diff options
| author | kaniini <nenolod@gmail.com> | 2019-07-09 16:52:22 +0000 |
|---|---|---|
| committer | kaniini <nenolod@gmail.com> | 2019-07-09 16:52:22 +0000 |
| commit | 1179a135333aa59e7fa4f5b908e1db8257b994f5 (patch) | |
| tree | b285dc271c6db26d9ff16e76e017e4bf1ac3cad6 /lib | |
| parent | 1ab4e35f27f2d54058460657f63de09a8f9d1444 (diff) | |
| parent | b5ba41a7255e23285810d865f0fef7701ab4ca6c (diff) | |
| download | pleroma-1179a135333aa59e7fa4f5b908e1db8257b994f5.tar.gz | |
Merge branch 'features/sec-websocket-protocol-header' into 'develop'
Features: MastoAPI streaming Sec-WebSocket-Protocol header
See merge request pleroma/pleroma!1381
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/pleroma/web/mastodon_api/websocket_handler.ex | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/lib/pleroma/web/mastodon_api/websocket_handler.ex b/lib/pleroma/web/mastodon_api/websocket_handler.ex index 3299e1721..dbd3542ea 100644 --- a/lib/pleroma/web/mastodon_api/websocket_handler.ex +++ b/lib/pleroma/web/mastodon_api/websocket_handler.ex @@ -29,9 +29,10 @@ defmodule Pleroma.Web.MastodonAPI.WebsocketHandler do def init(%{qs: qs} = req, state) do with params <- :cow_qs.parse_qs(qs), + sec_websocket <- :cowboy_req.header("sec-websocket-protocol", req, nil), access_token <- List.keyfind(params, "access_token", 0), {_, stream} <- List.keyfind(params, "stream", 0), - {:ok, user} <- allow_request(stream, access_token), + {:ok, user} <- allow_request(stream, [access_token, sec_websocket]), topic when is_binary(topic) <- expand_topic(stream, params) do {:cowboy_websocket, req, %{user: user, topic: topic}, %{idle_timeout: @timeout}} else @@ -84,13 +85,21 @@ defmodule Pleroma.Web.MastodonAPI.WebsocketHandler do end # Public streams without authentication. - defp allow_request(stream, nil) when stream in @anonymous_streams do + defp allow_request(stream, [nil, nil]) when stream in @anonymous_streams do {:ok, nil} end # Authenticated streams. - defp allow_request(stream, {"access_token", access_token}) when stream in @streams do - with %Token{user_id: user_id} <- Repo.get_by(Token, token: access_token), + defp allow_request(stream, [access_token, sec_websocket]) when stream in @streams do + token = + with {"access_token", token} <- access_token do + token + else + _ -> sec_websocket + end + + with true <- is_bitstring(token), + %Token{user_id: user_id} <- Repo.get_by(Token, token: token), user = %User{} <- User.get_cached_by_id(user_id) do {:ok, user} else |