borg/drone-detector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix jwt-token

Browse Source
This commit is contained in:
Alexander Borg
2025-09-17 22:02:44 +02:00
parent a691f7d4a6
commit 6c74c7c524
1 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
server/routes/detectors.js
View File

@@ -156,7 +156,7 @@ async function handleHeartbeat(req, res) {
console.log(`🚫 Heartbeat rejected from unapproved device ${deviceId}`); console.log(`🚫 Heartbeat rejected from unapproved device ${deviceId}`);
// Emit reminder notification to tenant room only // Emit reminder notification to tenant room only
if (device.tenant_id) { if (req.io && device.tenant_id) {
req.io.to(`tenant_${device.tenant_id}`).emit('device_approval_reminder', { req.io.to(`tenant_${device.tenant_id}`).emit('device_approval_reminder', {
device_id: deviceId, device_id: deviceId,
device_key: key, device_key: key,
@@ -198,7 +198,7 @@ async function handleHeartbeat(req, res) {
const heartbeat = await Heartbeat.create(heartbeatRecord); const heartbeat = await Heartbeat.create(heartbeatRecord);
// Emit real-time update via Socket.IO to tenant room only // Emit real-time update via Socket.IO to tenant room only
if (device.tenant_id) { if (req.io && device.tenant_id) {
req.io.to(`tenant_${device.tenant_id}`).emit('device_heartbeat', { req.io.to(`tenant_${device.tenant_id}`).emit('device_heartbeat', {
device_id: deviceId, device_id: deviceId,
device_key: key, device_key: key,
@@ -266,7 +266,7 @@ async function handleDetection(req, res) {
console.log(`🚫 Detection rejected from unapproved device ${detectionData.device_id}`); console.log(`🚫 Detection rejected from unapproved device ${detectionData.device_id}`);
// Emit reminder notification to tenant room only // Emit reminder notification to tenant room only
if (device.tenant_id) { if (req.io && device.tenant_id) {
req.io.to(`tenant_${device.tenant_id}`).emit('device_approval_reminder', { req.io.to(`tenant_${device.tenant_id}`).emit('device_approval_reminder', {
device_id: detectionData.device_id, device_id: detectionData.device_id,
timestamp: new Date().toISOString(), timestamp: new Date().toISOString(),
@@ -406,13 +406,15 @@ async function handleDetection(req, res) {
}; };
// 🔒 SECURITY: Emit only to the tenant's room to prevent cross-tenant data leakage // 🔒 SECURITY: Emit only to the tenant's room to prevent cross-tenant data leakage
if (device.tenant_id) { if (req.io && device.tenant_id) {
req.io.to(`tenant_${device.tenant_id}`).emit('drone_detection', detectionPayload); req.io.to(`tenant_${device.tenant_id}`).emit('drone_detection', detectionPayload);
console.log(`🔒 Detection emitted to tenant room: tenant_${device.tenant_id}`); console.log(`🔒 Detection emitted to tenant room: tenant_${device.tenant_id}`);
} else { } else if (req.io) {
// Fallback for devices without tenant_id (legacy support) // Fallback for devices without tenant_id (legacy support)
console.warn(`⚠️ Device ${device.id} has no tenant_id - using global broadcast (security risk)`); console.warn(`⚠️ Device ${device.id} has no tenant_id - using global broadcast (security risk)`);
req.io.emit('drone_detection', detectionPayload); req.io.emit('drone_detection', detectionPayload);
} else {
console.warn(`⚠️ Socket.IO not available - detection will not be broadcast in real-time`);
} }
// Process alerts asynchronously (from original) // Process alerts asynchronously (from original)