From 5b34130ef42bdc70b0ed7f93b8e122f4fdf662ef Mon Sep 17 00:00:00 2001
From: hippoz <anastasiudavid@gmail.com>
Date: Sat, 21 Nov 2020 14:44:54 +0200
Subject: [PATCH] allow only one connection per user, TODO: give a firendly
 message to users

---
 api/v1/gateway/index.js | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/api/v1/gateway/index.js b/api/v1/gateway/index.js
index 625a2a1..e16dd54 100644
--- a/api/v1/gateway/index.js
+++ b/api/v1/gateway/index.js
@@ -41,6 +41,14 @@ GatewayServer.prototype.eventSetup = function() {
         if (!token) return this.authDisconnect(socket, callback);
         if (!(typeof token === 'string')) return this.authDisconnect(socket, callback);
 
+        const allSockets = this._gateway.sockets;
+        for (let [_, e] of allSockets) {
+            if (e.user && e.user.token === token) {
+                console.log(`[E] [gateway] [handshake] User ${e.user.username} tried to connect more than once, rejecting connection...`);
+                return this.authDisconnect(socket, callback);
+            }
+        }
+
         jwt.verify(token, secret.jwtPrivateKey, {}, async (err, data) => {
             if (err) return this.authDisconnect(socket, callback);
             if (!data) return this.authDisconnect(socket, callback);
@@ -59,7 +67,8 @@ GatewayServer.prototype.eventSetup = function() {
 
             socket.user = {
                 username: data.username,
-                _id: user._id
+                _id: user._id,
+                token // Maybe not secure
             };
             console.log(`[*] [gateway] [handshake] User ${data.username} has successfully authenticated`);
             return callback();