${formatDate(message.sent_dtg)} u#${message.member_id}: ${message.text ? message.text + ' / ' : ''}${message.resource_name}`);
respond(null, message);
io.to(identity.serverId).emit('new-message', message);
}
);
/*
* Set the status for a verified member
* @param status The status for the member to be set to
* @param respond function(errStr, updatedMember) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.updatedMember The updated member object (note: an update-member event will be emitted)
*/
bindEvent(
client, identity,
{ verified: true },
'set-status', [ 'string', 'function' ],
async (status, respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
LOG.info(`u#${identity.memberId}: setting status to ${status}`);
await DB.setMemberStatus(identity.serverId, identity.memberId, status);
let updated = await DB.getMember(identity.serverId, identity.memberId);
respond(null, updated);
io.to(identity.serverId).emit('update-member', updated);
}
);
/*
* Set the status for a verified member
* @param displayName The new chosen display name
* @param respond function(errStr, displayName) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.updatedMember The updated member object (note: an update-member event will be emitted)
*/
bindEvent(
client, identity,
{ verified: true },
'set-display-name', [ 'string', 'function' ],
async (displayName, respond) => {
if (displayName.length > MAX_DISPLAY_NAME_LENGTH || displayName.length == 0) throw new EventError('invalid display name');
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
LOG.info(`u#${identity.memberId}: setting display name to ${displayName}`);
await DB.setMemberDisplayName(identity.serverId, identity.memberId, displayName);
let updated = await DB.getMember(identity.serverId, identity.memberId);
respond(null, updated);
io.to(identity.serverId).emit('update-member', updated);
}
);
/*
* Set the status for a verified member
* @param avatarBuff The new chosen avatar buffer
* @param respond function(errStr, displayName) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.updatedMember The updated member object (note: an update-member event will be emitted)
*/
bindEvent(
client, identity,
{ verified: true },
'set-avatar', [ 'buffer', 'function' ],
async (avatarBuff, respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
if (avatarBuff.length > MAX_AVATAR_SIZE) {
LOG.warn(`c#${client.id}: avatar too large`);
respond('buffer too large');
return;
}
let typeResult = (await FileType.fromBuffer(avatarBuff)) ?? { mime: null, ext: null };
if ((['image/png', 'image/jpeg', 'image/jpg'] as (string | null)[]).indexOf(typeResult.mime) == -1) {
throw new EventError('invalid avatar buffer');
}
LOG.info(`u#${identity.memberId}: uploaded new avatar`);
let resourceId = await DB.insertResource(identity.serverId, avatarBuff);
await DB.setMemberAvatarResourceId(identity.serverId, identity.memberId, resourceId);
let updated = await DB.getMember(identity.serverId, identity.memberId);
respond(null, updated);
io.to(identity.serverId).emit('update-member', updated);
}
);
}
function bindFetchEvents(client: socketio.Socket, identity: IIdentity): void { // TODO: consider changing all or some of these to HTTP requests
/*
* Fetch the server information (name, icon, icon_hash, etc.)
* @param respond function(errStr, server) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.server The server information
*/
bindEvent(
client, identity,
{ verified: true },
'fetch-server', [ 'function' ],
async (respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
LOG.info(`u#${identity.memberId}: fetching server`);
let server = await DB.getServer(identity.serverId);
respond(null, server);
}
);
/*
* Fetch a list of channels
* @param respond function(errStr, channels) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.channels The list of channels for this server
*/
bindEvent(
client, identity,
{ verified: true },
'fetch-channels', [ 'function' ],
async (respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
LOG.info(`u#${identity.memberId}: fetching channels`);
let channels = await DB.getChannels(identity.serverId);
respond(null, channels);
}
);
/*
* Fetch the most recent messages for a specific channel
* @param channelId The channel uuid of the channel
* @param number The maximum number of messages to get
* @param respond function(errStr, messages) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.messages List of message data objects in the channel from PostgreSQL
*/
bindEvent(
client, identity,
{ verified: true },
'fetch-messages-recent', [ 'string', 'number', 'function' ],
async (channelId, number, respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
LOG.info(`u#${identity.memberId}: fetching recent messages for ch#${channelId} number: ${number}`);
let messages = await DB.getMessagesRecent(identity.serverId, channelId, number);
respond(null, messages);
}
);
/*
* client.on('fetch-messages-before', (channelId, messageId, number, respond(errStr, messages)))
* Fetch messages coming before the specified message
* @param channelId The channel uuid of the channel
* @param messageId The id of the base message (will not be included in results)
* @param number The maximum number of messages to get
* @param respond function(errStr, messages) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.messages List of message data objects in the channel from PostgreSQL
*/
bindEvent(
client, identity,
{ verified: true },
'fetch-messages-before', [ 'string', 'string', 'number', 'function' ],
async (channelId, messageId, number, respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
LOG.info(`u#${identity.memberId}: fetching messages before ch#${channelId} m#${messageId} number: ${number}`);
let messages = await DB.getMessagesBefore(identity.serverId, channelId, messageId, number);
respond(null, messages);
}
);
/*
* Fetch messages coming after the specified message
* @param channelId The channel uuid of the channel
* @param messageId The id of the base message (will not be included in results)
* @param number The maximum number of messages to get
* @param respond function(errStr, messages) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.messages List of message data objects in the channel from PostgreSQL
*/
bindEvent(
client, identity,
{ verified: true },
'fetch-messages-after', [ 'string', 'string', 'number', 'function' ],
async (channelId, messageId, number, respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
LOG.info(`u#${identity.memberId}: fetching messages after ch#${channelId} m#${messageId} number: ${number}`);
let messages = await DB.getMessagesAfter(identity.serverId, channelId, messageId, number);
respond(null, messages);
}
);
/*
* @param resourceId The id of the resource to fetch
* @param respond function(errStr, resource) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.resource Resource object { id, server_id, hash, data }
*/
bindEvent(
client, identity,
{ verified: true },
'fetch-resource', [ 'string', 'function' ],
async (resourceId, respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
LOG.info(`u#${identity.memberId}: fetching r#${resourceId}`);
let resource = await DB.getResource(identity.serverId, resourceId);
respond(null, resource);
}
);
/*
* Fetch members in the server
* @param respond function(errStr, members) as a socket.io response function
* @param respond.errStr Error string if an error, else null
* @param respond.members List of member data objects in the server from PostgreSQL
*/
bindEvent(
client, identity,
{ verified: true },
'fetch-members', [ 'function' ],
async (respond) => {
if (!identity.serverId) throw new EventError('identity no serverId');
if (!identity.memberId) throw new EventError('identity no memberId');
LOG.info(`u#${identity.memberId}: fetching members`);
let members = await DB.getMembers(identity.serverId);
respond(null, members);
}
);
}
export function bindSocketEvents(io: socketio.Server): void {
io.on('connection', client => {
LOG.info(`c#${client.id}: connected`);
let identity: IIdentity = {
serverId: null,
memberId: null,
verified: false,
publicKey: null,
challenge: null
};
connected.push(identity);
//bindIdentificationEvents(io, keypair, client);
bindRegistrationEvents(io, client);
bindChallengeVerificationEvents(io, client, identity);
bindAdminEvents(io, client, identity);
bindActionEvents(io, client, identity);
bindFetchEvents(client, identity);
client.on('disconnect', () => {
connected.splice(connected.findIndex(i => i.memberId == identity.memberId), 1);
if (identity.verified) {
LOG.info(`c#${client.id}: disconnected (was u#${identity.memberId})`);
(async () => {
if (!identity.serverId || !identity.memberId) return;
try {
await DB.setMemberStatus(identity.serverId, identity.memberId, 'offline');
} catch (e) {
LOG.error('Error updating member status on disconnect', e);
}
})();
} else {
LOG.info(`c#${client.id}: disconnected (was unverified)`);
}
});
});
}