fix: Presence handler reduce authorization validations (#1278)

lib/realtime_web/channels/realtime_channel.ex

@@ -103,6 +103,12 @@ defmodule RealtimeWeb.RealtimeChannel do
 
       {:ok, state, assign(socket, assigns)}
     else
+      {:error, :unauthorized, msg} ->
+        Logging.log_error_message(:error, "Unauthorized", msg)
+
+      {:error, :expired_token, msg} ->
+        Logging.log_error_message(:error, "InvalidJWTToken", msg)
+
       {:error, [message: "Invalid token", claim: claim, claim_val: value]} ->
         msg = "Invalid value for JWT claim #{inspect(claim)} with value #{inspect(value)}"
         Logging.log_error_message(:error, "InvalidJWTToken", msg)
@@ -177,9 +183,6 @@ defmodule RealtimeWeb.RealtimeChannel do
           "Unable to set policies for connection"
         )
 
-      {:error, :unauthorized, msg} ->
-        Logging.log_error_message(:error, "Unauthorized", msg)
-
       {:error, error} ->
         Logging.log_error_message(:error, "UnknownErrorOnChannel", error)
     end
@@ -404,7 +407,7 @@ defmodule RealtimeWeb.RealtimeChannel do
       {:error, :unauthorized, msg} ->
         shutdown_response(socket, msg)
 
-      {:error, {:error, :expired_token, msg}} ->
+      {:error, :expired_token, msg} ->
         shutdown_response(socket, msg)
 
       {:error, error} ->
@@ -569,7 +572,8 @@ defmodule RealtimeWeb.RealtimeChannel do
 
       {:ok, claims, ref, access_token, socket}
     else
-      {:error, e} -> {:error, e}
+      {:error, error} -> {:error, error}
+      {:error, error, message} -> {:error, error, message}
       e -> {:error, e}
     end
   end

lib/realtime_web/channels/realtime_channel/presence_handler.ex

@@ -24,7 +24,7 @@ defmodule RealtimeWeb.RealtimeChannel.PresenceHandler do
         %{assigns: %{is_new_api: true, presence_key: _, tenant_topic: _}} = socket
       ) do
     socket = count(socket)
-    result = handle_presence_event(event, payload, socket)
+    {result, socket} = handle_presence_event(event, payload, socket)
 
     {:reply, result, socket}
   end
@@ -60,36 +60,37 @@ defmodule RealtimeWeb.RealtimeChannel.PresenceHandler do
     authorization_context = socket.assigns.authorization_context
     db_conn = socket.assigns.db_conn
 
-    {:ok, %{assigns: %{policies: policies}}} =
-      run_authorization_check(socket, db_conn, authorization_context)
+    {:ok, socket} = run_authorization_check(socket, db_conn, authorization_context)
+
+    %{assigns: %{policies: policies}} = socket
 
     cond do
       match?(%Policies{presence: %PresencePolicies{write: false}}, policies) ->
         Logger.info("Presence message ignored on #{tenant_topic}")
-        :ok
+        {:ok, socket}
 
       String.downcase(event) == "track" ->
         payload = Map.get(payload, "payload", %{})
 
         case Presence.track(self(), tenant_topic, presence_key, payload) do
           {:ok, _} ->
-            :ok
+            {:ok, socket}
 
           {:error, {:already_tracked, _, _, _}} ->
             case Presence.update(self(), tenant_topic, presence_key, payload) do
-              {:ok, _} -> :ok
-              {:error, _} -> :error
+              {:ok, _} -> {:ok, socket}
+              {:error, _} -> {:error, socket}
             end
 
           {:error, _} ->
-            :error
+            {:error, socket}
         end
 
       String.downcase(event) == "untrack" ->
-        Presence.untrack(self(), tenant_topic, presence_key)
+        {Presence.untrack(self(), tenant_topic, presence_key), socket}
 
       true ->
-        :error
+        {:error, socket}
     end
   end
 

mix.exs

@@ -4,7 +4,7 @@ defmodule Realtime.MixProject do
   def project do
     [
       app: :realtime,
-      version: "2.34.5",
+      version: "2.34.6",
       elixir: "~> 1.17.3",
       elixirc_paths: elixirc_paths(Mix.env()),
       start_permanent: Mix.env() == :prod,