s

Author: 1ceit

server/middleware/sessionAccess.js

@@ -1,16 +1,40 @@
 import pool from '../db/connections/connection.js';
 
 export async function validateSessionAccess(sessionId, accessId) {
-    if (!sessionId || !accessId) return false;
+    console.log(`[validateSessionAccess] Input - SessionID: "${sessionId}", AccessID: "${accessId}"`);
+
+    if (!sessionId || !accessId) {
+        console.log(`[validateSessionAccess] Validation failed - Missing parameters`);
+        return false;
+    }
 
     try {
         const result = await pool.query(
-            'SELECT 1 FROM sessions WHERE session_id = $1 AND access_id = $2',
+            'SELECT session_id, access_id FROM sessions WHERE session_id = $1 AND access_id = $2',
             [sessionId, accessId]
         );
-        return result.rowCount > 0;
+
+        console.log(`[validateSessionAccess] Query result - rowCount: ${result.rowCount}, rows:`, result.rows);
+
+        if (result.rowCount > 0) {
+            console.log(`[validateSessionAccess] ✓ Validation successful`);
+            return true;
+        } else {
+            // Check if session exists with any accessId
+            const sessionCheck = await pool.query(
+                'SELECT session_id, access_id FROM sessions WHERE session_id = $1',
+                [sessionId]
+            );
+
+            if (sessionCheck.rowCount > 0) {
+                console.log(`[validateSessionAccess] ✗ Session exists but accessId mismatch. Expected: "${sessionCheck.rows[0].access_id}", Got: "${accessId}"`);
+            } else {
+                console.log(`[validateSessionAccess] ✗ Session not found in database`);
+            }
+            return false;
+        }
     } catch (error) {
-        console.error('Session validation error:', error);
+        console.error('[validateSessionAccess] Database error:', error);
         return false;
     }
 }

server/websockets/flightsWebsocket.js

@@ -22,7 +22,7 @@ export function setupFlightsWebsocket(httpServer) {
         const sessionId = socket.handshake.query.sessionId;
         const accessId = socket.handshake.query.accessId;
 
-        console.log(`[Flights Socket] Connection attempt - SessionID: ${sessionId || 'missing'}, AccessID: ${accessId ? 'provided' : 'missing'}, Socket ID: ${socket.id}`);
+        console.log(`[Flights Socket] Connection attempt - SessionID: "${sessionId || 'missing'}", AccessID: "${accessId || 'missing'}", Socket ID: ${socket.id}`);
 
         if (!sessionId) {
             console.warn(`[Flights Socket] Rejected connection ${socket.id} - Missing sessionId`);

src/pages/Flights.tsx

@@ -48,6 +48,9 @@ export default function Flights() {
     const accessId = searchParams.get('accessId') ?? undefined;
     const isMobile = useMediaQuery({ maxWidth: 1000 });
 
+    // Debug logging
+    console.log(`[Flights] URL Params - SessionID: "${sessionId}", AccessID: "${accessId}"`);
+
     const [accessError, setAccessError] = useState<string | null>(null);
     const [validatingAccess, setValidatingAccess] = useState(true);
     const [session, setSession] = useState<SessionData | null>(null);

src/sockets/flightsSocket.ts

@@ -11,6 +11,8 @@ export function createFlightsSocket(
     onFlightDeleted: (data: { flightId: string | number }) => void,
     onFlightError?: (error: { action: string; flightId?: string | number; error: string }) => void
 ) {
+    console.log(`[createFlightsSocket] Creating socket with SessionID: "${sessionId}", AccessID: "${accessId}"`);
+
     const socket = io(SOCKET_URL, {
         withCredentials: true,
         path: '/sockets/flights',