Administrator/Multi-Hoster-Upload
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 208 Wiki Activity
6d3b2d3a86
Multi-Hoster-Upload/lib/remote-server.js
Administrator 9fa047b399 feat(remote): add WebSocket server with auth, signaling relay, and rate limiting 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-12 06:54:51 +01:00

172 lines
4.1 KiB
JavaScript
Raw Blame History

const { WebSocketServer } = require('ws');
const crypto = require('crypto');
class RemoteServer {
constructor() {
this._wss = null;
this._clients = new Map(); // ws -> { id, role, authenticated }
this._config = null;
this._failedAttempts = new Map(); // ip -> { count, blockedUntil }
}
start(opts) {
return new Promise((resolve, reject) => {
this._config = opts;
this._wss = new WebSocketServer({ port: opts.port }, () => {
resolve();
});
this._wss.on('error', (err) => {
reject(err);
});
this._wss.on('connection', (ws, req) => {
this._handleConnection(ws, req);
});
});
}
stop() {
if (this._wss) {
for (const [ws] of this._clients) {
ws.close(1000, 'Server shutting down');
}
this._clients.clear();
this._wss.close();
this._wss = null;
}
}
getClientCount() {
let count = 0;
for (const [, client] of this._clients) {
if (client.authenticated) count++;
}
return count;
}
getPort() {
if (this._wss && this._wss.address()) {
return this._wss.address().port;
}
return null;
}
_handleConnection(ws, req) {
const ip = req.socket.remoteAddress || 'unknown';
if (this._isBlocked(ip)) {
ws.close(4003, 'Too many failed attempts');
return;
}
const clientId = crypto.randomUUID();
this._clients.set(ws, { id: clientId, role: null, authenticated: false });
let authReceived = false;
const authTimeout = setTimeout(() => {
if (!authReceived) {
ws.close(4001, 'Auth timeout');
this._clients.delete(ws);
}
}, 5000);
ws.on('message', (raw) => {
let msg;
try { msg = JSON.parse(raw); } catch { return; }
const client = this._clients.get(ws);
if (!client) return;
if (!client.authenticated) {
authReceived = true;
clearTimeout(authTimeout);
if (msg.type === 'auth' && msg.token === this._config.token) {
client.authenticated = true;
client.role = msg.role || 'viewer';
ws.send(JSON.stringify({ type: 'auth-ok', clientId }));
if (this.getClientCount() === 1) {
this._config.onCreateCaptureWindow();
}
} else {
this._recordFailedAttempt(ip);
ws.close(4002, 'Invalid token');
this._clients.delete(ws);
}
return;
}
if (msg.type === 'offer' || msg.type === 'ice-candidate') {
msg.clientId = client.id;
msg.role = client.role;
this._config.onSignalingToCapture(msg);
}
});
ws.on('close', () => {
clearTimeout(authTimeout);
const client = this._clients.get(ws);
const wasAuthenticated = client && client.authenticated;
this._clients.delete(ws);
if (wasAuthenticated) {
this._config.onSignalingToCapture({
type: 'client-disconnected',
clientId: client.id
});
if (this.getClientCount() === 0) {
this._config.onDestroyCaptureWindow();
}
}
});
ws.on('error', () => {
this._clients.delete(ws);
});
}
sendToClient(clientId, data) {
for (const [ws, client] of this._clients) {
if (client.id === clientId && client.authenticated) {
ws.send(JSON.stringify(data));
break;
}
}
}
broadcast(data) {
const msg = JSON.stringify(data);
for (const [ws, client] of this._clients) {
if (client.authenticated && ws.readyState === 1) {
ws.send(msg);
}
}
}
_isBlocked(ip) {
const entry = this._failedAttempts.get(ip);
if (!entry) return false;
if (entry.blockedUntil && Date.now() < entry.blockedUntil) return true;
if (entry.blockedUntil && Date.now() >= entry.blockedUntil) {
this._failedAttempts.delete(ip);
return false;
}
return false;
}
_recordFailedAttempt(ip) {
const entry = this._failedAttempts.get(ip) || { count: 0, blockedUntil: null };
entry.count++;
if (entry.count >= 5) {
entry.blockedUntil = Date.now() + 60000;
}
this._failedAttempts.set(ip, entry);
}
}
module.exports = RemoteServer;
Reference in New Issue View Git Blame Copy Permalink