From 261e041792537fb2ebd60a237f17e4dfa748d77b Mon Sep 17 00:00:00 2001 From: hippoz <10706925-hippoz@users.noreply.gitlab.com> Date: Sun, 8 May 2022 21:56:25 +0300 Subject: [PATCH] backend: disconnect gateway clients if they send a ping packet before authenticaticating --- src/errors.ts | 1 + src/gateway/index.ts | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/src/errors.ts b/src/errors.ts index 90d0f03..65a4a15 100644 --- a/src/errors.ts +++ b/src/errors.ts @@ -17,4 +17,5 @@ export const gatewayErrors = { ALREADY_AUTHENTICATED: { code: 4006, message: "Already authenticated" }, PAYLOAD_TOO_LARGE: { code: 4007, message: "Payload too large" }, TOO_MANY_SESSIONS: { code: 4008, message: "Too many sessions" }, + NOT_AUTHENTICATED: { code: 4009, message: "Not authenticated" }, }; diff --git a/src/gateway/index.ts b/src/gateway/index.ts index b70cfd1..99990a0 100644 --- a/src/gateway/index.ts +++ b/src/gateway/index.ts @@ -245,6 +245,10 @@ export default function(server: Server) { return closeWithBadPayload(ws, "d: expected numeric '0'"); } + if (!ws.state.ready) { + return closeWithError(ws, gatewayErrors.NOT_AUTHENTICATED); + } + // TODO: also check session here ws.state.alive = true; break;