npm - @jskit-ai/realtime - Versions diffs - 0.1.56 → 0.1.57 - Mend

@jskit-ai/realtime 0.1.56 → 0.1.57

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/package.descriptor.mjs +2 -2
package/package.json +2 -2
package/src/server/RealtimeServiceProvider.js +33 -2
package/test/providerRuntime.test.js +90 -0

package/package.descriptor.mjs CHANGED Viewed

@@ -1,7 +1,7 @@
 export default Object.freeze({
   packageVersion: 1,
   packageId: "@jskit-ai/realtime",
-  version: "0.1.56",
+  version: "0.1.57",
   kind: "runtime",
   description: "Thin, generic realtime runtime wrappers for socket.io server and client.",
   options: {
@@ -94,7 +94,7 @@ export default Object.freeze({
   mutations: {
     dependencies: {
       runtime: {
-        "@jskit-ai/kernel": "0.1.57",
+        "@jskit-ai/kernel": "0.1.58",
         "@socket.io/redis-adapter": "^8.3.0",
         "redis": "^5.8.2",
         "socket.io": "^4.8.3",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@jskit-ai/realtime",
-  "version": "0.1.56",
+  "version": "0.1.57",
   "type": "module",
   "scripts": {
     "test": "node --test"
@@ -16,7 +16,7 @@
   },
   "dependencies": {
     "@socket.io/redis-adapter": "^8.3.0",
-    "@jskit-ai/kernel": "0.1.57",
+    "@jskit-ai/kernel": "0.1.58",
     "redis": "^5.8.2",
     "socket.io": "^4.8.3",
     "socket.io-client": "^4.8.3"

package/src/server/RealtimeServiceProvider.js CHANGED Viewed

@@ -450,9 +450,40 @@ async function resolveSocketActorId(authService, socket) {
     return null;
   }
-  const cookies = parseCookieHeader(socket?.request?.headers?.cookie);
-  const authResult = await authService.authenticateRequest({
+  const handshakeHeaders =
+    socket?.handshake?.headers && typeof socket.handshake.headers === "object"
+      ? socket.handshake.headers
+      : {};
+  const requestHeaders =
+    socket?.request?.headers && typeof socket.request.headers === "object"
+      ? socket.request.headers
+      : {};
+  const cookieHeader = normalizeText(
+    handshakeHeaders.cookie ||
+    requestHeaders.cookie
+  );
+  const cookies = parseCookieHeader(cookieHeader);
+  const host = normalizeText(handshakeHeaders.host || requestHeaders.host);
+  const remoteAddress = normalizeText(
+    socket?.request?.socket?.remoteAddress ||
+    socket?.conn?.remoteAddress ||
+    socket?.handshake?.address
+  );
+  const authRequest = {
     cookies
+  };
+  if (host) {
+    authRequest.headers = {
+      host
+    };
+  }
+  if (remoteAddress) {
+    authRequest.socket = {
+      remoteAddress
+    };
+  }
+  const authResult = await authService.authenticateRequest({
+    ...authRequest
   });
   if (!authResult || authResult.authenticated !== true) {
     return null;

package/test/providerRuntime.test.js CHANGED Viewed

@@ -144,6 +144,96 @@ test("RealtimeServiceProvider boot does not eagerly resolve optional auth/worksp
   await provider.shutdown(app);
 });
+test("RealtimeServiceProvider boot authenticates sockets from handshake cookies and joins actor workspace rooms", async () => {
+  const app = createSingletonApp();
+  app.instance("jskit.fastify", {
+    server: createServer()
+  });
+  const authenticateCalls = [];
+  app.singleton("authService", () => ({
+    async authenticateRequest(input = {}) {
+      authenticateCalls.push(input);
+      return {
+        authenticated: true,
+        profile: {
+          id: 9
+        }
+      };
+    }
+  }));
+  app.singleton("internal.repository.workspace-memberships", () => ({
+    async listActiveWorkspaceIdsByUserId(userId) {
+      assert.equal(userId, "9");
+      return [11, 12];
+    }
+  }));
+  let connectionHandler = null;
+  const io = {
+    on(eventName, handler) {
+      if (eventName === "connection") {
+        connectionHandler = handler;
+      }
+    }
+  };
+  const provider = new RealtimeServiceProvider();
+  provider.register(app);
+  app.instance("runtime.realtime.io", io);
+  await provider.boot(app);
+  const joinedRooms = [];
+  const socket = {
+    handshake: {
+      headers: {
+        cookie: "session=abc123; theme=dark",
+        host: "127.0.0.1:3100"
+      },
+      address: "127.0.0.1"
+    },
+    request: {
+      headers: {},
+      socket: {
+        remoteAddress: "127.0.0.1"
+      }
+    },
+    data: {},
+    join(room) {
+      joinedRooms.push(room);
+    }
+  };
+  await connectionHandler(socket);
+  await provider.shutdown(app);
+  assert.deepEqual(authenticateCalls, [
+    {
+      cookies: {
+        session: "abc123",
+        theme: "dark"
+      },
+      headers: {
+        host: "127.0.0.1:3100"
+      },
+      socket: {
+        remoteAddress: "127.0.0.1"
+      }
+    }
+  ]);
+  assert.equal(socket.data.actorId, "9");
+  assert.deepEqual(joinedRooms, [
+    "clients",
+    "users",
+    "user:9",
+    "workspace:11",
+    "workspace:11:user:9",
+    "workspace:12",
+    "workspace:12:user:9"
+  ]);
+});
 test("RealtimeClientProvider registers runtime realtime client api", () => {
   const app = createSingletonApp();
   const provider = new RealtimeClientProvider();