wip(sync): remove test for old implementation

wip(sync): do not send token on query string
It's not safe, it's logged in and can be easily intercepted. A bit of documentation on websocket auth: https://websockets.readthedocs.io/en/stable/topics/authentication.html
2025-05-15 18:21:53 +02:00 · 2024-12-26 17:30:16 +01:00 · 2024-12-26 16:41:57 +01:00
5 changed files with 16 additions and 48 deletions
--- a/umap/asgi.py
+++ b/umap/asgi.py
@ -17,8 +17,6 @@ urlpatterns = (re_path(r"ws/sync/(?P<map_id>\w+)/$", consumers.SyncConsumer.as_a
 application = ProtocolTypeRouter(
    {
        "http": django_asgi_app,
-        "websocket": consumers.TokenMiddleware(
+        "websocket": AllowedHostsOriginValidator(URLRouter(urlpatterns)),
            AllowedHostsOriginValidator(URLRouter(urlpatterns))
        ),
    }
 )
--- a/umap/static/umap/js/modules/sync/websocket.js
+++ b/umap/static/umap/js/modules/sync/websocket.js
@ -7,7 +7,7 @@ export class WebSocketTransport {
    this.receiver = messagesReceiver
    this.closeRequested = false
-    this.websocket = new WebSocket(`${webSocketURI}?${authToken}`)
+    this.websocket = new WebSocket(`${webSocketURI}`)
    this.websocket.onopen = () => {
      this.send('JoinRequest', { token: authToken })
--- a/umap/sync/consumers.py
+++ b/umap/sync/consumers.py
@ -14,21 +14,6 @@ from .payloads import (
 )
 class TokenMiddleware:
    def __init__(self, app):
        self.app = app
    async def __call__(self, scope, receive, send):
        signed = TimestampSigner().unsign_object(
            scope["query_string"].decode(), max_age=30
        )
        user, map_id, permissions = signed.values()
        if "edit" not in permissions:
            raise ValueError("Invalid Token")
        scope["user"] = user
        return await self.app(scope, receive, send)
 class SyncConsumer(AsyncWebsocketConsumer):
    @property
    def peers(self):
@ -41,7 +26,7 @@ class SyncConsumer(AsyncWebsocketConsumer):
        await self.channel_layer.group_add(self.map_id, self.channel_name)
        await self.accept()
-        await self.send_peers_list()
+        self.is_authenticated = False
    async def disconnect(self, close_code):
        await self.channel_layer.group_discard(self.map_id, self.channel_name)
@ -68,6 +53,18 @@ class SyncConsumer(AsyncWebsocketConsumer):
        await self.send(event["message"])
    async def receive(self, text_data):
        if not self.is_authenticated:
            message = JoinRequest.model_validate_json(text_data)
            signed = TimestampSigner().unsign_object(message.token, max_age=30)
            user, map_id, permissions = signed.values()
            if "edit" not in permissions:
                return await self.disconnect()
            response = JoinResponse(uuid=self.channel_name, peers=self.peers)
            await self.send(response.model_dump_json())
            await self.send_peers_list()
            self.is_authenticated = True
            return
        if text_data == "ping":
            return await self.send("pong")
@ -81,9 +78,6 @@ class SyncConsumer(AsyncWebsocketConsumer):
        else:
            match incoming.root:
                # Broadcast all operation messages to connected peers
                case JoinRequest():
                    response = JoinResponse(uuid=self.channel_name, peers=self.peers)
                    await self.send(response.model_dump_json())
                case OperationMessage():
                    await self.broadcast(text_data)
--- a/umap/sync/payloads.py
+++ b/umap/sync/payloads.py
@ -31,9 +31,7 @@ class PeerMessage(BaseModel):
 class Request(RootModel):
    """Any message coming from the websocket should be one of these, and will be rejected otherwise."""
-    root: Union[PeerMessage, OperationMessage, JoinRequest] = Field(
+    root: Union[PeerMessage, OperationMessage] = Field(discriminator="kind")
        discriminator="kind"
    )
 class JoinResponse(BaseModel):
--- a/umap/tests/test_websocket_server.py
+++ b/umap/tests/test_websocket_server.py
@ -1,22 +0,0 @@
 from umap.websocket_server import OperationMessage, PeerMessage, Request, ServerRequest
 def test_messages_are_parsed_correctly():
    server = Request.model_validate(dict(kind="Server", action="list-peers")).root
    assert type(server) is ServerRequest
    operation = Request.model_validate(
        dict(
            kind="OperationMessage",
            verb="upsert",
            subject="map",
            metadata={},
            key="key",
        )
    ).root
    assert type(operation) is OperationMessage
    peer_message = Request.model_validate(
        dict(kind="PeerMessage", sender="Alice", recipient="Bob", message={})
    ).root
    assert type(peer_message) is PeerMessage
Author	SHA1	Message	Date
Yohan Boniface	fd8cc2a2cb	wip(sync): remove test for old implementation	2024-12-26 17:30:16 +01:00
Yohan Boniface	8cf2451142	wip(sync): do not send token on query string It's not safe, it's logged in and can be easily intercepted. A bit of documentation on websocket auth: https://websockets.readthedocs.io/en/stable/topics/authentication.html	2024-12-26 16:41:57 +01:00