1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.MastodonAPI.WebsocketHandler do
10 alias Pleroma.Web.OAuth.Token
11 alias Pleroma.Web.Streamer
13 @behaviour :cowboy_websocket
16 @tick :timer.seconds(30)
17 # Cowboy timeout period.
18 @timeout :timer.seconds(60)
19 # Hibernate every X messages
22 def init(%{qs: qs} = req, state) do
23 with params <- Enum.into(:cow_qs.parse_qs(qs), %{}),
24 sec_websocket <- :cowboy_req.header("sec-websocket-protocol", req, nil),
25 access_token <- Map.get(params, "access_token"),
26 {:ok, user, oauth_token} <- authenticate_request(access_token, sec_websocket),
27 {:ok, topic} <- Streamer.get_topic(params["stream"], user, oauth_token, params) do
30 :cowboy_req.set_resp_header("sec-websocket-protocol", sec_websocket, req)
35 {:cowboy_websocket, req,
42 oauth_token: oauth_token
43 }, %{idle_timeout: @timeout}}
45 {:error, :bad_topic} ->
46 Logger.debug("#{__MODULE__} bad topic #{inspect(req)}")
47 req = :cowboy_req.reply(404, req)
50 {:error, :unauthorized} ->
51 Logger.debug("#{__MODULE__} authentication error: #{inspect(req)}")
52 req = :cowboy_req.reply(401, req)
57 def websocket_init(state) do
59 "#{__MODULE__} accepted websocket connection for user #{(state.user || %{id: "anonymous"}).id}, topic #{state.topic}"
62 Streamer.add_socket(state.topic, state.oauth_token)
63 {:ok, %{state | timer: timer()}}
66 # Client's Pong frame.
67 def websocket_handle(:pong, state) do
68 if state.timer, do: Process.cancel_timer(state.timer)
69 {:ok, %{state | timer: timer()}}
72 # We only receive pings for now
73 def websocket_handle(:ping, state), do: {:ok, state}
75 def websocket_handle({:text, ping}, state) when ping in ~w[ping PING] do
76 if state.timer, do: Process.cancel_timer(state.timer)
77 {:reply, {:text, "pong"}, %{state | timer: timer()}}
80 def websocket_handle({:text, text}, state) do
81 with {:ok, json} <- Jason.decode(text) do
82 websocket_handle({:json, json}, state)
85 Logger.error("#{__MODULE__} received text frame: #{text}")
91 {:json, %{"type" => "subscribe", "stream" => stream_name}},
92 %{user: user, oauth_token: token} = state
94 with {:ok, topic} <- Streamer.get_topic(stream_name, user, token, %{}) do
96 [topic | Map.get(state, :subscriptions, [])]
99 {:ok, _topic} = Streamer.add_socket(topic, user)
101 {:ok, Map.put(state, :subscriptions, new_subscriptions)}
104 Logger.error("#{__MODULE__} received invalid topic: #{stream_name}")
109 def websocket_handle(frame, state) do
110 Logger.error("#{__MODULE__} received frame: #{inspect(frame)}")
114 def websocket_info({:render_with_user, view, template, item, topic}, state) do
115 user = %User{} = User.get_cached_by_ap_id(state.user.ap_id)
117 unless Streamer.filtered_by_user?(user, item) do
118 websocket_info({:text, view.render(template, item, user, topic)}, %{state | user: user})
124 def websocket_info({:text, message}, state) do
125 # If the websocket processed X messages, force an hibernate/GC.
126 # We don't hibernate at every message to balance CPU usage/latency with RAM usage.
127 if state.count > @hibernate_every do
128 {:reply, {:text, message}, %{state | count: 0}, :hibernate}
130 {:reply, {:text, message}, %{state | count: state.count + 1}}
134 # Ping tick. We don't re-queue a timer there, it is instead queued when :pong is received.
135 # As we hibernate there, reset the count to 0.
136 # If the client misses :pong, Cowboy will automatically timeout the connection after
138 def websocket_info(:tick, state) do
139 {:reply, :ping, %{state | timer: nil, count: 0}, :hibernate}
142 def websocket_info(:close, state) do
146 # State can be `[]` only in case we terminate before switching to websocket,
147 # we already log errors for these cases in `init/1`, so just do nothing here
148 def terminate(_reason, _req, []), do: :ok
150 def terminate(reason, _req, state) do
152 "#{__MODULE__} terminating websocket connection for user #{(state.user || %{id: "anonymous"}).id}, topic #{state.topic || "?"}: #{inspect(reason)}"
155 Streamer.remove_socket(state.topic)
159 # Public streams without authentication.
160 defp authenticate_request(nil, nil) do
164 # Authenticated streams.
165 defp authenticate_request(access_token, sec_websocket) do
166 token = access_token || sec_websocket
168 with true <- is_bitstring(token),
169 oauth_token = %Token{user_id: user_id} <- Repo.get_by(Token, token: token),
170 user = %User{} <- User.get_cached_by_id(user_id) do
171 {:ok, user, oauth_token}
173 _ -> {:error, :unauthorized}
178 Process.send_after(self(), :tick, @tick)