diff --git a/.env.template b/.env.template index 321c528a..06266f3b 100644 --- a/.env.template +++ b/.env.template @@ -1,11 +1,11 @@ # Enable self-signed certs (app/ssl) -HTTPS=false +HTTPS=false # true or false # Domain HOST=localhost -HOST_PROTECTED=true|false +HOST_PROTECTED=false # true or false HOST_USERNAME=username HOST_PASSWORD=password @@ -18,7 +18,7 @@ PORT=3000 # 2. Get started for free # 3. Copy YourNgrokAuthToken: https://dashboard.ngrok.com/get-started/your-authtoken -NGROK_ENABLED=true|false +NGROK_ENABLED=false # true or false NGROK_AUTH_TOKEN=YourNgrokAuthToken # Stun @@ -27,10 +27,10 @@ NGROK_AUTH_TOKEN=YourNgrokAuthToken STUN=stun:stun.l.google.com:19302 # Turn -# Recommended: https://github.com/coturn/coturn +# Recommended: https://github.com/coturn/coturn # Check: https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/ -TURN_ENABLED=true|false +TURN_ENABLED=false # true or false TURN_URLS=turn:YourTurnServer TURN_USERNAME=YourTurnUsername TURN_PASSWORD=YourTurnPassword @@ -44,7 +44,7 @@ API_KEY_SECRET=mirotalk_default_secret # Survey URL # Using to redirect the client after close the call (feedbacks, website...) -SURVEY_ENABLED=true +SURVEY_ENABLED=true # true or false SURVEY_URL=https://www.questionpro.com/t/AUs7VZq00L # Sentry (optional) @@ -52,7 +52,7 @@ SURVEY_URL=https://www.questionpro.com/t/AUs7VZq00L # 2. Create account # 3. Goto Settings/Projects/YourProjectName/Client Keys (DSN) -SENTRY_ENABLED=true|false +SENTRY_ENABLED=false # true or false SENTRY_DSN=YourClientKeyDSN SENTRY_TRACES_SAMPLE_RATE=1.0 @@ -62,8 +62,5 @@ SENTRY_TRACES_SAMPLE_RATE=1.0 # 3. On Settings - Basic Information - App Credentials chose your Signing Secret # 4. Create a Slash Commands and put as Request URL: https://your.domain.name/slack -SLACK_ENABLED=true|false +SLACK_ENABLED=false # true or false SLACK_SIGNING_SECRET=YourSlackSigningSecret - -# Auto deploy on Railway -# https://railway.app/new/template/mirotalk?referralCode=mirotalk \ No newline at end of file diff --git a/app/src/server.js b/app/src/server.js index 3ab9d08c..0f30189d 100755 --- a/app/src/server.js +++ b/app/src/server.js @@ -219,7 +219,7 @@ app.get(['/'], (req, res) => { // handle login on host protected app.get(['/login'], (req, res) => { if (hostCfg.protected == true) { - let ip = getIP(req); + const ip = getIP(req); log.debug(`Request login to host from: ${ip}`, req.query); const { username, password } = req.query; if (username == hostCfg.username && password == hostCfg.password) { @@ -245,7 +245,7 @@ app.get(['/about'], (req, res) => { // set new room name and join app.get(['/newcall'], (req, res) => { if (hostCfg.protected == true) { - let ip = getIP(req); + const ip = getIP(req); if (allowedIP(ip)) { res.sendFile(views.newCall); } else { @@ -323,24 +323,25 @@ app.get('/join/*', function (req, res) { // request meeting room endpoint app.post([apiBasePath + '/meeting'], (req, res) => { // check if user was authorized for the api call - let authorization = req.headers.authorization; + const { headers, body } = req; + const authorization = headers.authorization; if (authorization != api_key_secret) { log.debug('MiroTalk get meeting - Unauthorized', { - header: req.headers, - body: req.body, + headers: headers, + body: body, }); return res.status(403).json({ error: 'Unauthorized!' }); } // setup meeting URL - let host = req.headers.host; - let meetingURL = getMeetingURL(host); + const host = req.headers.host; + const meetingURL = getMeetingURL(host); res.setHeader('Content-Type', 'application/json'); res.end(JSON.stringify({ meeting: meetingURL })); // log.debug the output if all done log.debug('MiroTalk get meeting - Authorized', { - header: req.headers, - body: req.body, + headers: headers, + body: body, meeting: meetingURL, }); }); @@ -358,22 +359,22 @@ app.post('/slack', (req, res) => { if (!slackSigningSecret) return res.end('`Slack Signing Secret is empty!`'); - let slackSignature = req.headers['x-slack-signature']; - let requestBody = qS.stringify(req.body, { format: 'RFC1738' }); - let timeStamp = req.headers['x-slack-request-timestamp']; - let time = Math.floor(new Date().getTime() / 1000); + const slackSignature = req.headers['x-slack-signature']; + const requestBody = qS.stringify(req.body, { format: 'RFC1738' }); + const timeStamp = req.headers['x-slack-request-timestamp']; + const time = Math.floor(new Date().getTime() / 1000); // The request timestamp is more than five minutes from local time. It could be a replay attack, so let's ignore it. if (Math.abs(time - timeStamp) > 300) return res.end('`Wrong timestamp` - Ignore this request.'); // Get Signature to compare it later - let sigBaseString = 'v0:' + timeStamp + ':' + requestBody; - let mySignature = 'v0=' + CryptoJS.HmacSHA256(sigBaseString, slackSigningSecret); + const sigBaseString = 'v0:' + timeStamp + ':' + requestBody; + const mySignature = 'v0=' + CryptoJS.HmacSHA256(sigBaseString, slackSigningSecret); // Valid Signature return a meetingURL if (mySignature == slackSignature) { - let host = req.headers.host; - let meetingURL = getMeetingURL(host); + const host = req.headers.host; + const meetingURL = getMeetingURL(host); log.debug('Slack', { meeting: meetingURL }); return res.end(meetingURL); } @@ -567,17 +568,19 @@ io.sockets.on('connect', async (socket) => { // log.debug('Join room', config); log.debug('[' + socket.id + '] join ', config); - let channel = config.channel; - let channel_password = config.channel_password; - let peer_name = config.peer_name; - let peer_video = config.peer_video; - let peer_audio = config.peer_audio; - let peer_video_status = config.peer_video_status; - let peer_audio_status = config.peer_audio_status; - let peer_screen_status = config.peer_screen_status; - let peer_hand_status = config.peer_hand_status; - let peer_rec_status = config.peer_rec_status; - let peer_privacy_status = config.peer_privacy_status; + const { + channel, + channel_password, + peer_name, + peer_video, + peer_audio, + peer_video_status, + peer_audio_status, + peer_screen_status, + peer_hand_status, + peer_rec_status, + peer_privacy_status, + } = config; if (channel in socket.channels) { return log.debug('[' + socket.id + '] [Warning] already joined', channel); @@ -627,8 +630,7 @@ io.sockets.on('connect', async (socket) => { * Relay ICE to peers */ socket.on('relayICE', async (config) => { - let peer_id = config.peer_id; - let ice_candidate = config.ice_candidate; + const { peer_id, ice_candidate } = config; // log.debug('[' + socket.id + '] relay ICE-candidate to [' + peer_id + '] ', { // address: config.ice_candidate, @@ -644,8 +646,7 @@ io.sockets.on('connect', async (socket) => { * Relay SDP to peers */ socket.on('relaySDP', async (config) => { - let peer_id = config.peer_id; - let session_description = config.session_description; + const { peer_id, session_description } = config; log.debug('[' + socket.id + '] relay SessionDescription to [' + peer_id + '] ', { type: session_description.type, @@ -664,11 +665,9 @@ io.sockets.on('connect', async (socket) => { // Prevent XSS injection const config = checkXSS(cfg); //log.debug('[' + socket.id + '] Room action:', config); + const { room_id, peer_name, password, action } = config; + let room_is_locked = false; - let room_id = config.room_id; - let peer_name = config.peer_name; - let password = config.password; - let action = config.action; // try { switch (action) { @@ -690,12 +689,12 @@ io.sockets.on('connect', async (socket) => { }); break; case 'checkPassword': - let config = { + const data = { peer_name: peer_name, action: action, password: password == peers[room_id]['password'] ? 'OK' : 'KO', }; - await sendToPeer(socket.id, sockets, 'roomAction', config); + await sendToPeer(socket.id, sockets, 'roomAction', data); break; } } catch (err) { @@ -711,9 +710,8 @@ io.sockets.on('connect', async (socket) => { // Prevent XSS injection const config = checkXSS(cfg); // log.debug('Peer name', config); - let room_id = config.room_id; - let peer_name_old = config.peer_name_old; - let peer_name_new = config.peer_name_new; + const { room_id, peer_name_old, peer_name_new } = config; + let peer_id_to_update = null; for (let peer_id in peers[room_id]) { @@ -723,16 +721,15 @@ io.sockets.on('connect', async (socket) => { } } - if (peer_id_to_update) { - log.debug('[' + socket.id + '] emit peerName to [room_id: ' + room_id + ']', { - peer_id: peer_id_to_update, - peer_name: peer_name_new, - }); + const data = { + peer_id: peer_id_to_update, + peer_name: peer_name_new, + }; - await sendToRoom(room_id, socket.id, 'peerName', { - peer_id: peer_id_to_update, - peer_name: peer_name_new, - }); + if (peer_id_to_update) { + log.debug('[' + socket.id + '] emit peerName to [room_id: ' + room_id + ']', data); + + await sendToRoom(room_id, socket.id, 'peerName', data); } }); @@ -743,10 +740,14 @@ io.sockets.on('connect', async (socket) => { // Prevent XSS injection const config = checkXSS(cfg); // log.debug('Peer status', config); - let room_id = config.room_id; - let peer_name = config.peer_name; - let element = config.element; - let status = config.status; + const { room_id, peer_name, element, status } = config; + + const data = { + peer_id: socket.id, + peer_name: peer_name, + element: element, + status: status, + }; try { for (let peer_id in peers[room_id]) { @@ -774,18 +775,9 @@ io.sockets.on('connect', async (socket) => { } } - log.debug('[' + socket.id + '] emit peerStatus to [room_id: ' + room_id + ']', { - peer_id: socket.id, - element: element, - status: status, - }); + log.debug('[' + socket.id + '] emit peerStatus to [room_id: ' + room_id + ']', data); - await sendToRoom(room_id, socket.id, 'peerStatus', { - peer_id: socket.id, - peer_name: peer_name, - element: element, - status: status, - }); + await sendToRoom(room_id, socket.id, 'peerStatus', data); } catch (err) { log.error('Peer Status', toJson(err)); } @@ -798,36 +790,23 @@ io.sockets.on('connect', async (socket) => { // Prevent XSS injection const config = checkXSS(cfg); // log.debug('Peer action', config); - let room_id = config.room_id; - let peer_id = config.peer_id; - let peer_name = config.peer_name; - let peer_use_video = config.peer_use_video; - let peer_action = config.peer_action; - let send_to_all = config.send_to_all; + const { room_id, peer_id, peer_name, peer_use_video, peer_action, send_to_all } = config; + + const data = { + peer_id: peer_id, + peer_name: peer_name, + peer_action: peer_action, + peer_use_video: peer_use_video, + }; if (send_to_all) { - log.debug('[' + socket.id + '] emit peerAction to [room_id: ' + room_id + ']', { - peer_id: socket.id, - peer_name: peer_name, - peer_action: peer_action, - peer_use_video: peer_use_video, - }); + log.debug('[' + socket.id + '] emit peerAction to [room_id: ' + room_id + ']', data); - await sendToRoom(room_id, socket.id, 'peerAction', { - peer_id: peer_id, - peer_name: peer_name, - peer_action: peer_action, - peer_use_video: peer_use_video, - }); + await sendToRoom(room_id, socket.id, 'peerAction', data); } else { log.debug('[' + socket.id + '] emit peerAction to [' + peer_id + '] from room_id [' + room_id + ']'); - await sendToPeer(peer_id, sockets, 'peerAction', { - peer_id: peer_id, - peer_name: peer_name, - peer_action: peer_action, - peer_use_video: peer_use_video, - }); + await sendToPeer(peer_id, sockets, 'peerAction', data); } }); @@ -837,9 +816,7 @@ io.sockets.on('connect', async (socket) => { socket.on('kickOut', async (cfg) => { // Prevent XSS injection const config = checkXSS(cfg); - let room_id = config.room_id; - let peer_id = config.peer_id; - let peer_name = config.peer_name; + const { room_id, peer_id, peer_name } = config; log.debug('[' + socket.id + '] kick out peer [' + peer_id + '] from room_id [' + room_id + ']'); @@ -855,11 +832,7 @@ io.sockets.on('connect', async (socket) => { // Prevent XSS injection const config = checkXSS(cfg); // log.debug('File info', config); - let room_id = config.room_id; - let peer_name = config.peer_name; - let peer_id = config.peer_id; - let broadcast = config.broadcast; - let file = config.file; + const { room_id, peer_id, peer_name, broadcast, file } = config; function bytesToSize(bytes) { let sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB']; @@ -889,8 +862,7 @@ io.sockets.on('connect', async (socket) => { socket.on('fileAbort', async (cfg) => { // Prevent XSS injection const config = checkXSS(cfg); - let room_id = config.room_id; - let peer_name = config.peer_name; + const { room_id, peer_name } = config; log.debug('[' + socket.id + '] Peer [' + peer_name + '] send fileAbort to room_id [' + room_id + ']'); await sendToRoom(room_id, socket.id, 'fileAbort'); @@ -903,18 +875,9 @@ io.sockets.on('connect', async (socket) => { // Prevent XSS injection const config = checkXSS(cfg); // log.debug('Video player', config); - let room_id = config.room_id; - let peer_name = config.peer_name; - let video_action = config.video_action; - let video_src = config.video_src; - let peer_id = config.peer_id; + const { room_id, peer_id, peer_name, video_action, video_src } = config; - let sendConfig = { - peer_name: peer_name, - video_action: video_action, - video_src: video_src, - }; - let logMe = { + const data = { peer_id: socket.id, peer_name: peer_name, video_action: video_action, @@ -922,16 +885,13 @@ io.sockets.on('connect', async (socket) => { }; if (peer_id) { - log.debug( - '[' + socket.id + '] emit videoPlayer to [' + peer_id + '] from room_id [' + room_id + ']', - logMe, - ); + log.debug('[' + socket.id + '] emit videoPlayer to [' + peer_id + '] from room_id [' + room_id + ']', data); - await sendToPeer(peer_id, sockets, 'videoPlayer', sendConfig); + await sendToPeer(peer_id, sockets, 'videoPlayer', data); } else { - log.debug('[' + socket.id + '] emit videoPlayer to [room_id: ' + room_id + ']', logMe); + log.debug('[' + socket.id + '] emit videoPlayer to [room_id: ' + room_id + ']', data); - await sendToRoom(room_id, socket.id, 'videoPlayer', sendConfig); + await sendToRoom(room_id, socket.id, 'videoPlayer', data); } }); @@ -942,7 +902,7 @@ io.sockets.on('connect', async (socket) => { // Prevent XSS injection const config = checkXSS(cfg); // log.debug('Whiteboard send canvas', config); - let room_id = config.room_id; + const { room_id } = config; await sendToRoom(room_id, socket.id, 'wbCanvasToJson', config); }); @@ -950,7 +910,7 @@ io.sockets.on('connect', async (socket) => { // Prevent XSS injection const config = checkXSS(cfg); log.debug('Whiteboard', config); - let room_id = config.room_id; + const { room_id } = config; await sendToRoom(room_id, socket.id, 'whiteboardAction', config); }); @@ -1078,7 +1038,7 @@ function allowedIP(ip) { */ function removeIP(socket) { if (hostCfg.protected == true) { - let ip = socket.handshake.address; + const ip = socket.handshake.address; if (ip && allowedIP(ip)) { authHost.deleteIP(ip); hostCfg.authenticated = false; diff --git a/public/js/client.js b/public/js/client.js index 62e72758..dc734ef9 100644 --- a/public/js/client.js +++ b/public/js/client.js @@ -1290,6 +1290,7 @@ async function whoAreYouJoin() { async function joinToChannel() { console.log('12. join to channel', roomId); sendToServer('join', { + join_data_time: getDataTimeString(), channel: roomId, userAgent: userAgent, channel_password: thisRoomPassword,