This commit is contained in:
doomtube
parent
07b8e12197
commit
a0e6d40679
11 changed files with 436 additions and 81 deletions
|
|
@ -1166,7 +1166,7 @@ void ChatWebSocketController::handleBotApiKeyAuth(const WebSocketConnectionPtr&
|
|||
const std::string& apiKey) {
|
||||
LOG_INFO << "Bot attempting to authenticate via message-based API key";
|
||||
|
||||
// Get connection info to extract realmId if provided
|
||||
// Get connection info to extract realmId if provided, and mark as pending
|
||||
std::string realmId;
|
||||
{
|
||||
std::lock_guard<std::mutex> lock(connectionsMutex_);
|
||||
|
|
@ -1174,6 +1174,8 @@ void ChatWebSocketController::handleBotApiKeyAuth(const WebSocketConnectionPtr&
|
|||
if (it != connections_.end()) {
|
||||
realmId = it->second.realmId;
|
||||
}
|
||||
// Mark connection as pending API key validation (for timeout cleanup)
|
||||
pendingConnections_[wsConnPtr] = std::chrono::steady_clock::now();
|
||||
}
|
||||
|
||||
// Make HTTP request to backend to validate API key
|
||||
|
|
@ -1202,6 +1204,7 @@ void ChatWebSocketController::handleBotApiKeyAuth(const WebSocketConnectionPtr&
|
|||
if (result != ReqResult::Ok || !resp) {
|
||||
LOG_ERROR << "Failed to validate API key - backend request failed";
|
||||
sendError(wsConnPtr, "API key validation failed - service unavailable");
|
||||
wsConnPtr->shutdown(CloseCode::kViolation);
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
@ -1209,6 +1212,7 @@ void ChatWebSocketController::handleBotApiKeyAuth(const WebSocketConnectionPtr&
|
|||
if (!json || !(*json)["valid"].asBool()) {
|
||||
LOG_WARN << "Invalid API key - rejecting authentication";
|
||||
sendError(wsConnPtr, "Invalid API key");
|
||||
wsConnPtr->shutdown(CloseCode::kViolation);
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
@ -1218,9 +1222,13 @@ void ChatWebSocketController::handleBotApiKeyAuth(const WebSocketConnectionPtr&
|
|||
auto it = connections_.find(wsConnPtr);
|
||||
if (it == connections_.end()) {
|
||||
LOG_WARN << "Connection closed before API key validation completed";
|
||||
pendingConnections_.erase(wsConnPtr); // Clean up pending state
|
||||
return;
|
||||
}
|
||||
|
||||
// Successfully validated - remove from pending
|
||||
pendingConnections_.erase(wsConnPtr);
|
||||
|
||||
// Get API key ID for connection tracking
|
||||
int64_t keyId = (*json)["keyId"].asInt64();
|
||||
|
||||
|
|
@ -1229,6 +1237,7 @@ void ChatWebSocketController::handleBotApiKeyAuth(const WebSocketConnectionPtr&
|
|||
if (existingConn != apiKeyConnections_.end()) {
|
||||
LOG_WARN << "API key " << keyId << " already has an active connection - rejecting";
|
||||
sendError(wsConnPtr, "Only 1 connection per API key allowed. Disconnect the existing connection first.");
|
||||
wsConnPtr->shutdown(CloseCode::kViolation);
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -34,6 +34,9 @@ public:
|
|||
// Check and disconnect guests that have exceeded their session timeout
|
||||
static void checkGuestTimeouts();
|
||||
|
||||
// Check and disconnect pending bot connections that have exceeded validation timeout
|
||||
static void checkPendingConnectionTimeouts();
|
||||
|
||||
private:
|
||||
struct ConnectionInfo {
|
||||
std::string realmId;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue