+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
defmodule Pleroma.Web.MastodonAPI.WebsocketHandler do
require Logger
+ alias Pleroma.Repo
+ alias Pleroma.User
alias Pleroma.Web.OAuth.Token
- alias Pleroma.{User, Repo}
- @behaviour :cowboy_websocket_handler
+ @behaviour :cowboy_websocket
@streams [
"public",
"public:media",
"public:local:media",
"user",
+ "user:notification",
"direct",
"list",
"hashtag"
# Handled by periodic keepalive in Pleroma.Web.Streamer.
@timeout :infinity
- def init(_type, _req, _opts) do
- {:upgrade, :protocol, :cowboy_websocket}
- end
-
- def websocket_init(_type, req, _opts) do
- with {qs, req} <- :cowboy_req.qs(req),
- params <- :cow_qs.parse_qs(qs),
+ def init(%{qs: qs} = req, state) do
+ with params <- :cow_qs.parse_qs(qs),
+ sec_websocket <- :cowboy_req.header("sec-websocket-protocol", req, nil),
access_token <- List.keyfind(params, "access_token", 0),
{_, stream} <- List.keyfind(params, "stream", 0),
- {:ok, user} <- allow_request(stream, access_token),
+ {:ok, user} <- allow_request(stream, [access_token, sec_websocket]),
topic when is_binary(topic) <- expand_topic(stream, params) do
- send(self(), :subscribe)
- {:ok, req, %{user: user, topic: topic}, @timeout}
+ {:cowboy_websocket, req, %{user: user, topic: topic}, %{idle_timeout: @timeout}}
else
{:error, code} ->
Logger.debug("#{__MODULE__} denied connection: #{inspect(code)} - #{inspect(req)}")
{:ok, req} = :cowboy_req.reply(code, req)
- {:shutdown, req}
+ {:ok, req, state}
error ->
Logger.debug("#{__MODULE__} denied connection: #{inspect(error)} - #{inspect(req)}")
- {:shutdown, req}
+ {:ok, req} = :cowboy_req.reply(400, req)
+ {:ok, req, state}
end
end
+ def websocket_init(state) do
+ send(self(), :subscribe)
+ {:ok, state}
+ end
+
# We never receive messages.
- def websocket_handle(_frame, req, state) do
- {:ok, req, state}
+ def websocket_handle(_frame, state) do
+ {:ok, state}
end
- def websocket_info(:subscribe, req, state) do
+ def websocket_info(:subscribe, state) do
Logger.debug(
"#{__MODULE__} accepted websocket connection for user #{
(state.user || %{id: "anonymous"}).id
)
Pleroma.Web.Streamer.add_socket(state.topic, streamer_socket(state))
- {:ok, req, state}
+ {:ok, state}
end
- def websocket_info({:text, message}, req, state) do
- {:reply, {:text, message}, req, state}
+ def websocket_info({:text, message}, state) do
+ {:reply, {:text, message}, state}
end
- def websocket_terminate(reason, _req, state) do
+ def terminate(reason, _req, state) do
Logger.debug(
"#{__MODULE__} terminating websocket connection for user #{
(state.user || %{id: "anonymous"}).id
end
# Public streams without authentication.
- defp allow_request(stream, nil) when stream in @anonymous_streams do
+ defp allow_request(stream, [nil, nil]) when stream in @anonymous_streams do
{:ok, nil}
end
# Authenticated streams.
- defp allow_request(stream, {"access_token", access_token}) when stream in @streams do
- with %Token{user_id: user_id} <- Repo.get_by(Token, token: access_token),
- user = %User{} <- Repo.get(User, user_id) do
+ defp allow_request(stream, [access_token, sec_websocket]) when stream in @streams do
+ token =
+ with {"access_token", token} <- access_token do
+ token
+ else
+ _ -> sec_websocket
+ end
+
+ with true <- is_bitstring(token),
+ %Token{user_id: user_id} <- Repo.get_by(Token, token: token),
+ user = %User{} <- User.get_cached_by_id(user_id) do
{:ok, user}
else
_ -> {:error, 403}
projects / akkoma / blobdiff