Merge branch 'chat-session-handling' of github.com:onionshare/onionshare-ghsa-gjj5-998g-v36v into ros-fixes

2025-01-10 03:37:28 -03:00 · 2021-11-18 19:15:24 -08:00 · 2021-11-18 19:15:24 -08:00 · 5f5b761fcf
commit 5f5b761fcf
parent 09d2c2a7f8 8ec28da4fe
3 changed files with 62 additions and 61 deletions
--- a/cli/onionshare_cli/mode_settings.py
+++ b/cli/onionshare_cli/mode_settings.py
@ -55,12 +55,8 @@ class ModeSettings:
                "disable_text": False,
                "disable_files": False,
            },
-            "website": {
-                "disable_csp": False,
-                "custom_csp": None,
-                "filenames": []
-            },
-            "chat": {"room": "default"},
+            "website": {"disable_csp": False, "custom_csp": None, "filenames": []},
+            "chat": {},
        }
        self._settings = {}

--- a/cli/onionshare_cli/resources/static/js/chat.js
+++ b/cli/onionshare_cli/resources/static/js/chat.js
@ -11,29 +11,23 @@ $(function () {
    // Store current username received from app context
    var current_username = $('#username').val();

-    // On browser connect, emit a socket event to be added to 
-    // room and assigned random username
-    socket.on('connect', function () {
-      socket.emit('joined', {});
-    });
-
    // Triggered on any status change by any user, such as some
    // user joined, or changed username, or left, etc.
    socket.on('status', function (data) {
-      addMessageToRoom(data, current_username, 'status');
+      addMessageToPanel(data, current_username, 'status');
      console.log(data, current_username);
    });

    // Triggered when message is received from a user. Even when sent
    // by self, it get triggered after the server sends back the emit.
-    socket.on('message', function (data) {
-      addMessageToRoom(data, current_username, 'chat');
+    socket.on('chat_message', function (data) {
+      addMessageToPanel(data, current_username, 'chat');
      console.log(data, current_username);
    });

    // Triggered when disconnected either by server stop or timeout
    socket.on('disconnect', function (data) {
-      addMessageToRoom({ 'msg': 'The chat server is disconnected.' }, current_username, 'status');
+      addMessageToPanel({ 'msg': 'The chat server is disconnected.' }, current_username, 'status');
    })
    socket.on('connect_error', function (error) {
      console.log("error");
@ -66,7 +60,7 @@ $(function () {
  });
 });

-var addMessageToRoom = function (data, current_username, messageType) {
+var addMessageToPanel = function (data, current_username, messageType) {
  var scrollDiff = getScrollDiffBefore();
  if (messageType === 'status') {
    addStatusMessage(data.msg);
@ -99,6 +93,8 @@ var updateUsername = function (socket) {
      console.log(response);
      if (response.success && response.username == username) {
        socket.emit('update_username', { username: username });
+      } else {
+        addStatusMessage("Failed to update username.")
      }
    });
    return username;
--- a/cli/onionshare_cli/web/chat_mode.py
+++ b/cli/onionshare_cli/web/chat_mode.py
@ -19,7 +19,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 """

 from flask import request, render_template, make_response, jsonify, session
-from flask_socketio import emit, join_room, leave_room
+from flask_socketio import emit, ConnectionRefusedError


 class ChatModeWeb:
@ -33,7 +33,7 @@ class ChatModeWeb:

        self.web = web

-        # This tracks users in the room
+        # This tracks users in the server
        self.connected_users = []

        # This tracks the history id
@ -47,6 +47,13 @@ class ChatModeWeb:

        self.define_routes()

+    def validate_username(self, username):
+        return (
+            username
+            and username not in self.connected_users
+            and len(username) < 128
+        )
+
    def define_routes(self):
        """
        The web app routes for chatting
@ -61,7 +68,6 @@ class ChatModeWeb:
                if session.get("name")
                else self.common.build_username()
            )
-            session["room"] = self.web.settings.default_settings["chat"]["room"]
            self.web.add_request(
                request.path,
                {"id": history_id, "status_code": 200},
@ -79,11 +85,7 @@ class ChatModeWeb:
        def update_session_username():
            history_id = self.cur_history_id
            data = request.get_json()
-            if (
-                data.get("username", "")
-                and data.get("username", "") not in self.connected_users
-                and len(data.get("username", "")) < 128
-            ):
+            if self.validate_username(data.get("username", "")):
                session["name"] = data.get("username", session.get("name"))
                self.web.add_request(
                    request.path,
@ -111,67 +113,74 @@ class ChatModeWeb:
                )
            return r

-        @self.web.socketio.on("joined", namespace="/chat")
-        def joined(message):
+        @self.web.socketio.on("connect", namespace="/chat")
+        def server_connect():
            """Sent by clients when they enter a room.
            A status message is broadcast to all people in the room."""
-            self.connected_users.append(session.get("name"))
-            join_room(session.get("room"))
-            emit(
-                "status",
-                {
-                    "username": session.get("name"),
-                    "msg": "{} has joined.".format(session.get("name")),
-                    "connected_users": self.connected_users,
-                    "user": session.get("name"),
-                },
-                room=session.get("room"),
-            )
+            if self.validate_username(session.get("name")):
+                self.connected_users.append(session.get("name"))
+                emit(
+                    "status",
+                    {
+                        "username": session.get("name"),
+                        "msg": "{} has joined.".format(session.get("name")),
+                        "connected_users": self.connected_users,
+                        "user": session.get("name"),
+                    },
+                    broadcast=True,
+                )
+            else:
+                raise ConnectionRefusedError('You are active from another session!')

        @self.web.socketio.on("text", namespace="/chat")
        def text(message):
            """Sent by a client when the user entered a new message.
-            The message is sent to all people in the room."""
+            The message is sent to all people in the server."""
            emit(
-                "message",
+                "chat_message",
                {"username": session.get("name"), "msg": message["msg"]},
-                room=session.get("room"),
+                broadcast=True,
            )

        @self.web.socketio.on("update_username", namespace="/chat")
        def update_username(message):
            """Sent by a client when the user updates their username.
-            The message is sent to all people in the room."""
+            The message is sent to all people in the server."""
            current_name = session.get("name")
-            if message.get("username", ""):
+            if self.validate_username(message.get("username", "")):
                session["name"] = message["username"]
                self.connected_users[
                    self.connected_users.index(current_name)
                ] = session.get("name")
-            emit(
-                "status",
-                {
-                    "msg": "{} has updated their username to: {}".format(
-                        current_name, session.get("name")
-                    ),
-                    "connected_users": self.connected_users,
-                    "old_name": current_name,
-                    "new_name": session.get("name"),
-                },
-                room=session.get("room"),
-            )
+                emit(
+                    "status",
+                    {
+                        "msg": "{} has updated their username to: {}".format(
+                            current_name, session.get("name")
+                        ),
+                        "connected_users": self.connected_users,
+                        "old_name": current_name,
+                        "new_name": session.get("name"),
+                    },
+                    broadcast=True,
+                )
+            else:
+                emit(
+                    "status",
+                    {"msg": "Failed to update username."},
+                )

        @self.web.socketio.on("disconnect", namespace="/chat")
        def disconnect():
-            """Sent by clients when they disconnect from a room.
-            A status message is broadcast to all people in the room."""
-            self.connected_users.remove(session.get("name"))
-            leave_room(session.get("room"))
+            """Sent by clients when they disconnect.
+            A status message is broadcast to all people in the server."""
+            if session.get("name") in self.connected_users:
+                self.connected_users.remove(session.get("name"))
            emit(
                "status",
                {
                    "msg": "{} has left the room.".format(session.get("name")),
                    "connected_users": self.connected_users,
                },
-                room=session.get("room"),
+                broadcast=True,
            )