frontend: Add secret handling to context service and guards for improved room access validation

2025-03-14 01:38:03 +01:00 · 2025-03-14 01:38:03 +01:00 · 314b9fae21
commit 314b9fae21
parent c72315d90a
4 changed files with 16 additions and 9 deletions
--- a/frontend/projects/shared-meet-components/src/lib/guards/extract-query-params.guard.ts
+++ b/frontend/projects/shared-meet-components/src/lib/guards/extract-query-params.guard.ts
@ -4,7 +4,7 @@ import { ContextService } from '../services';

 export const extractQueryParamsGuard: CanActivateFn = (route: ActivatedRouteSnapshot) => {
 	const contextService = inject(ContextService);
-	const { roomName, participantName, leaveRedirectUrl } = extractParams(route);
+	const { roomName, participantName, secret, leaveRedirectUrl } = extractParams(route);

 	if (isValidUrl(leaveRedirectUrl)) {
 		contextService.setLeaveRedirectUrl(leaveRedirectUrl);
@ -12,6 +12,7 @@ export const extractQueryParamsGuard: CanActivateFn = (route: ActivatedRouteSnap

 	contextService.setRoomName(roomName);
 	contextService.setParticipantName(participantName);
+	contextService.setSecret(secret);

 	return true;
 };
--- a/frontend/projects/shared-meet-components/src/lib/guards/validate-room-access.guard.ts
+++ b/frontend/projects/shared-meet-components/src/lib/guards/validate-room-access.guard.ts
@ -6,7 +6,7 @@ import { ContextService, HttpService, SessionStorageService } from '../services'
 * Guard to validate the access to a room.
 */
 export const validateRoomAccessGuard: CanActivateFn = async (
-	route: ActivatedRouteSnapshot,
+	_route: ActivatedRouteSnapshot,
 	_state: RouterStateSnapshot
 ) => {
 	const httpService = inject(HttpService);
@ -14,7 +14,9 @@ export const validateRoomAccessGuard: CanActivateFn = async (
 	const router = inject(Router);
 	const sessionStorageService = inject(SessionStorageService);

-	const { roomName, participantName, secret } = extractParams(route);
+	const roomName = contextService.getRoomName();
+	const participantName = contextService.getParticipantName();
+	const secret = contextService.getSecret();
 	const storageSecret = sessionStorageService.getModeratorSecret(roomName);

 	try {
@ -47,12 +49,6 @@ export const validateRoomAccessGuard: CanActivateFn = async (
 	}
 };

-const extractParams = (route: ActivatedRouteSnapshot) => ({
-	roomName: route.params['room-name'],
-	participantName: route.queryParams['participant-name'],
-	secret: route.queryParams['secret']
-});
-
 const redirectToUnauthorized = async (router: Router, reason: string): Promise<boolean> => {
 	await router.navigate(['unauthorized'], { queryParams: { reason } });
 	return false;
--- a/frontend/projects/shared-meet-components/src/lib/models/context.model.ts
+++ b/frontend/projects/shared-meet-components/src/lib/models/context.model.ts
@ -3,6 +3,7 @@ import { OpenViduMeetPermissions, ParticipantRole } from 'projects/shared-meet-c
 export interface ContextData {
 	roomName: string;
 	participantName: string;
+	secret: string;
 	token: string;
 	participantRole: ParticipantRole;
 	participantPermissions: OpenViduMeetPermissions;
--- a/frontend/projects/shared-meet-components/src/lib/services/context/context.service.ts
+++ b/frontend/projects/shared-meet-components/src/lib/services/context/context.service.ts
@ -14,6 +14,7 @@ export class ContextService {
 	private context: ContextData = {
 		roomName: '',
 		participantName: '',
+		secret: '',
 		token: '',
 		participantRole: ParticipantRole.PUBLISHER,
 		participantPermissions: {
@ -118,6 +119,14 @@ export class ContextService {
 		this.context.participantName = participantName;
 	}

+	getSecret(): string {
+		return this.context.secret;
+	}
+
+	setSecret(secret: string): void {
+		this.context.secret = secret;
+	}
+
 	canRecord(): boolean {
 		return this.context.participantPermissions.canRecord;
 	}