fix: auth failed electron

This commit is contained in:
LukeGus
2026-05-21 14:22:25 -05:00
parent 170080399b
commit 23a0160ef0
3 changed files with 13 additions and 81 deletions
-33
View File
@@ -24,39 +24,6 @@ const activeSessions = new Map<string, SSHSession>();
const wss = new WebSocketServer({
host: "0.0.0.0",
port: 30009,
verifyClient: async (info) => {
try {
let token: string | undefined;
const cookieHeader = info.req.headers.cookie;
if (cookieHeader) {
const match = cookieHeader.match(/(?:^|;\s*)jwt=([^;]+)/);
if (match) token = decodeURIComponent(match[1]);
}
if (!token) {
const authHeader = info.req.headers.authorization;
if (authHeader?.startsWith("Bearer ")) {
token = authHeader.slice("Bearer ".length);
}
}
if (!token) {
return false;
}
const authManager = AuthManager.getInstance();
const decoded = await authManager.verifyJWTToken(token);
if (!decoded || !decoded.userId) {
return false;
}
return true;
} catch {
return false;
}
},
});
async function detectShell(
-46
View File
@@ -434,52 +434,6 @@ async function createJumpHostChain(
const wss = new WebSocketServer({
port: 30002,
verifyClient: async (info) => {
try {
let token: string | undefined;
const cookieHeader = info.req.headers.cookie;
if (cookieHeader) {
const match = cookieHeader.match(/(?:^|;\s*)jwt=([^;]+)/);
if (match) token = decodeURIComponent(match[1]);
}
if (!token) {
const authHeader = info.req.headers.authorization;
if (authHeader?.startsWith("Bearer ")) {
token = authHeader.slice("Bearer ".length);
}
}
if (!token) {
return false;
}
const payload = await authManager.verifyJWTToken(token);
if (!payload) {
return false;
}
if (payload.pendingTOTP) {
return false;
}
const existingConnections = userConnections.get(payload.userId);
if (existingConnections && existingConnections.size >= 10) {
return false;
}
return true;
} catch (error) {
sshLogger.error("WebSocket authentication error", error, {
operation: "websocket_auth_error",
ip: info.req.socket.remoteAddress,
});
return false;
}
},
});
wss.on("connection", async (ws: WebSocket, req) => {
+13 -2
View File
@@ -8,7 +8,7 @@ import "./ui/i18n/i18n";
import { isElectron } from "@/lib/electron";
import { Toaster } from "@/components/sonner";
import { Auth, getStoredAuth, clearStoredAuth } from "@/auth/Auth";
import { getUserInfo, appReadyPromise } from "@/main-axios";
import { getUserInfo, getCurrentToken, appReadyPromise } from "@/main-axios";
import { applyAccentColor, applyFontSize } from "@/lib/theme";
import type { FontSizeId } from "@/types/ui-types";
import { useServiceWorker } from "@/hooks/use-service-worker";
@@ -130,11 +130,22 @@ function App() {
// Verify stored session against the server before rendering AppShell.
// Wait for API instances to be initialized with correct embedded/server config first.
// In Electron, also repopulate localStorage["jwt"] so WebSocket connections can auth
// after a session restore (the token is only written to localStorage during a fresh login).
useEffect(() => {
if (phase !== "verifying") return;
appReadyPromise
.then(() => getUserInfo())
.then(() => setPhase("idle-app"))
.then(() => {
if (isElectron()) {
getCurrentToken()
.then((token) => {
if (token) localStorage.setItem("jwt", token);
})
.catch(() => {});
}
setPhase("idle-app");
})
.catch(() => {
clearStoredAuth();
setPhase("idle-auth");