dandri/livekit
1
0
Fork 0
mirror of https://github.com/livekit/livekit.git synced 2026-04-14 08:45:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

move cors to middleware (#54)

Browse Source 
* move cors to middleware

* check for nil url

* remove snapshot
This commit is contained in:
David Colburn
2021-07-15 18:36:54 -05:00
committed by GitHub
parent 53bc65285c
commit e3fc3397ce
2 changed files with 17 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/service/auth.go
View File

@@ -34,6 +34,10 @@ func NewAPIKeyAuthMiddleware(provider auth.KeyProvider) *APIKeyAuthMiddleware {
}
func (m *APIKeyAuthMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
if r.URL != nil && r.URL.Path == "/rtc/validate" {
w.Header().Set("Access-Control-Allow-Origin", "*")
}
authHeader := r.Header.Get(authorizationHeader)
var authToken string

27
pkg/service/rtcservice.go
View File

@@ -45,7 +45,6 @@ func NewRTCService(conf *config.Config, roomManager *RoomManager, router routing
func (s *RTCService) Validate(w http.ResponseWriter, r *http.Request) {
_, _, code, err := s.validate(r)
w.Header().Set("Access-Control-Allow-Origin", "*")
if err != nil {
handleError(w, code, err.Error())
return
@@ -54,6 +53,17 @@ func (s *RTCService) Validate(w http.ResponseWriter, r *http.Request) {
}
func (s *RTCService) validate(r *http.Request) (string, routing.ParticipantInit, int, error) {
claims := GetGrants(r.Context())
// require a claim
if claims == nil || claims.Video == nil {
return "", routing.ParticipantInit{}, http.StatusUnauthorized, rtc.ErrPermissionDenied
}
onlyName, err := EnsureJoinPermission(r.Context())
if err != nil {
return "", routing.ParticipantInit{}, http.StatusUnauthorized, err
}
roomName := r.FormValue("room")
reconnectParam := r.FormValue("reconnect")
protocolParam := r.FormValue("protocol")
@@ -61,10 +71,8 @@ func (s *RTCService) validate(r *http.Request) (string, routing.ParticipantInit,
// plan b does not work fully at the moment.
planBParam := r.FormValue("planb")
claims := GetGrants(r.Context())
// require a claim
if claims == nil || claims.Video == nil {
return "", routing.ParticipantInit{}, http.StatusUnauthorized, rtc.ErrPermissionDenied
if onlyName != "" {
roomName = onlyName
}
pi := routing.ParticipantInit{
@@ -89,15 +97,6 @@ func (s *RTCService) validate(r *http.Request) (string, routing.ParticipantInit,
}
}
onlyName, err := EnsureJoinPermission(r.Context())
if err != nil {
return "", routing.ParticipantInit{}, http.StatusUnauthorized, err
}
if onlyName != "" {
roomName = onlyName
}
return roomName, pi, http.StatusOK, nil
}