borg/drone-detector
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix jwt-token

Browse Source
This commit is contained in:
Alexander Borg
2025-09-17 20:00:11 +02:00
parent 2881f171ff
commit 86932f5c8e
4 changed files with 39 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/routes/detectors.js
View File

@@ -378,7 +378,7 @@ async function handleDetection(req, res) {
// Emit real-time update via Socket.IO with movement analysis (from original)
// Skip real-time updates for debug detections (drone_type 0)
if (!isDebugDetection) {
req.io.emit('drone_detection', {
const detectionPayload = {
id: detection.id,
device_id: detection.device_id,
drone_id: detection.drone_id,
@@ -397,7 +397,17 @@ async function handleDetection(req, res) {
geo_lat: device.geo_lat,
geo_lon: device.geo_lon
}
});
};
// 🔒 SECURITY: Emit only to the tenant's room to prevent cross-tenant data leakage
if (device.tenant_id) {
req.io.to(`tenant_${device.tenant_id}`).emit('drone_detection', detectionPayload);
console.log(`🔒 Detection emitted to tenant room: tenant_${device.tenant_id}`);
} else {
// Fallback for devices without tenant_id (legacy support)
console.warn(`⚠️ Device ${device.id} has no tenant_id - using global broadcast (security risk)`);
req.io.emit('drone_detection', detectionPayload);
}
// Process alerts asynchronously (from original)
alertService.processAlert(detection, req.io).catch(error => {