fix secret.js and disallow YOO packet after user is already authenticated
This commit is contained in:
parent
f1b6da19a2
commit
81a08101e9
2 changed files with 3 additions and 2 deletions
|
@ -106,6 +106,7 @@ class GatewayServer extends EventEmitter {
|
|||
const message = parseMessage(data.toString());
|
||||
switch (message.opcodeType) {
|
||||
case "YOO": {
|
||||
if (ws.session.authenticated) return closeConnectionWithCode(ws, wsCloseCodes.PAYLOAD_ERROR);
|
||||
// The client has responded to our HELLO with a YOO packet
|
||||
try {
|
||||
const user = await checkToken(message.data.token);
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
module.exports = {
|
||||
jwtPrivateKey: "KjEY",
|
||||
jwtPrivateKey: "KEY",
|
||||
};
|
||||
|
||||
// Set default values
|
||||
// You shouldn't need to touch this for configuring this
|
||||
if (module.exports.jwtPrivateKey === "KEY") {
|
||||
console.error("[*] [config] jwtPrivateKey was not specified in secret.js. A randomly generated private key will be used instead.");
|
||||
console.error("config: secret: jwtPrivateKey was not specified in secret.js. A randomly generated private key will be used instead.");
|
||||
module.exports.jwtPrivateKey = require("crypto").randomBytes(129).toString("base64");
|
||||
}
|
||||
|
|
Reference in a new issue