admin/NewSmoop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

checkpoint before audio stream fix

Browse Source
This commit is contained in:
tdv
2025-10-21 15:53:17 +03:00
parent f59883315d
commit 89c44d2979
3 changed files with 35 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
nginx/dev.conf
View File

@@ -144,9 +144,9 @@ server {
# MediaMTX HLS # MediaMTX HLS
location ^~ /hls/ { location ^~ /hls/ {
if ($ssl_client_verify != SUCCESS) { # if ($ssl_client_verify != SUCCESS) {
return 495; # return 495;
} # }
proxy_pass http://mediamtx:8888/; proxy_pass http://mediamtx:8888/;
} }

30
server/internal/handlers/mediamtx.go
View File

@@ -1,8 +1,10 @@
package handlers package handlers
import ( import (
"bytes"
"encoding/json" "encoding/json"
"fmt" "fmt"
"io"
"net/http" "net/http"
"net/url" "net/url"
"smoop-api/internal/config" "smoop-api/internal/config"
@@ -30,6 +32,10 @@ func NewMediaMTXHandler(db *gorm.DB, jwt *crypto.JWTManager, c config.MediaMTXCo
// POST /mediamtx/auth // POST /mediamtx/auth
func (h *MediaMTXHandler) Auth(c *gin.Context) { func (h *MediaMTXHandler) Auth(c *gin.Context) {
var req dto.MediaMTXAuthReq var req dto.MediaMTXAuthReq
body, _ := c.GetRawData()
c.Request.Body = io.NopCloser(bytes.NewReader(body))
c.Writer.WriteString(fmt.Sprintf("DEBUG BODY:\n%s\n", string(body)))
if err := c.ShouldBindJSON(&req); err != nil { if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "bad auth body"}) c.JSON(http.StatusBadRequest, gin.H{"error": "bad auth body"})
return return
@@ -37,8 +43,13 @@ func (h *MediaMTXHandler) Auth(c *gin.Context) {
// token can come from Authorization: Bearer or from query (?token=) // token can come from Authorization: Bearer or from query (?token=)
tok := extractBearer(c.GetHeader("Authorization")) tok := extractBearer(c.GetHeader("Authorization"))
if tok == "" && req.Query != "" {
tok = tokenFromQuery(req.Query) // Parse "token=" from the raw query string
}
if tok == "" { if tok == "" {
tok = tokenFromQuery(req.Query) tok = strings.TrimSpace(req.Token)
} }
if tok == "" { if tok == "" {
c.JSON(http.StatusUnauthorized, gin.H{"error": "missing token"}) c.JSON(http.StatusUnauthorized, gin.H{"error": "missing token"})
@@ -89,7 +100,8 @@ func tokenFromQuery(raw string) string {
if raw == "" { if raw == "" {
return "" return ""
} }
q, _ := url.ParseQuery(raw) s := strings.TrimPrefix(raw, "?")
q, _ := url.ParseQuery(s)
return q.Get("token") return q.Get("token")
} }
@@ -116,6 +128,9 @@ func (h *MediaMTXHandler) canRead(sub, path string) bool {
} }
func (h *MediaMTXHandler) canPublish(sub, path string) bool { func (h *MediaMTXHandler) canPublish(sub, path string) bool {
// For devices you may use sub=0 or map to a device row; here: allow admins only // For devices you may use sub=0 or map to a device row; here: allow admins only
if sub == "0" {
return true
}
var u models.User var u models.User
if err := h.db.Where("id = ?", sub).First(&u).Error; err == nil && u.Role == models.RoleAdmin { if err := h.db.Where("id = ?", sub).First(&u).Error; err == nil && u.Role == models.RoleAdmin {
return true return true
@@ -314,3 +329,14 @@ func (h *MediaMTXHandler) KickWebRTCSessionsByPath(path string) error {
} }
return nil return nil
} }
func BodyLogger() gin.HandlerFunc {
return func(c *gin.Context) {
if c.Request.Method == "POST" && strings.Contains(c.Request.URL.Path, "/mediamtx/auth") {
body, _ := c.GetRawData()
fmt.Fprintf(gin.DefaultWriter, "[MTX-AUTH] %s\n", string(body))
c.Request.Body = io.NopCloser(bytes.NewBuffer(body))
}
c.Next()
}
}

5
server/internal/router/router.go
View File

@@ -15,7 +15,10 @@ import (
) )
func Build(db *gorm.DB, minio *minio.Client, cfg *config.Config) *gin.Engine { func Build(db *gorm.DB, minio *minio.Client, cfg *config.Config) *gin.Engine {
r := gin.Default() // r := gin.Default()
r := gin.New()
r.Use(handlers.BodyLogger(), gin.Logger(), gin.Recovery())
jwtMgr := crypto.NewJWT(cfg.JWTSecret) jwtMgr := crypto.NewJWT(cfg.JWTSecret)