UniqAI/hexabot
1
0
Fork 0
mirror of https://github.com/hexastack/hexabot synced 2025-06-26 18:27:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactor: remove widget token

Browse Source
This commit is contained in:
Mohamed Marrouchi
2024-11-10 12:11:42 +01:00
parent 81a507d091
commit 9df4fbbdad
19 changed files with 34 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
api/src/extensions/channels/console/i18n/en/label.json
View File

@@ -1,5 +1,4 @@
{
"verification_token": "Verification Token",
"allowed_domains": "Allowed Domains",
"start_button": "Enable `Get Started`",
"input_disabled": "Disable Input",

1
api/src/extensions/channels/console/i18n/fr/label.json
View File

@@ -1,5 +1,4 @@
{
"verification_token": "Jeton de vérification",
"allowed_domains": "Domaines autorisés",
"start_button": "Activer `Démarrer`",
"input_disabled": "Désactiver la saisie",

6
api/src/extensions/channels/console/settings.ts
View File

@@ -17,12 +17,6 @@ export const CONSOLE_CHANNEL_NAME = 'console-channel';
export const CONSOLE_CHANNEL_NAMESPACE = 'console_channel';
export default [
{
group: CONSOLE_CHANNEL_NAMESPACE,
label: Web.SettingLabel.verification_token,
value: 'test',
type: SettingType.text,
},
{
group: CONSOLE_CHANNEL_NAMESPACE,
label: Web.SettingLabel.allowed_domains,

90
api/src/extensions/channels/web/base-web-channel.ts
View File

@@ -77,7 +77,7 @@ export default abstract class BaseWebChannelHandler<
protected readonly attachmentService: AttachmentService,
protected readonly messageService: MessageService,
protected readonly menuService: MenuService,
private readonly websocketGateway: WebsocketGateway,
protected readonly websocketGateway: WebsocketGateway,
) {
super(name, settingService, channelService, logger);
}
@@ -98,42 +98,32 @@ export default abstract class BaseWebChannelHandler<
*/
@OnEvent('hook:websocket:connection', { async: true })
async onWebSocketConnection(client: Socket) {
const settings = await this.getSettings();
const handshake = client.handshake;
const { channel } = handshake.query;
if (channel !== this.getName()) {
return;
}
try {
const { verification_token } = client.handshake.query;
await this.verifyToken(verification_token.toString());
try {
this.logger.debug(
'Web Channel Handler : WS connected .. sending settings',
);
try {
const menu = await this.menuService.getTree();
return client.emit('settings', { menu, ...settings });
} catch (err) {
this.logger.warn(
'Web Channel Handler : Unable to retrieve menu ',
err,
);
return client.emit('settings', settings);
}
} catch (err) {
this.logger.warn(
'Web Channel Handler : Unable to verify token, disconnecting ...',
err,
);
client.disconnect();
const settings = await this.getSettings();
const handshake = client.handshake;
const { channel } = handshake.query;
if (channel !== this.getName()) {
return;
}
this.logger.debug(
'Web Channel Handler : WS connected .. sending settings',
);
try {
const menu = await this.menuService.getTree();
return client.emit('settings', { menu, ...settings });
} catch (err) {
this.logger.warn('Web Channel Handler : Unable to retrieve menu ', err);
return client.emit('settings', settings);
}
} catch (err) {
this.logger.error(
'Web Channel Handler : Unable to initiate websocket connection',
err,
);
client.disconnect();
}
}
@@ -218,7 +208,7 @@ export default abstract class BaseWebChannelHandler<
*
* @returns Formatted message
*/
private formatHistoryMessages(messages: AnyMessage[]): Web.Message[] {
protected formatMessages(messages: AnyMessage[]): Web.Message[] {
return messages.map((anyMessage: AnyMessage) => {
if ('sender' in anyMessage && anyMessage.sender) {
return {
@@ -262,7 +252,7 @@ export default abstract class BaseWebChannelHandler<
until,
n,
);
return this.formatHistoryMessages(messages.reverse());
return this.formatMessages(messages.reverse());
}
return [];
}
@@ -287,35 +277,11 @@ export default abstract class BaseWebChannelHandler<
since,
n,
);
return this.formatHistoryMessages(messages);
return this.formatMessages(messages);
}
return [];
}
/**
* Verify the received token.
*
* @param verificationToken - Verification Token
*/
private async verifyToken(verificationToken: string) {
const settings =
(await this.getSettings()) as unknown as Settings[typeof WEB_CHANNEL_NAMESPACE];
const verifyToken = settings.verification_token;
if (!verifyToken) {
throw new Error('You need to specify a verifyToken in your config.');
}
if (!verificationToken) {
throw new Error('Did not recieve any verification token.');
}
if (verificationToken !== verifyToken) {
throw new Error('Make sure the validation tokens match.');
}
this.logger.log(
'Web Channel Handler : Token has been verified successfully!',
);
}
/**
* Verify the origin against whitelisted domains.
*
@@ -405,20 +371,12 @@ export default abstract class BaseWebChannelHandler<
* @param req
* @param res
*/
private async checkRequest(
protected async checkRequest(
req: Request | SocketRequest,
res: Response | SocketResponse,
) {
try {
await this.validateCors(req, res);
try {
const { verification_token } =
'verification_token' in req.query ? req.query : req.body;
await this.verifyToken(verification_token);
} catch (err) {
this.logger.warn('Web Channel Handler : Unable to verify token ', err);
throw new Error('Unauthorized, invalid token!');
}
} catch (err) {
this.logger.warn(
'Web Channel Handler : Attempt to access from an unauthorized origin',
@@ -741,7 +699,7 @@ export default abstract class BaseWebChannelHandler<
*
* @returns IP Address
*/
private getIpAddress(req: Request | SocketRequest): string {
protected getIpAddress(req: Request | SocketRequest): string {
if ('isSocket' in req && req.isSocket) {
return req.socket.handshake.address;
} else if (Array.isArray(req.ips) && req.ips.length > 0) {

1
api/src/extensions/channels/web/i18n/en/label.json
View File

@@ -1,5 +1,4 @@
{
"verification_token": "Verification Token",
"allowed_domains": "Allowed Domains",
"start_button": "Enable `Get Started`",
"input_disabled": "Disable Input",

1
api/src/extensions/channels/web/i18n/fr/label.json
View File

@@ -1,5 +1,4 @@
{
"verification_token": "Jeton de vérification",
"allowed_domains": "Domaines autorisés",
"start_button": "Activer `Démarrer`",
"input_disabled": "Désactiver la saisie",

6
api/src/extensions/channels/web/settings.ts
View File

@@ -16,12 +16,6 @@ export const WEB_CHANNEL_NAME = 'web-channel' as const;
export const WEB_CHANNEL_NAMESPACE = 'web_channel';
export default [
{
group: WEB_CHANNEL_NAMESPACE,
label: Web.SettingLabel.verification_token,
value: 'token123',
type: SettingType.secret,
},
{
group: WEB_CHANNEL_NAMESPACE,
label: Web.SettingLabel.allowed_domains,

2
api/src/extensions/channels/web/types.ts
View File

@@ -13,8 +13,6 @@ import { StdQuickReply } from '@/chat/schemas/types/quick-reply';
export namespace Web {
export enum SettingLabel {
secret = 'secret',
verification_token = 'verification_token',
allowed_domains = 'allowed_domains',
start_button = 'start_button',
input_disabled = 'input_disabled',

2
api/src/websocket/websocket.gateway.ts
View File

@@ -224,7 +224,7 @@ export class WebsocketGateway
'Unable to load session, creating a new one ...',
err,
);
if (searchParams.get('channel') === 'web-channel') {
if (searchParams.get('channel') !== 'console-channel') {
return this.createAndStoreSession(client, next);
} else {
return next(new Error('Unauthorized: Unknown session ID'));