diff --git a/config.yaml b/config.yaml index 0c8e706..8473ccc 100644 --- a/config.yaml +++ b/config.yaml @@ -36,7 +36,7 @@ database: # Video calls configuration rtc-relay: - ip: ::ffff:127.0.0.1 + ip: 127.0.0.1 token: SecretToken ice-servers: - stun:stun.l.google.com:19302 diff --git a/src/controllers/mod.rs b/src/controllers/mod.rs index 7f0c37f..81d7592 100644 --- a/src/controllers/mod.rs +++ b/src/controllers/mod.rs @@ -3,6 +3,7 @@ pub mod server; pub mod server_controller; pub mod user_ws_controller; +pub mod rtc_relay_controller; pub mod account_controller; pub mod user_controller; pub mod settings_controller; diff --git a/src/controllers/rtc_relay_controller.rs b/src/controllers/rtc_relay_controller.rs new file mode 100644 index 0000000..aca03c3 --- /dev/null +++ b/src/controllers/rtc_relay_controller.rs @@ -0,0 +1,42 @@ +//! # RTC Relay controller +//! +//! @author Pierre Hubert + +use crate::data::config::conf; + +/// Establish a new connection with the RTC relay +/// +/// Debug with +/// ```js +/// ws = new WebSocket("ws://0.0.0.0:3000/rtc_proxy/ws"); +/// ws.onmessage = (msg) => console.log("WS msg", msg); +/// ws.onopen = () => console.log("Socket is open !"); +/// ws.onerror = (e) => console.log("WS ERROR !", e); +/// ws.onclose = (e) => console.log("WS CLOSED!"); +/// ``` +pub async fn open_ws(req: actix_web::HttpRequest, + stream: actix_web::web::Payload) -> Result { + let ip = req.peer_addr().unwrap(); + + // Check if video calls are enabled + if conf().rtc_relay.is_none() { + eprintln!("A relay from {} tried to connect to the server but the relay is disabled!", ip); + return Ok(actix_web::HttpResponse::BadRequest().body("RTC Relay not configured!")); + } + + let conf = conf().rtc_relay.as_ref().unwrap(); + + // Check remote IP address + if !ip.ip().to_string().eq(&conf.ip) { + eprintln!("A relay from {} tried to connect to the server but the IP address is not authorized!", ip); + return Ok(actix_web::HttpResponse::Unauthorized().body("Access denied!")); + } + + // Check the token + if !req.query_string().eq(&format!("token={}", &conf.token)) { + eprintln!("A relay from {} tried to connect with an invalid access token!", ip); + return Ok(actix_web::HttpResponse::Unauthorized().body("Invalid token!")); + } + + unreachable!(); +} \ No newline at end of file diff --git a/src/controllers/server.rs b/src/controllers/server.rs index d95f9da..55cb6f8 100644 --- a/src/controllers/server.rs +++ b/src/controllers/server.rs @@ -14,9 +14,9 @@ use percent_encoding::percent_decode_str; use crate::api_data::http_error::HttpError; use crate::constants::MAX_REQUEST_SIZE; +use crate::controllers::{rtc_relay_controller, user_ws_controller}; use crate::controllers::routes::{get_routes, RequestResult, Route}; use crate::controllers::routes::Method::{GET, POST}; -use crate::controllers::user_ws_controller; use crate::data::base_request_handler::{BaseRequestHandler, PostFile, RequestValue}; use crate::data::config::Config; use crate::data::http_request_handler::HttpRequestHandler; @@ -318,6 +318,9 @@ pub async fn start_server(conf: &Config) -> std::io::Result<()> { // User WebSocket route .service(actix_web::web::resource("/ws").to(user_ws_controller::ws_route)) + // RTC Relay WebSocket route + .service(actix_web::web::resource("/rtc_proxy/ws").to(rtc_relay_controller::open_ws)) + // API routes .route("**", web::get().to(process_request)) .route("**", web::post().to(process_request))