RealtimeDB-OLD/src/connection.ts

import * as WebSocket from "ws";
import { Server, IncomingMessage } from "http";
import { DatabaseManager } from "./database/database";
import Logging from "@hibas123/logging";
import Query from "./database/query";
import Session from "./database/session";
import shortid = require("shortid");

import * as JWT from "jsonwebtoken";

async function verifyJWT(token: string, publicKey: string) {
   return new Promise<any | undefined>((yes) => {
      JWT.verify(token, publicKey, (err, decoded) => {
         if (err)
            yes(undefined);
         else
            yes(decoded);
      })
   })
}

import { URLSearchParams } from "url";

type QueryTypes = "get" | "set" | "push" | "subscribe" | "unsubscribe";

export class ConnectionManager {
   static server: WebSocket.Server;

   static bind(server: Server) {
      this.server = new WebSocket.Server({ server });
      this.server.on("connection", this.onConnection.bind(this));
   }

   private static async onConnection(socket: WebSocket, req: IncomingMessage) {
      Logging.log("New Connection:");
      const sendError = (msg: string) => socket.send(JSON.stringify({ ns: "error_msg", args: [msg] }));


      const session = new Session();

      let query = new URLSearchParams(req.url.split("?").pop());

      const database = query.get("database");
      const db = DatabaseManager.getDatabase(database);
      if (!db) {
         sendError("Invalid Database!");
         socket.close();
         return;
      }

      const accesskey = query.get("accesskey");
      if (db.accesskey) {
         if (!accesskey || accesskey !== db.accesskey) {
            sendError("Unauthorized!");
            socket.close();
            return;
         }
      }

      const authkey = query.get("authkey");
      if (authkey && db.publickey) {
         let res = await verifyJWT(authkey, db.publickey);
         if (!res || !res.uid) {
            sendError("Invalid JWT");
            socket.close();
            return;
         } else {
            session.uid = res.uid;
         }
      }

      const rootkey = query.get("rootkey");
      if (rootkey && db.rootkey) {
         if (rootkey === db.rootkey) {
            session.root = true;
            Logging.warning(`Somebody logged into ${database} via rootkey`);
         }
      }

      const stored = new Map<string, Query>();
      const answer = (id: string, data: any, err: boolean = false) => {
         socket.send(JSON.stringify({ ns: "message", args: [id, err, data] }));
      }

      const handler = new Map<string, ((...args: any[]) => void)>();
      handler.set("query", async (id: string, type: QueryTypes, path: string[], data: any) => {
         Logging.debug(`Request with id '${id}' from type '${type}' and path '${path}' with data`, data)
         try {
            const perms = db.rules.hasPermission(path, session);
            const noperm = new Error("No permisison!");
            if (!db)
               answer(id, "Database not found!", true);
            else {
               const query = stored.get(id) || db.getQuery(path);

               switch (type) {
                  case "get":
                     if (!perms.read)
                        throw noperm;
                     answer(id, await query.get());
                     return;
                  case "set":
                     if (!perms.write)
                        throw noperm;
                     answer(id, await query.set(data));
                     return;
                  case "push":
                     if (!perms.write)
                        throw noperm;
                     answer(id, await query.push(data));
                     return;
                  case "subscribe":
                     if (!perms.read)
                        throw noperm;

                     let subscriptionID = shortid.generate();

                     query.subscribe(data, (data) => {
                        socket.send(JSON.stringify({ ns: "event", args: [subscriptionID, data] }));
                     });
                     stored.set(id, query);
                     answer(id, subscriptionID);
                     return;
                  case "unsubscribe":
                     query.unsubscribe();
                     stored.delete(id);
                     answer(id, true);
                     return;
               }

               answer(id, "Invalid request!", true);
            }
         } catch (err) {
            Logging.error(err);
            answer(id, err.message, true);
         }
      })

      socket.on("message", (rawData: string) => {
         let data: { ns: string, args: any[] } = JSON.parse(rawData);
         let h = handler.get(data.ns);
         if (h) {
            h(...data.args);
         }
      })

      socket.on("disconnect", () => {
         stored.forEach(query => query.unsubscribe());
         stored.clear();
         socket.removeAllListeners();
      })
   }
}
Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`import * as WebSocket from "ws";`
			`import { Server, IncomingMessage } from "http";`
First Commit 2019-09-18 19:54:28 +00:00			`import { DatabaseManager } from "./database/database";`
			`import Logging from "@hibas123/logging";`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`import Query from "./database/query";`
			`import Session from "./database/session";`
Fixing some bugs and changing subscribe behaviour 2019-10-01 16:24:26 +00:00			`import shortid = require("shortid");`
First Commit 2019-09-18 19:54:28 +00:00
Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`import * as JWT from "jsonwebtoken";`

			`async function verifyJWT(token: string, publicKey: string) {`
			`return new Promise<any \| undefined>((yes) => {`
			`JWT.verify(token, publicKey, (err, decoded) => {`
			`if (err)`
			`yes(undefined);`
			`else`
			`yes(decoded);`
			`})`
			`})`
			`}`

			`import { URLSearchParams } from "url";`

First Commit 2019-09-18 19:54:28 +00:00			`type QueryTypes = "get" \| "set" \| "push" \| "subscribe" \| "unsubscribe";`

			`export class ConnectionManager {`
Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`static server: WebSocket.Server;`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00
First Commit 2019-09-18 19:54:28 +00:00			`static bind(server: Server) {`
Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`this.server = new WebSocket.Server({ server });`
First Commit 2019-09-18 19:54:28 +00:00			`this.server.on("connection", this.onConnection.bind(this));`
			`}`

Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`private static async onConnection(socket: WebSocket, req: IncomingMessage) {`
			`Logging.log("New Connection:");`
			`const sendError = (msg: string) => socket.send(JSON.stringify({ ns: "error_msg", args: [msg] }));`


Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`const session = new Session();`

Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`let query = new URLSearchParams(req.url.split("?").pop());`

			`const database = query.get("database");`
			`const db = DatabaseManager.getDatabase(database);`
			`if (!db) {`
			`sendError("Invalid Database!");`
			`socket.close();`
			`return;`
First Commit 2019-09-18 19:54:28 +00:00			`}`

Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`const accesskey = query.get("accesskey");`
			`if (db.accesskey) {`
			`if (!accesskey \|\| accesskey !== db.accesskey) {`
			`sendError("Unauthorized!");`
			`socket.close();`
			`return;`
			`}`
			`}`
First Commit 2019-09-18 19:54:28 +00:00
Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`const authkey = query.get("authkey");`
			`if (authkey && db.publickey) {`
			`let res = await verifyJWT(authkey, db.publickey);`
			`if (!res \|\| !res.uid) {`
			`sendError("Invalid JWT");`
			`socket.close();`
			`return;`
			`} else {`
			`session.uid = res.uid;`
			`}`
			`}`

			`const rootkey = query.get("rootkey");`
			`if (rootkey && db.rootkey) {`
			`if (rootkey === db.rootkey) {`
			`session.root = true;`
			Logging.warning(`Somebody logged into ${database} via rootkey`);
			`}`
			`}`

			`const stored = new Map<string, Query>();`
			`const answer = (id: string, data: any, err: boolean = false) => {`
			`socket.send(JSON.stringify({ ns: "message", args: [id, err, data] }));`
			`}`

			`const handler = new Map<string, ((...args: any[]) => void)>();`
			`handler.set("query", async (id: string, type: QueryTypes, path: string[], data: any) => {`
			Logging.debug(`Request with id '${id}' from type '${type}' and path '${path}' with data`, data)
First Commit 2019-09-18 19:54:28 +00:00			`try {`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`const perms = db.rules.hasPermission(path, session);`
			`const noperm = new Error("No permisison!");`
First Commit 2019-09-18 19:54:28 +00:00			`if (!db)`
			`answer(id, "Database not found!", true);`
			`else {`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`const query = stored.get(id) \|\| db.getQuery(path);`
First Commit 2019-09-18 19:54:28 +00:00
			`switch (type) {`
			`case "get":`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`if (!perms.read)`
			`throw noperm;`
First Commit 2019-09-18 19:54:28 +00:00			`answer(id, await query.get());`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`return;`
First Commit 2019-09-18 19:54:28 +00:00			`case "set":`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`if (!perms.write)`
			`throw noperm;`
First Commit 2019-09-18 19:54:28 +00:00			`answer(id, await query.set(data));`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`return;`
First Commit 2019-09-18 19:54:28 +00:00			`case "push":`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`if (!perms.write)`
			`throw noperm;`
First Commit 2019-09-18 19:54:28 +00:00			`answer(id, await query.push(data));`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`return;`
First Commit 2019-09-18 19:54:28 +00:00			`case "subscribe":`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`if (!perms.read)`
			`throw noperm;`
Fixing some bugs and changing subscribe behaviour 2019-10-01 16:24:26 +00:00
			`let subscriptionID = shortid.generate();`

Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`query.subscribe(data, (data) => {`
Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`socket.send(JSON.stringify({ ns: "event", args: [subscriptionID, data] }));`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`});`
			`stored.set(id, query);`
Fixing some bugs and changing subscribe behaviour 2019-10-01 16:24:26 +00:00			`answer(id, subscriptionID);`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`return;`
First Commit 2019-09-18 19:54:28 +00:00			`case "unsubscribe":`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`query.unsubscribe();`
			`stored.delete(id);`
Fixing some bugs and changing subscribe behaviour 2019-10-01 16:24:26 +00:00			`answer(id, true);`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`return;`
First Commit 2019-09-18 19:54:28 +00:00			`}`

Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`answer(id, "Invalid request!", true);`
First Commit 2019-09-18 19:54:28 +00:00			`}`
			`} catch (err) {`
			`Logging.error(err);`
			`answer(id, err.message, true);`
			`}`
Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`})`
First Commit 2019-09-18 19:54:28 +00:00
Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`socket.on("message", (rawData: string) => {`
			`let data: { ns: string, args: any[] } = JSON.parse(rawData);`
			`let h = handler.get(data.ns);`
			`if (h) {`
			`h(...data.args);`
			`}`
First Commit 2019-09-18 19:54:28 +00:00			`})`

			`socket.on("disconnect", () => {`
Switching to ws instead of socket.io and implementing basic authentication 2019-10-10 10:28:44 +00:00			`stored.forEach(query => query.unsubscribe());`
Fixing several bugs and adding very basic rule support 2019-09-19 14:24:35 +00:00			`stored.clear();`
			`socket.removeAllListeners();`
First Commit 2019-09-18 19:54:28 +00:00			`})`
			`}`
			`}`