apitech
/
Rocket.Chat
mirror of https://github.com/RocketChat/Rocket.Chat
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
The communications platform that puts data protection first.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17290 Commits
704 Branches
1176 Tags
2.1 GiB
 
 
 
 
 
Tag: Branch: Tree: alpha/blocketchat
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'alpha/blocketchat'
${ noResults }
Rocket.Chat/app/tokenpass/server/startup.js

58 lines
2.0 KiB
Raw Permalink Blame History

import { Meteor } from 'meteor/meteor';
import { Accounts } from 'meteor/accounts-base';
import { updateUserTokenpassBalances } from './functions/updateUserTokenpassBalances';
import { Tokenpass } from './Tokenpass';
import { settings } from '../../settings';
import { addRoomAccessValidator } from '../../authorization';
import { Users } from '../../models';
import { callbacks } from '../../callbacks';
settings.addGroup('OAuth', function() {
this.section('Tokenpass', function() {
const enableQuery = {
_id: 'Accounts_OAuth_Tokenpass',
value: true,
};
this.add('Accounts_OAuth_Tokenpass', false, { type: 'boolean' });
this.add('API_Tokenpass_URL', '', { type: 'string', public: true, enableQuery, i18nDescription: 'API_Tokenpass_URL_Description' });
this.add('Accounts_OAuth_Tokenpass_id', '', { type: 'string', enableQuery });
this.add('Accounts_OAuth_Tokenpass_secret', '', { type: 'string', enableQuery });
this.add('Accounts_OAuth_Tokenpass_callback_url', '_oauth/tokenpass', { type: 'relativeUrl', readonly: true, force: true, enableQuery });
});
});
function validateTokenAccess(userData, roomData) {
if (!userData || !userData.services || !userData.services.tokenpass || !userData.services.tokenpass.tcaBalances) {
return false;
}
return Tokenpass.validateAccess(roomData.tokenpass, userData.services.tokenpass.tcaBalances);
}
Meteor.startup(function() {
addRoomAccessValidator(function(room, user) {
if (!room || !room.tokenpass || !user) {
return false;
}
const userData = Users.getTokenBalancesByUserId(user._id);
return validateTokenAccess(userData, room);
});
callbacks.add('beforeJoinRoom', function(user, room) {
if (room.tokenpass && !validateTokenAccess(user, room)) {
throw new Meteor.Error('error-not-allowed', 'Token required', { method: 'joinRoom' });
}
return room;
});
});
Accounts.onLogin(function({ user }) {
if (user && user.services && user.services.tokenpass) {
updateUserTokenpassBalances(user);
}
});