verdnatura-mirror/Rocket.Chat.ReactNative
verdnatura-mirror
/
Rocket.Chat.ReactNative
mirror of https://github.com/RocketChat/Rocket.Chat.ReactNative
2
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

Prevent read on unlogged server

This commit is contained in:
Djorkaeff Alexandre 2024-01-22 18:17:55 -03:00
parent adb32a3d3d
commit e638759afb
3 changed files with 27 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ios/Shared/RocketChat/MMKV.swift
View File

@ -14,25 +14,25 @@ extension MMKV {
return mmkv return mmkv
} }
func userToken(for userId: String) -> String { func userToken(for userId: String) -> String? {
guard let userToken = string(forKey: "reactnativemeteor_usertoken-\(userId)") else { guard let userToken = string(forKey: "reactnativemeteor_usertoken-\(userId)") else {
fatalError("userToken is nil for userId \(userId)") return nil
} }
return userToken return userToken
} }
func userId(for server: String) -> String { func userId(for server: String) -> String? {
guard let userId = string(forKey: "reactnativemeteor_usertoken-\(server)") else { guard let userId = string(forKey: "reactnativemeteor_usertoken-\(server)") else {
fatalError("userId is nil for server \(server)") return nil
} }
return userId return userId
} }
func privateKey(for server: String) -> String { func privateKey(for server: String) -> String? {
guard let privateKey = string(forKey: "\(server)-RC_E2E_PRIVATE_KEY") else { guard let privateKey = string(forKey: "\(server)-RC_E2E_PRIVATE_KEY") else {
fatalError("privateKey is nil for server \(server)") return nil
} }
return privateKey return privateKey

25
ios/Shared/RocketChat/Storage.swift
View File

@ -1,23 +1,24 @@
import Foundation import Foundation
struct Credentials { struct Credentials {
let userId: String let userId: String
let userToken: String let userToken: String
} }
final class Storage { final class Storage {
static let shared = Storage() static let shared = Storage()
private let mmkv = MMKV.build() private let mmkv = MMKV.build()
func getCredentials(server: String) -> Credentials { func getCredentials(server: String) -> Credentials? {
let userId = mmkv.userId(for: server) guard let userId = mmkv.userId(for: server), let userToken = mmkv.userToken(for: userId) else {
let userToken = mmkv.userToken(for: userId) return nil
}
return .init(userId: userId, userToken: userToken) return .init(userId: userId, userToken: userToken)
} }
func getPrivateKey(server: String) -> String { func getPrivateKey(server: String) -> String? {
mmkv.privateKey(for: server) mmkv.privateKey(for: server)
} }
} }

6
ios/Watch/WatchConnection.swift
View File

@ -41,8 +41,10 @@ final class WatchConnection: NSObject {
let serversQuery = database.query(raw: "select * from servers") as [DBServer] let serversQuery = database.query(raw: "select * from servers") as [DBServer]
let servers = serversQuery.compactMap { item -> WatchMessage.Server? in let servers = serversQuery.compactMap { item -> WatchMessage.Server? in
let userId = mmkv.userId(for: item.identifier) guard let userId = mmkv.userId(for: item.identifier), let userToken = mmkv.userToken(for: userId) else {
let userToken = mmkv.userToken(for: userId) return nil
}
let clientSSL = mmkv.clientSSL(for: item.url) let clientSSL = mmkv.clientSSL(for: item.url)
let usersQuery = database.query(raw: "select * from users where token == ? limit 1", [userToken]) as [DBUser] let usersQuery = database.query(raw: "select * from users where token == ? limit 1", [userToken]) as [DBUser]