freechat/rtc-server/auth.js

const jsonwebtoken = require('jsonwebtoken')
const fs = require('fs')

const SERVER_HMAC = fs.readFileSync('wss-hmac.secret')
const USER_HMAC = fs.readFileSync('hmac.secret')


exports.verify = function(token) {
	/**
	 * @param {String} token
	 * @returns 'user' on user connection
	 * @returns 'server' on server connection
	 * @retusn false on failure
	 */
	console.log('given token: ', token)
	const vconfig = {
		clockTolerance: 3, 
	}
	try {
		const decoded = jsonwebtoken.verify(token, USER_HMAC, vconfig);
		return 'user'
	} catch (err) {
		try {
			const decoded = jsonwebtoken.verify(token, SERVER_HMAC, {ignoreNotBefore: true})
			return 'server'
		} catch (err) {
			return false
		}
	}
}


exports.prepare_auth = function(req) {
	// NOTE: Why? because setting headers from the server is completely undocumented and I've ran
	// through basically every library under the sun I literally con't be fucked to 
	// read people's code for a feature that could have a fucking tweet as documentation

	// Typical User connections are setup with authentication in the headers
	// Requested channel is the path
	let header_auth = req.headers['authentication'] || req.headers['jwt']
	if(!header_auth) {
		let path = req.url
		let uri = '/jwt/'
		if(req.url.startsWith(uri)) {
			let jwt = req.url.slice(uri.length)
			return [jwt,null]
		}
	}  
	else {
		return [header_auth, req.url]
	}
}