feature: is_platform changes

2025-12-09 03:39:37 +00:00 · 2025-11-05 00:25:47 +01:00
parent 519b5e5209
commit 23de8c7863
6 changed files with 84 additions and 10 deletions
--- a/server/database/db.js
+++ b/server/database/db.js
@@ -117,6 +117,15 @@ const userDb = {
    } catch (err) {
      throw err;
    }
+  },
+
+  getFirstUser: () => {
+    try {
+      const row = db.prepare('SELECT id, username, created_at, last_login FROM users WHERE is_active = 1 LIMIT 1').get();
+      return row;
+    } catch (err) {
+      throw err;
+    }
  }
 };

--- a/server/index.js
+++ b/server/index.js
@@ -170,6 +170,19 @@ const wss = new WebSocketServer({
    verifyClient: (info) => {
        console.log('WebSocket connection attempt to:', info.req.url);

+        // Platform mode: always allow connection
+        if (process.env.VITE_IS_PLATFORM === 'true') {
+            const user = authenticateWebSocket(null); // Will return first user
+            if (!user) {
+                console.log('[WARN] Platform mode: No user found in database');
+                return false;
+            }
+            info.req.user = user;
+            console.log('[OK] Platform mode WebSocket authenticated for user:', user.username);
+            return true;
+        }
+
+        // Normal mode: verify token
        // Extract token from query parameters or headers
        const url = new URL(info.req.url, 'http://localhost');
        const token = url.searchParams.get('token') ||
@@ -196,6 +209,14 @@ app.use(cors());
 app.use(express.json({ limit: '50mb' }));
 app.use(express.urlencoded({ limit: '50mb', extended: true }));

+// Public health check endpoint (no authentication required)
+app.get('/health', (req, res) => {
+  res.json({
+    status: 'ok',
+    timestamp: new Date().toISOString()
+  });
+});
+
 // Optional API key validation (if configured)
 app.use('/api', validateApiKey);

--- a/server/middleware/auth.js
+++ b/server/middleware/auth.js
@@ -20,6 +20,22 @@ const validateApiKey = (req, res, next) => {

 // JWT authentication middleware
 const authenticateToken = async (req, res, next) => {
+  // Platform mode:  use single database user
+  if (process.env.VITE_IS_PLATFORM === 'true') {
+    try {
+      const user = userDb.getFirstUser();
+      if (!user) {
+        return res.status(500).json({ error: 'Platform mode: No user found in database' });
+      }
+      req.user = user;
+      return next();
+    } catch (error) {
+      console.error('Platform mode error:', error);
+      return res.status(500).json({ error: 'Platform mode: Failed to fetch user' });
+    }
+  }
+
+  // Normal OSS JWT validation
  const authHeader = req.headers['authorization'];
  const token = authHeader && authHeader.split(' ')[1]; // Bearer TOKEN

@@ -29,13 +45,13 @@ const authenticateToken = async (req, res, next) => {

  try {
    const decoded = jwt.verify(token, JWT_SECRET);
-    
+
    // Verify user still exists and is active
    const user = userDb.getUserById(decoded.userId);
    if (!user) {
      return res.status(401).json({ error: 'Invalid token. User not found.' });
    }
-    
+
    req.user = user;
    next();
  } catch (error) {
@@ -58,10 +74,25 @@ const generateToken = (user) => {

 // WebSocket authentication function
 const authenticateWebSocket = (token) => {
+  // Platform mode: bypass token validation, return first user
+  if (process.env.VITE_IS_PLATFORM === 'true') {
+    try {
+      const user = userDb.getFirstUser();
+      if (user) {
+        return { userId: user.id, username: user.username };
+      }
+      return null;
+    } catch (error) {
+      console.error('Platform mode WebSocket error:', error);
+      return null;
+    }
+  }
+
+  // Normal OSS JWT validation
  if (!token) {
    return null;
  }
-  
+
  try {
    const decoded = jwt.verify(token, JWT_SECRET);
    return decoded;