feat: add auth and check if server/channel exists before opening ws connection

2025-05-15 17:54:10 +02:00 · 2025-05-15 17:54:10 +02:00 · b23783dda3
commit b23783dda3
parent cb3c1ee6e4
1 changed files with 60 additions and 1 deletions
--- a/src/api/v1/servers/uuid/channels/uuid/socket.rs
+++ b/src/api/v1/servers/uuid/channels/uuid/socket.rs
@ -1,9 +1,68 @@
 use actix_web::{get, rt, web, Error, HttpRequest, HttpResponse};
 use actix_ws::AggregatedMessage;
 use futures_util::StreamExt as _;
+use uuid::Uuid;
+use log::error;
+
+use crate::{api::v1::auth::check_access_token, structs::{Channel, Member}, utils::get_auth_header, Data};

 #[get("{uuid}/channels/{channel_uuid}/socket")]
-pub async fn echo(req: HttpRequest, stream: web::Payload) -> Result<HttpResponse, Error> {
+pub async fn echo(req: HttpRequest, path: web::Path<(Uuid, Uuid)>, stream: web::Payload, data: web::Data<Data>) -> Result<HttpResponse, Error> {
+    // Get all headers
+    let headers = req.headers();
+
+    // Retrieve auth header
+    let auth_header = get_auth_header(headers);
+
+    if let Err(error) = auth_header {
+        return Ok(error)
+    }
+
+    // Get uuids from path
+    let (guild_uuid, channel_uuid) = path.into_inner();
+
+    // Authorize client using auth header
+    let authorized = check_access_token(auth_header.unwrap(), &data.pool).await;
+
+    if let Err(error) = authorized {
+        return Ok(error)
+    }
+
+    // Unwrap user uuid from authorization
+    let uuid = authorized.unwrap();
+
+    // Get server member from psql
+    let member = Member::fetch_one(&data.pool, uuid, guild_uuid).await;
+
+    if let Err(error) = member {
+        return Ok(error);
+    }
+
+    // Get cache for channel
+    let cache_result = data.get_cache_key(format!("{}", channel_uuid)).await;
+
+    let channel: Channel;
+
+    // Return channel cache or result from psql as `channel` variable
+    if let Ok(cache_hit) = cache_result {
+        channel = serde_json::from_str(&cache_hit).unwrap()
+    } else {
+        let channel_result = Channel::fetch_one(&data.pool, guild_uuid, channel_uuid).await;
+
+        if let Err(error) = channel_result {
+            return Ok(error)
+        }
+    
+        channel = channel_result.unwrap();
+    
+        let cache_result = data.set_cache_key(format!("{}", channel_uuid), channel.clone(), 60).await;
+    
+        if let Err(error) = cache_result {
+            error!("{}", error);
+            return Ok(HttpResponse::InternalServerError().finish());
+        }
+    }
+
    let (res, mut session, stream) = actix_ws::handle(&req, stream)?;

    let mut stream = stream