Merge pull request #110 from nicolelim02/feat/communication

Verify user auth status

Author: feliciagan

backend/collab-service/.env.sample

@@ -4,6 +4,9 @@ SERVICE_PORT=3003
 # Origins for cors
 ORIGINS=http://localhost:5173,http://127.0.0.1:5173
 
+# Other service APIs
+USER_SERVICE_URL=http://user-service:3001/api
+
 # Redis configuration
 REDIS_URI=redis://collab-service-redis:6379
 

backend/collab-service/src/api/userService.ts

@@ -0,0 +1,15 @@
+import axios from "axios";
+
+const USER_SERVICE_URL =
+  process.env.USER_SERVICE_URL || "http://localhost:3001/api";
+
+const userClient = axios.create({
+  baseURL: USER_SERVICE_URL,
+  withCredentials: true,
+});
+
+export const verifyToken = (token: string | undefined) => {
+  return userClient.get("/auth/verify-token", {
+    headers: { authorization: token },
+  });
+};

backend/collab-service/src/middlewares/basicAccessControl.ts

@@ -0,0 +1,19 @@
+import { ExtendedError, Socket } from "socket.io";
+import { verifyToken } from "../api/userService.ts";
+
+export const verifyUserToken = (
+  socket: Socket,
+  next: (err?: ExtendedError) => void
+) => {
+  const token =
+    socket.handshake.headers.authorization || socket.handshake.auth.token;
+  verifyToken(token)
+    .then(() => {
+      console.log("Valid credentials");
+      next();
+    })
+    .catch((err) => {
+      console.error(err);
+      next(new Error("Unauthorized"));
+    });
+};

backend/collab-service/src/server.ts

@@ -3,8 +3,10 @@ import app, { allowedOrigins } from "./app.ts";
 import { handleWebsocketCollabEvents } from "./handlers/websocketHandler.ts";
 import { Server, Socket } from "socket.io";
 import { connectRedis } from "./config/redis.ts";
+import { verifyUserToken } from "./middlewares/basicAccessControl.ts";
 
 const server = http.createServer(app);
+
 export const io = new Server(server, {
   cors: {
     origin: allowedOrigins,
@@ -13,6 +15,8 @@ export const io = new Server(server, {
   connectionStateRecovery: {},
 });
 
+io.use(verifyUserToken);
+
 io.on("connection", (socket: Socket) => {
   handleWebsocketCollabEvents(socket);
 });

backend/communication-service/.env.sample

@@ -3,3 +3,6 @@ SERVER_PORT=3005
 
 # Origins for cors
 ORIGINS=http://localhost:5173,http://127.0.0.1:5173
+
+# Other service APIs
+USER_SERVICE_URL=http://user-service:3001/api

backend/communication-service/README.md

@@ -30,25 +30,29 @@
 
    - Select the `Socket.IO` option and set URL to `http://localhost:3005`. Click `Connect`.
 
-   ![image1.png](./docs/image1.png)
+   ![image1.png](./docs/images/postman-setup1.png)
 
    - Add the following events in the `Events` tab and listen to them.
 
-   ![image2.png](./docs/image2.png)
+   ![image2.png](./docs/images/postman-setup2.png)
 
-   - To send a message, go to the `Message` tab and ensure that your message is being parsed as `JSON`.
+   - Add a valid JWT token in the `Authorization` header.
 
-   ![image3.png](./docs/image3.png)
+   ![image3.png](./docs/images/postman-setup3.png)
 
    - In the `Event name` input, input the correct event name. Click on `Send` to send a message.
 
-   ![image4.png](./docs/image4.png)
+   ![image4.png](./docs/images/postman-setup4.png)
+
+   - To send a message, go to the `Message` tab and ensure that your message is being parsed as `JSON`.
+
+   ![image5.png](./docs/images/postman-setup5.png)
 
 ## Events Available
 
 | Event Name            | Description                       | Parameters                                                                                                                                                                                           | Response Event                                                                        |
 | --------------------- | --------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- |
 | **join**              | Joins a communication rooms       | `roomId` (string): ID of the room. <br> `username` (string): Username of the user that joined.                                                                                                       | **user_joined**: Notify the other user that a new user has joined the room.           |
 | **send_text_message** | Sends a message to the other user | `roomId` (string): ID of the room. <br> `message` (string): Message to send. <br> `username` (string): User that sent the message. <br> `createdTime` (number): Time that the user sent the message. | **text_message_received**: Notify the user that a message is sent                     |
-| **leave**             | Leaves the communication room.    | `roomId` (string): ID of the room to leave. <br> `username` (string): User that wants to leave.                                                                                                      | **user_left**: To notify the user when one user leaves.                               |
+| **user_disconnect**   | User disconnection.               | None                                                                                                                                                                                                 | **user_left**: To notify the user when one user leaves.                               |
 | **disconnect**        | Disconnects from the server.      | None                                                                                                                                                                                                 | **disconnected**: To notify the user when one user gets disconnected from the server. |