From 1a13285971ef728109011a93e676e26248b30242 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Wed, 26 Sep 2018 15:59:22 +0200
Subject: Fixes

---
 shardweb/assets/js/socket.js                          |  3 ++-
 shardweb/lib/shard_web/channels/room_channel.ex       |  1 -
 shardweb/lib/shard_web/channels/user_socket.ex        | 16 ++++++++++++++--
 shardweb/lib/shard_web/controllers/room_controller.ex | 10 ++++++----
 4 files changed, 22 insertions(+), 8 deletions(-)

(limited to 'shardweb')

diff --git a/shardweb/assets/js/socket.js b/shardweb/assets/js/socket.js
index 5088721..4c340f0 100644
--- a/shardweb/assets/js/socket.js
+++ b/shardweb/assets/js/socket.js
@@ -5,7 +5,8 @@
 // and connect at the socket path in "lib/web/endpoint.ex":
 import {Socket} from "phoenix"
 
-let socket = new Socket("/socket", {params: {token: window.userToken}})
+let pk = window.Gon.getAsset('pk');
+let socket = new Socket("/socket", {params: {token: window.userToken, pk: pk}})
 
 // When you connect, you'll often need to authenticate the client.
 // For example, imagine you have an authentication plug, `MyAuth`,
diff --git a/shardweb/lib/shard_web/channels/room_channel.ex b/shardweb/lib/shard_web/channels/room_channel.ex
index 2935c45..f582e06 100644
--- a/shardweb/lib/shard_web/channels/room_channel.ex
+++ b/shardweb/lib/shard_web/channels/room_channel.ex
@@ -16,7 +16,6 @@ defmodule ShardWeb.RoomChannel do
           pid
       end
       socket = assign(socket, :pid, pid)
-      socket = assign(socket, :pk, Shard.Keys.get_any_identity) # TODO same as in session!
 
       GenServer.cast(pid, {:subscribe, self()})
       send(self(), :after_join)
diff --git a/shardweb/lib/shard_web/channels/user_socket.ex b/shardweb/lib/shard_web/channels/user_socket.ex
index 4fb76dc..a3aa1a5 100644
--- a/shardweb/lib/shard_web/channels/user_socket.ex
+++ b/shardweb/lib/shard_web/channels/user_socket.ex
@@ -1,6 +1,8 @@
 defmodule ShardWeb.UserSocket do
   use Phoenix.Socket
 
+  require Logger
+
   ## Channels
   channel "room:*", ShardWeb.RoomChannel
 
@@ -19,8 +21,18 @@ defmodule ShardWeb.UserSocket do
   #
   # See `Phoenix.Token` documentation for examples in
   # performing token verification on connect.
-  def connect(_params, socket) do
-    {:ok, socket}
+  def connect(params, socket) do
+    case Base.decode16(params["pk"]) do
+      {:ok, pk} ->
+        if Shard.Keys.have_sk? pk do
+          socket = assign(socket, :pk, pk)
+          {:ok, socket}
+        else
+          Logger.warn("Invalid pk at user_socket.connect... #{params["pk"]}")
+          :error
+        end
+      _ -> :error
+    end
   end
 
   # Socket id's are topics that allow you to identify all sockets for a given user:
diff --git a/shardweb/lib/shard_web/controllers/room_controller.ex b/shardweb/lib/shard_web/controllers/room_controller.ex
index 48ba2a4..8c98aa6 100644
--- a/shardweb/lib/shard_web/controllers/room_controller.ex
+++ b/shardweb/lib/shard_web/controllers/room_controller.ex
@@ -5,18 +5,20 @@ defmodule ShardWeb.RoomController do
   import PhoenixGon.Controller
 
   def show(conn, %{"room" => room}) do
-    {pk, conn} = case get_session(conn, :pk) do
-      nil ->
+    pk = get_session(conn, :pk)
+    {pk, conn} = cond do
+      pk == nil || not Shard.Keys.have_sk? pk ->
         pk = Shard.Keys.get_any_identity
         conn = put_session(conn, :pk, pk)
         {pk, conn}
-      x ->
-        {x, conn}
+      true ->
+        {pk, conn}
     end
 
     name = SApp.Identity.get_nick pk
 
     conn = put_gon(conn, chat_room: room)
+    conn = put_gon(conn, pk: (pk|>Base.encode16))
     render conn, "show.html",
       room: room,
       pk: pk,
-- 
cgit v1.2.3