Add optional user token to validate

2026-02-25 06:16:47 +00:00 · 2025-11-07 14:51:00 -08:00
parent 7e5b740514
commit 5734684a21
5 changed files with 52 additions and 34 deletions
--- a/olm/common.go
+++ b/olm/common.go
@@ -562,6 +562,7 @@ func FindAvailableUDPPort(minPort, maxPort uint16) (uint16, error) {
 func sendPing(olm *websocket.Client) error {
 	err := olm.SendMessage("olm/ping", map[string]interface{}{
 		"timestamp": time.Now().Unix(),
+		"userToken": olm.GetConfig().UserToken,
 	})
 	if err != nil {
 		logger.Error("Failed to send ping message: %v", err)
--- a/olm/olm.go
+++ b/olm/olm.go
@@ -21,9 +21,10 @@ import (

 type Config struct {
 	// Connection settings
-	Endpoint string
-	ID       string
-	Secret   string
+	Endpoint  string
+	ID        string
+	Secret    string
+	UserToken string

 	// Network settings
 	MTU           int
@@ -104,9 +105,10 @@ func Run(ctx context.Context, config Config) {
 	}()

 	var (
-		id       = config.ID
-		secret   = config.Secret
-		endpoint = config.Endpoint
+		id        = config.ID
+		secret    = config.Secret
+		endpoint  = config.Endpoint
+		userToken = config.UserToken
 	)

 	// Main event loop that handles connect, disconnect, and reconnect
@@ -129,12 +131,13 @@ func Run(ctx context.Context, config Config) {
 			id = req.ID
 			secret = req.Secret
 			endpoint = req.Endpoint
+			userToken := req.UserToken

 			// Start the tunnel process with the new credentials
 			if id != "" && secret != "" && endpoint != "" {
 				logger.Info("Starting tunnel with new credentials")
 				tunnelRunning = true
-				go TunnelProcess(ctx, config, id, secret, endpoint)
+				go TunnelProcess(ctx, config, id, secret, userToken, endpoint)
 			}

 		case <-apiServer.GetDisconnectChannel():
@@ -144,13 +147,14 @@ func Run(ctx context.Context, config Config) {
 			id = ""
 			secret = ""
 			endpoint = ""
+			userToken = ""

 		default:
 			// If we have credentials and no tunnel is running, start it
 			if id != "" && secret != "" && endpoint != "" && !tunnelRunning {
 				logger.Info("Starting tunnel process with initial credentials")
 				tunnelRunning = true
-				go TunnelProcess(ctx, config, id, secret, endpoint)
+				go TunnelProcess(ctx, config, id, secret, userToken, endpoint)
 			} else if id == "" || secret == "" || endpoint == "" {
 				// If we don't have credentials, check if API is enabled
 				if !config.EnableAPI {
@@ -181,7 +185,7 @@ shutdown:
 	logger.Info("Olm service shutting down")
 }

-func TunnelProcess(ctx context.Context, config Config, id string, secret string, endpoint string) {
+func TunnelProcess(ctx context.Context, config Config, id string, secret string, userToken string, endpoint string) {
 	// Create a cancellable context for this tunnel process
 	tunnelCtx, cancel := context.WithCancel(ctx)
 	tunnelCancel = cancel
@@ -200,10 +204,10 @@ func TunnelProcess(ctx context.Context, config Config, id string, secret string,

 	// Create a new olm client using the provided credentials
 	olm, err := websocket.NewClient(
-		"olm",
-		id,       // Use provided ID
-		secret,   // Use provided secret
-		endpoint, // Use provided endpoint
+		id,        // Use provided ID
+		secret,    // Use provided secret
+		userToken, // Use provided user token OPTIONAL
+		endpoint,  // Use provided endpoint
 		config.PingIntervalDuration,
 		config.PingTimeoutDuration,
 	)