[Remote] Actually fix auth (#260)

* fix favicon, basic auth * actual fix......
2025-12-31 10:03:33 +00:00 · 2023-09-25 00:31:33 +00:00 · 2023-09-25 00:31:33 +00:00 · 9e3e038d42
commit 9e3e038d42
parent b375238baf
3 changed files with 125 additions and 103 deletions
--- a/src/main/features/core/remote/index.ts
+++ b/src/main/features/core/remote/index.ts
@ -34,6 +34,7 @@ interface MimeType {

 interface StatefulWebSocket extends WebSocket {
    alive: boolean;
+    auth: boolean;
 }

 let server: Server | undefined;
@ -52,7 +53,7 @@ type SendData = ServerEvent & {

 function send({ client, event, data }: SendData): void {
    if (client.readyState === WebSocket.OPEN) {
-        if (client.alive) {
+        if (client.alive && client.auth) {
            client.send(JSON.stringify({ data, event }));
        }
    }
@ -320,12 +321,13 @@ const enableServer = (config: RemoteConfig): Promise<void> => {

            wsServer.on('connection', (ws) => {
                let authFail: number | undefined;
+                ws.alive = true;

                if (!settings.username && !settings.password) {
-                    ws.alive = true;
+                    ws.auth = true;
                } else {
                    authFail = setTimeout(() => {
-                        if (!ws.alive) {
+                        if (!ws.auth) {
                            ws.close();
                        }
                    }, 10000) as unknown as number;
@ -334,30 +336,29 @@ const enableServer = (config: RemoteConfig): Promise<void> => {
                ws.on('error', console.error);

                ws.on('message', (data) => {
-                    if (!ws.alive) {
-                        try {
-                            const auth = data.toString().split(' ')[1];
-                            const [login, password] = Buffer.from(auth, 'base64')
-                                .toString()
-                                .split(':');
-
-                            if (login === settings.username && password === settings.password) {
-                                ws.alive = true;
-                            } else {
-                                ws.close();
-                            }
-
-                            clearTimeout(authFail);
-                        } catch (e) {
-                            console.error(e);
-                        }
-                        return;
-                    }
-
                    try {
                        const json = JSON.parse(data.toString()) as ClientEvent;
                        const event = json.event;

+                        if (!ws.auth) {
+                            if (event === 'authenticate') {
+                                const auth = json.header.split(' ')[1];
+                                const [login, password] = Buffer.from(auth, 'base64')
+                                    .toString()
+                                    .split(':');
+
+                                if (login === settings.username && password === settings.password) {
+                                    ws.auth = true;
+                                } else {
+                                    ws.close();
+                                }
+
+                                clearTimeout(authFail);
+                            } else {
+                                return;
+                            }
+                        }
+
                        switch (event) {
                            case 'pause': {
                                getMainWindow()?.webContents.send('renderer-player-pause');