ClassroomCopilot/app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: pass TLSYNC_SECRET token in sync WebSocket URI

Browse Source 
Reads VITE_TLSYNC_SECRET from env and appends ?token=... to the
/connect/:roomId WebSocket URI so tlsync server can authenticate connections.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
kcar 2026-05-21 17:09:39 +00:00
parent 06f761e750
commit d3c2a9bdff
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/services/tldraw/syncService.ts
View File

@ -66,14 +66,17 @@ export function createSyncConnectionOptions(options: SyncConnectionOptions) {
} }
}; };
logger.info('sync-service', '🔄 Creating sync connection', { logger.info('sync-service', '🔄 Creating sync connection', {
userId, userId,
displayName, displayName,
roomId: effectiveRoomId roomId: effectiveRoomId
}); });
const token = import.meta.env.VITE_TLSYNC_SECRET ?? ''
const tokenParam = token ? `?token=${encodeURIComponent(token)}` : ''
return { return {
uri: `${baseUrl}/connect/${effectiveRoomId}`, uri: `${baseUrl}/connect/${effectiveRoomId}${tokenParam}`,
assets: multiplayerAssets, assets: multiplayerAssets,
roomId: effectiveRoomId roomId: effectiveRoomId
}; };
@ -114,4 +117,3 @@ export function generateSharedRoomId(path: string): string {
const sanitizedPath = path.replace(/[^a-zA-Z0-9]/g, '-'); const sanitizedPath = path.replace(/[^a-zA-Z0-9]/g, '-');
return `shared-${sanitizedPath}`; return `shared-${sanitizedPath}`;
} }