Compare commits

...

2 commits

Author SHA1 Message Date
hippoz
fb18dae0a8
remove legacy code 2021-09-09 17:52:39 +03:00
hippoz
81a08101e9
fix secret.js and disallow YOO packet after user is already authenticated 2021-09-08 01:02:08 +03:00
2 changed files with 2 additions and 8 deletions

View file

@ -106,6 +106,7 @@ class GatewayServer extends EventEmitter {
const message = parseMessage(data.toString()); const message = parseMessage(data.toString());
switch (message.opcodeType) { switch (message.opcodeType) {
case "YOO": { case "YOO": {
if (ws.session.authenticated) return closeConnectionWithCode(ws, wsCloseCodes.PAYLOAD_ERROR);
// The client has responded to our HELLO with a YOO packet // The client has responded to our HELLO with a YOO packet
try { try {
const user = await checkToken(message.data.token); const user = await checkToken(message.data.token);

View file

@ -1,10 +1,3 @@
module.exports = { module.exports = {
jwtPrivateKey: "KjEY", jwtPrivateKey: "KEY",
}; };
// Set default values
// You shouldn't need to touch this for configuring this
if (module.exports.jwtPrivateKey === "KEY") {
console.error("[*] [config] jwtPrivateKey was not specified in secret.js. A randomly generated private key will be used instead.");
module.exports.jwtPrivateKey = require("crypto").randomBytes(129).toString("base64");
}