skylord123/node-red-contrib-matrix-chat
1
0
Fork 0
mirror of https://github.com/Skylar-Tech/node-red-contrib-matrix-chat.git synced 2026-05-23 07:33:37 -06:00
Code Issues Releases Wiki Activity

Compare commits

base: skylord123/node-red-contrib-matrix-chat:1d770e7d0b1119f7e6140740dd6cde537eb8078b
Branches Tags
skylord123/node-red-contrib-matrix-chat:master skylord123/node-red-contrib-matrix-chat:dev skylord123/node-red-contrib-matrix-chat:e2ee-wip skylord123/node-red-contrib-matrix-chat:upgrade skylord123/node-red-contrib-matrix-chat:new-nodes skylord123/node-red-contrib-matrix-chat:51-device_id-fix skylord123/node-red-contrib-matrix-chat:e2ee-key-sharing skylord123/node-red-contrib-matrix-chat:12-failed-logins-crash
skylord123/node-red-contrib-matrix-chat:v1.0.0-beta.1 skylord123/node-red-contrib-matrix-chat:v0.9.2 skylord123/node-red-contrib-matrix-chat:v0.9.1 skylord123/node-red-contrib-matrix-chat:v0.9.0 skylord123/node-red-contrib-matrix-chat:v0.8.0 skylord123/node-red-contrib-matrix-chat:0.7.1 skylord123/node-red-contrib-matrix-chat:0.7.0 skylord123/node-red-contrib-matrix-chat:0.6.1 skylord123/node-red-contrib-matrix-chat:0.5.8 skylord123/node-red-contrib-matrix-chat:0.4.6 skylord123/node-red-contrib-matrix-chat:0.4.1 skylord123/node-red-contrib-matrix-chat:0.4.0 skylord123/node-red-contrib-matrix-chat:0.3.0 skylord123/node-red-contrib-matrix-chat:0.2.7 skylord123/node-red-contrib-matrix-chat:0.2.6 skylord123/node-red-contrib-matrix-chat:0.2.4 skylord123/node-red-contrib-matrix-chat:0.2.1 skylord123/node-red-contrib-matrix-chat:0.2.0 skylord123/node-red-contrib-matrix-chat:0.1.8 skylord123/node-red-contrib-matrix-chat:0.1.7
..
compare: skylord123/node-red-contrib-matrix-chat:v1.0.0-beta.1
Branches Tags
skylord123/node-red-contrib-matrix-chat:dev skylord123/node-red-contrib-matrix-chat:master skylord123/node-red-contrib-matrix-chat:e2ee-wip skylord123/node-red-contrib-matrix-chat:upgrade skylord123/node-red-contrib-matrix-chat:new-nodes skylord123/node-red-contrib-matrix-chat:51-device_id-fix skylord123/node-red-contrib-matrix-chat:e2ee-key-sharing skylord123/node-red-contrib-matrix-chat:12-failed-logins-crash
skylord123/node-red-contrib-matrix-chat:v1.0.0-beta.1 skylord123/node-red-contrib-matrix-chat:v0.9.2 skylord123/node-red-contrib-matrix-chat:v0.9.1 skylord123/node-red-contrib-matrix-chat:v0.9.0 skylord123/node-red-contrib-matrix-chat:v0.8.0 skylord123/node-red-contrib-matrix-chat:0.7.1 skylord123/node-red-contrib-matrix-chat:0.7.0 skylord123/node-red-contrib-matrix-chat:0.6.1 skylord123/node-red-contrib-matrix-chat:0.5.8 skylord123/node-red-contrib-matrix-chat:0.4.6 skylord123/node-red-contrib-matrix-chat:0.4.1 skylord123/node-red-contrib-matrix-chat:0.4.0 skylord123/node-red-contrib-matrix-chat:0.3.0 skylord123/node-red-contrib-matrix-chat:0.2.7 skylord123/node-red-contrib-matrix-chat:0.2.6 skylord123/node-red-contrib-matrix-chat:0.2.4 skylord123/node-red-contrib-matrix-chat:0.2.1 skylord123/node-red-contrib-matrix-chat:0.2.0 skylord123/node-red-contrib-matrix-chat:0.1.8 skylord123/node-red-contrib-matrix-chat:0.1.7

34 Commits
1d770e7d0b .. v1.0.0-beta.1

Author SHA1 Message Date
skylord123 72cc9cfb3b Fix repository URL casing so npm provenance validates 2026-05-22 16:39:30 -06:00
skylord123 b8652a3a9a Merge remote-tracking branch 'origin/master' into dev 2026-05-22 16:35:18 -06:00
skylord123 0362fe81e8 Merge pull request #143 from Skylar-Tech/add-publish-workflow 
Add npm publish workflow
 2026-05-22 16:34:57 -06:00
skylord123 9ccbe4526f Add GitHub Actions workflow to publish to npm on release 2026-05-22 16:32:09 -06:00
skylord123 0c48db92a0 Publish the released commit so pre-releases can be cut from any branch 2026-05-22 16:31:15 -06:00
skylord123 3f69614ed0 Publish pre-release versions under their own npm dist-tag 2026-05-22 16:24:46 -06:00
skylord123 e3a23df6d6 Switch publish workflow to npm Trusted Publishing (OIDC) 2026-05-22 16:10:08 -06:00
skylord123 3e34dc5961 Add GitHub Actions workflow to publish to npm on release 2026-05-22 16:04:03 -06:00
skylord123 7af8891d5b Update E2EE notes: two ways to verify devices, recommend saving the recovery key 2026-05-22 15:56:12 -06:00
skylord123 939fe42b40 Set version to 1.0.0 2026-05-22 15:44:01 -06:00
skylord123 67920840e1 Add session manager and verification list to the server config editor 
Adds two interactive admin tools to the matrix-server-config node so
device verification and session management can be done from the editor
without building a flow. Both open as modal dialogs and are backed by
new flows.write-protected admin endpoints.

Pending verifications
- New "Pending verification requests" button opens a modal listing
  incoming and in-progress verification requests, refreshed every 5
  seconds.
- Each entry shows the type (device or room), who it is from, a live
  age, and a live expiry countdown; the list is capped at the newest 20
  with a hidden-count note.
- Clicking an entry drives the SAS flow (accept, start, show emoji,
  confirm/cancel) within the modal.
- New /matrix-chat/verification endpoint with list, advance, confirm,
  mismatch, and cancel actions.
- trackVerificationRequest now records a seen-at timestamp and keeps
  finished requests for two minutes so their outcome can still be
  reported to the editor.

Sessions
- New "Manage sessions" button opens a modal listing the account's
  sessions, modelled on Element's session manager: the current session
  with a verified / not-verified status box, then other sessions, each
  with a green or red shield, last activity, and IP address.
- Clicking a session shows its details (session ID, last activity, IP),
  a Rename action, and a password-confirmed Remove. Unverified sessions
  offer a Verify action that hands off into the verification modal.
- New /matrix-chat/sessions endpoint with list, rename, remove, and
  verify actions.
 2026-05-22 15:29:43 -06:00
skylord123 ebcb1eab81 Upgrade to matrix-js-sdk 41.5.0; add device verification 
Upgrades matrix-js-sdk from 34.13.0 to 41.5.0. This crosses the v37
removal of the legacy libolm crypto stack, so E2EE is migrated to the
Rust crypto implementation. Also adds device verification, cross-signing
setup, and authenticated media support.

Dependencies
- Bump matrix-js-sdk ^34.13.0 -> ^41.5.0; require Node.js >= 22.
- Drop the `olm` dependency (legacy crypto only); add `fake-indexeddb`.

Rust crypto
- Replace initCrypto() with initRustCrypto(); the legacy crypto stack
  was removed upstream in v37.
- Add src/matrix-crypto-store.js: the Rust crypto store requires
  IndexedDB, absent in Node.js, so it is backed by fake-indexeddb and
  snapshotted to disk (rust-crypto-store.v8) to survive restarts.
- Migrate existing libolm crypto state into the Rust store on first run,
  and discard the stored crypto state when the device ID changes.

Homeserver discovery
- Resolve the homeserver via .well-known, so a delegating domain
  (e.g. example.org) works as the configured server URL.

Cross-signing & secure backup
- Add a secured /matrix-chat/secure-backup admin endpoint and a modal
  dialog on the server config node: check status, unlock an existing
  secure backup with its recovery key, or reset and create a new one.

Device verification (new nodes)
- matrix-verification: event source emitting verification requests and
  phase changes, with on-node filters (phase, initiated by, type,
  self-verification, user allowlist, room).
- matrix-verification-action: request, accept, start SAS, confirm,
  mismatch, or cancel an in-flight verification.

Authenticated media
- matrix-receive and matrix-crypt-file use the authenticated media
  endpoints, send a bearer token via msg.headers, and fall back between
  the v3 and v1 media endpoints on a 404.

Fixes
- Surface connection/auth errors in the log; node.error() calls were
  passed an empty msg object, which routed the error and suppressed
  console logging.
- matrix-get-user: await getProfileInfo()/getPresence().
- matrix-invite-room: pass the reason as the third invite() argument
  (the removed callback parameter was shifting it out).
- Guard the verification handlers so a throwing SDK getter cannot crash
  Node-RED.

Docs
- Add the device-verification example flow; update the READMEs and node
  help, correcting stale claims that device verification, secure backup,
  and encrypted file uploads were unsupported.
 2026-05-22 14:40:00 -06:00
skylord123 68e63e5def Upgrade from matrix-js-sdk v34 to v34.13.0 2026-02-19 22:45:31 -07:00
skylord123 99909a77c3 Merge remote-tracking branch 'origin/master' into dev 2026-02-19 22:07:10 -07:00
skylord123 aadd82d820 Set version to 0.9.2 2026-01-17 15:00:35 -07:00
skylord123 4e6fa50a67 Merge pull request #138 from Skylar-Tech/dev 
Release v0.9.2
 2026-01-17 14:57:45 -07:00
skylord123 58bf2dcb54 Set version to 0.9.2 2026-01-17 14:56:05 -07:00
skylord123 c15893bab5 Merge pull request #135 from fprotopapa/master 
Remove unused TimelineWindow in server-config. Closes #134
 2026-01-17 14:54:45 -07:00
Fabbio Protopapa f0af0e92fe Remove unused TimelineWindow in server-config 2025-12-23 09:45:57 +01:00
skylord123 04de0b4eb3 Merge pull request #132 from Skylar-Tech/dev 
Release v0.9.1
 2025-02-09 22:41:41 -07:00
skylord123 8cb52112c1 Fix module compatibility with Node.js < 22 2025-02-09 22:36:52 -07:00
skylord123 54a9972bbc Merge pull request #121 from Skylar-Tech/dev 
Release v0.9.0
 2025-02-07 20:56:40 -07:00
skylord123 ad34f018ab Merge pull request #127 from koosc/allow-unknown 
Add option for allowing unknown devices in rooms
 2025-02-07 20:52:10 -07:00
skylord123 20345787d2 README.md change 2025-02-07 20:50:25 -07:00
skylord123 99c19923c6 Release v0.9.0 2025-02-07 20:27:36 -07:00
skylord123 093d59893e Fix roomId and eventId inputs not saving field type correctly for get-event node 2025-02-07 20:27:19 -07:00
skylord123 913f5dfcb9 - Upgrade to matrix-js-sdk 34.11.1 to fix CVE-2024-50336 
- Remove request package (no longer needed)
 2025-02-05 11:59:39 -07:00
skylord123 e0947dd3bc Merge pull request #128 from wuast94/master 
Add m.notice to the receive node
 2025-02-03 20:54:40 -07:00
skylord123 8287f3c08a Merge pull request #130 from LokiMidgard/patch-1 
Support default plaintext in msg.format
 2025-02-03 20:51:43 -07:00
Patrick Kranz 2a78524a90 use hasOwn instead of keys 2025-01-09 15:28:28 +01:00
Patrick Kranz d01838ac84 Fix error 2025-01-09 15:14:50 +01:00
Patrick Kranz 2059f8455d Update matrix-send-message.js 2025-01-09 15:12:09 +01:00
skylord123 0cb8ecf8aa Updated README with a link to a guide that explains how to register users via web browser 2025-01-04 12:58:08 -07:00
Marc 77f2c4be46 Add m.notice to the receive node 2025-01-01 05:17:12 +00:00
25 changed files with 3623 additions and 1333 deletions
Expand all files Collapse all files
.github/workflows/publish.yml
+81
View File
@@ -0,0 +1,81 @@
name: Publish to npm
# Publishes the package to npm whenever a GitHub Release is published.
# It publishes the exact commit the release tag points to, so a pre-release
# can be cut from any branch (e.g. a beta off `dev`) without that branch
# having to be merged into master first.
#
# The release tag is the source of truth for the version:
# - Stable tag (e.g. v1.2.3) -> published to the "latest"
# dist-tag; the version bump is
# committed back to master.
# - Pre-release tag (e.g. v1.2.3-beta.1) -> published to a matching dist-tag
# ("beta", "rc", ...); does NOT
# become "latest" and is NOT
# committed back to master.
#
# Authentication uses npm Trusted Publishing (OIDC) - no token or secret is
# needed. Configure a trusted publisher for this package on npmjs.com:
# Repository: Skylar-Tech/node-red-contrib-matrix-chat
# Workflow: publish.yml
on:
release:
types: [published]
jobs:
publish:
runs-on: ubuntu-latest
permissions:
contents: write # commit the version bump back to master
id-token: write # npm Trusted Publishing (OIDC) + provenance
steps:
- name: Check out the released commit
uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: 22
registry-url: https://registry.npmjs.org
- name: Update npm
# Trusted Publishing requires npm 11.5.1 or newer; Node 22 ships npm 10.
run: npm install -g npm@latest
- name: Determine version and dist-tag
id: ver
run: |
VERSION="${GITHUB_REF_NAME#v}"
if [[ "$VERSION" == *-* ]]; then
# pre-release, e.g. 1.0.0-beta.1 -> dist-tag "beta"
DIST_TAG="${VERSION#*-}"
DIST_TAG="${DIST_TAG%%.*}"
PRERELEASE=true
else
DIST_TAG=latest
PRERELEASE=false
fi
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "dist_tag=$DIST_TAG" >> "$GITHUB_OUTPUT"
echo "prerelease=$PRERELEASE" >> "$GITHUB_OUTPUT"
echo "Publishing $VERSION to npm dist-tag '$DIST_TAG' (prerelease=$PRERELEASE)"
- name: Set version
run: npm version "${{ steps.ver.outputs.version }}" --no-git-tag-version --allow-same-version
- name: Publish to npm
run: npm publish --provenance --access public --tag "${{ steps.ver.outputs.dist_tag }}"
- name: Commit version bump back to master
if: steps.ver.outputs.prerelease == 'false'
run: |
if git diff --quiet; then
echo "package.json already at ${{ steps.ver.outputs.version }}; nothing to commit."
exit 0
fi
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git commit -am "Set version to ${{ steps.ver.outputs.version }}"
git push origin HEAD:master \
|| echo "::warning::Could not push the version bump to master (branch protection?). The package was still published."
README.md
+17 -10
View File
@@ -5,17 +5,19 @@
Join our public Matrix room for help: [#node-red-contrib-matrix-chat:skylar.tech](https://app.element.io/#/room/#node-red-contrib-matrix-chat:skylar.tech)
[![ko-fi](https://ko-fi.com/img/githubbutton_sm.svg)](https://ko-fi.com/B0B51BM7C)
### Features
Supported functionality in this package includes:
- **End-to-end encryption (E2EE)**
- [Work in progress](#end-to-end-encryption-notes)
- Alternative: Use [Pantalaimon](https://github.com/matrix-org/pantalaimon) for E2EE key synchronization across sessions
- **End-to-end encryption (E2EE)** — send and receive encrypted messages (see the [encryption notes](#end-to-end-encryption-notes))
- **Cross-signing & secure backup** — interactive setup from the server config node so the bot's own device shows as verified
- **Device verification** — interactive SAS (emoji) verification, either from the server config node or with the `matrix-verification` flow nodes
- **Receive events** from rooms: Messages, reactions, images, audio, locations, files, encrypted or unencrypted
- **Fetch/modify room state**: Update room settings
- **Paginate room history**
- **Send files** (encryption support for files coming soon)
- **Send files** to rooms, encrypted or unencrypted
- **Send/edit messages** (supports plain text and HTML formats)
- **Send typing notifications**
- **Delete events** (messages, reactions, etc.)
@@ -31,6 +33,8 @@ These features allow you to easily build bots, set up chat relays, or even admin
### Installing
**Requires Node.js 22 or newer** (this is a requirement of the bundled `matrix-js-sdk`).
Install through Node-RED's UI by searching for `node-red-contrib-matrix-chat`, or use the following command inside your Node-RED directory:
```bash
@@ -49,17 +53,20 @@ You're not limited to just the nodes we've created. Enable global access in your
### End-to-End Encryption Notes
- This module doesn't handle encryption key synchronization between devices. Its recommended to use the bot exclusively in Node-RED to prevent issues with E2EE messages.
- **Storage:** Keys for E2EE are saved in a folder called `matrix-client-storage` within your Node-RED directory. Back up this folder regularly! If lost, you wont be able to decrypt messages from E2EE rooms.
- To move your bot to a different installation, migrate this folder and ensure the old and new clients don't run simultaneously.
Interested in helping? Contributions to finalize E2EE support are welcome!
- E2EE uses the Rust crypto stack from `matrix-js-sdk`. The first time a bot starts after upgrading from an older version, any existing (legacy libolm) crypto state is migrated automatically.
- **Storage:** E2EE state is saved in a folder called `matrix-client-storage` within your Node-RED directory — each account's Rust crypto store is persisted there as `rust-crypto-store.v8` (snapshotted on shutdown and every 5 minutes). Setting up secure backup (below) lets you recover the account's keys even if this folder is lost.
- **Cross-signing & secure backup — strongly recommended:** open the server config node and use the **Set up secure backup & cross-signing** button. It lets you unlock an existing secure backup with its recovery key, or create a fresh one; once done, the bot's own device is cross-signed and shows as verified to others. **Save the recovery key somewhere safe** — it is shown only once, and is the only way to restore the account's encryption keys if the crypto store is ever lost.
- **Device verification:** there are two ways to verify devices —
- From the server config node, the **Pending verification requests** button opens a list of incoming requests and lets you complete the SAS (emoji) check interactively, no flow required.
- Or build your own flow: the `matrix-verification` node emits verification requests and phase changes, and `matrix-verification-action` accepts, starts, confirms, or cancels them (e.g. emailing the SAS emoji for a human to confirm). See the [device verification example](https://github.com/Skylar-Tech/node-red-contrib-matrix-chat/tree/master/examples#device-verification).
### Registering a User
This module includes a node to register users using the Synapse secret registration endpoint. It returns both an `access_token` and a `device_id`, perfect for setting up the bot.
[See how to register a user here](https://github.com/Skylar-Tech/node-red-contrib-matrix-chat/tree/master/examples#readme).
[Guide on registering a user via the web browser](https://skylar.tech/matrix-chat-bot-module-for-node-red/)
[Guide on registering using shared secret registration](https://github.com/Skylar-Tech/node-red-contrib-matrix-chat/tree/master/examples#readme) (for server owners)
### Other Packages
examples/README.md
+21
View File
@@ -431,6 +431,27 @@ Downloads received files/images. If the file is encrypted, it will decrypt it fo
</details>
### Device Verification
<details>
<summary>Handle device verification (SAS / emoji)</summary>
[View JSON](device-verification-flow.json)
An end-to-end example of interactive device verification. The `matrix-verification` node emits every verification request and phase change; the flow routes by phase, automatically **accepts** incoming requests and **starts SAS**, then surfaces the SAS emoji so a human can compare it. Inject nodes let you **confirm** or **reject** the match, and there are paths to have the bot **request** verification of a specific user's device, or a user in a room.
Requires end-to-end encryption to be enabled on the server config node. For the bot's own device to be trusted by others, also set up cross-signing via the **Set up secure backup & cross-signing** button on the server config node.
**Instructions:**
1. Import the flow and set the Matrix server config on each matrix node.
2. Replace the `@CHANGE_ME:example.org` / `CHANGE_ME` placeholders in the "Verify a user" inject nodes if you want to use the bot-initiated paths.
3. To verify the bot from another client, start a verification with it, watch the debug sidebar for the `sas` event, compare the emoji, then click the **Confirm SAS match** inject.
![device-verification-flow.png](device-verification-flow.png)
</details>
### Deprecated
<details>
examples/device-verification-flow.json
+548
View File
@@ -0,0 +1,548 @@
[
{
"id": "7158964bd67edc52",
"type": "group",
"z": "vtest",
"name": "Example verification flow",
"style": {
"label": true
},
"nodes": [
"40c105c38054d6db",
"83f785d52a61009a",
"d51bab8cbf5f247c",
"2e543533d49b467c"
],
"x": 88,
"y": 73,
"w": 1044,
"h": 754
},
{
"id": "40c105c38054d6db",
"type": "group",
"z": "vtest",
"g": "7158964bd67edc52",
"name": "Verification request handling",
"style": {
"label": true
},
"nodes": [
"mv_all",
"dbg_events",
"sw_phase",
"act_accept",
"act_start",
"chg_savevid",
"dbg_sas",
"dbg_done",
"dbg_cancelled",
"dbg_err"
],
"x": 114,
"y": 99,
"w": 992,
"h": 342
},
{
"id": "mv_all",
"type": "matrix-verification",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "All verifications",
"server": null,
"phaseRequested": true,
"phaseReady": true,
"phaseStarted": true,
"phaseSas": true,
"phaseDone": true,
"phaseCancelled": true,
"initiatedBy": "any",
"verificationType": "any",
"selfVerification": "any",
"userFilter": "",
"roomFilter": "",
"x": 220,
"y": 180,
"wires": [
[
"dbg_events",
"sw_phase"
]
]
},
{
"id": "dbg_events",
"type": "debug",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "all verification events",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 500,
"y": 140,
"wires": []
},
{
"id": "sw_phase",
"type": "switch",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "route by phase",
"property": "phase",
"propertyType": "msg",
"rules": [
{
"t": "eq",
"v": "requested",
"vt": "str"
},
{
"t": "eq",
"v": "ready",
"vt": "str"
},
{
"t": "eq",
"v": "sas",
"vt": "str"
},
{
"t": "eq",
"v": "done",
"vt": "str"
},
{
"t": "eq",
"v": "cancelled",
"vt": "str"
}
],
"checkall": "true",
"outputs": 5,
"x": 460,
"y": 220,
"wires": [
[
"act_accept"
],
[
"act_start"
],
[
"chg_savevid"
],
[
"dbg_done"
],
[
"dbg_cancelled"
]
]
},
{
"id": "act_accept",
"type": "matrix-verification-action",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "Accept",
"server": null,
"mode": "accept",
"x": 700,
"y": 180,
"wires": [
[],
[
"dbg_err"
]
]
},
{
"id": "act_start",
"type": "matrix-verification-action",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "Start SAS",
"server": null,
"mode": "start",
"x": 700,
"y": 230,
"wires": [
[],
[
"dbg_err"
]
]
},
{
"id": "chg_savevid",
"type": "change",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "save verificationId",
"rules": [
{
"t": "set",
"p": "verificationId",
"pt": "flow",
"to": "verificationId",
"tot": "msg"
}
],
"x": 710,
"y": 290,
"wires": [
[
"dbg_sas"
]
]
},
{
"id": "dbg_sas",
"type": "debug",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "SAS emoji (msg.sas)",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 960,
"y": 290,
"wires": []
},
{
"id": "dbg_done",
"type": "debug",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "verification done",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 710,
"y": 350,
"wires": []
},
{
"id": "dbg_cancelled",
"type": "debug",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "verification cancelled",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 730,
"y": 400,
"wires": []
},
{
"id": "dbg_err",
"type": "debug",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "action errors",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 940,
"y": 200,
"wires": []
},
{
"id": "83f785d52a61009a",
"type": "group",
"z": "vtest",
"g": "7158964bd67edc52",
"name": "Confirm or reject last verification request",
"style": {
"label": true
},
"nodes": [
"inj_confirm",
"chg_vid_c",
"act_confirm",
"inj_reject",
"chg_vid_r",
"act_mismatch",
"dbg_result"
],
"x": 114,
"y": 459,
"w": 982,
"h": 142
},
{
"id": "inj_confirm",
"type": "inject",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "Confirm SAS match",
"props": [],
"repeat": "",
"crontab": "",
"once": false,
"onceDelay": 0.1,
"topic": "",
"x": 250,
"y": 500,
"wires": [
[
"chg_vid_c"
]
]
},
{
"id": "chg_vid_c",
"type": "change",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "verificationId from flow",
"rules": [
{
"t": "set",
"p": "verificationId",
"pt": "msg",
"to": "verificationId",
"tot": "flow"
}
],
"x": 500,
"y": 500,
"wires": [
[
"act_confirm"
]
]
},
{
"id": "act_confirm",
"type": "matrix-verification-action",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "Confirm SAS",
"server": null,
"mode": "confirm",
"x": 750,
"y": 500,
"wires": [
[
"dbg_result"
],
[
"dbg_err"
]
]
},
{
"id": "inj_reject",
"type": "inject",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "Reject SAS (mismatch)",
"props": [],
"repeat": "",
"crontab": "",
"once": false,
"onceDelay": 0.1,
"topic": "",
"x": 260,
"y": 560,
"wires": [
[
"chg_vid_r"
]
]
},
{
"id": "chg_vid_r",
"type": "change",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "verificationId from flow",
"rules": [
{
"t": "set",
"p": "verificationId",
"pt": "msg",
"to": "verificationId",
"tot": "flow"
}
],
"x": 500,
"y": 560,
"wires": [
[
"act_mismatch"
]
]
},
{
"id": "act_mismatch",
"type": "matrix-verification-action",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "Reject (mismatch)",
"server": null,
"mode": "mismatch",
"x": 760,
"y": 560,
"wires": [
[
"dbg_result"
],
[
"dbg_err"
]
]
},
{
"id": "dbg_result",
"type": "debug",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "action result",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 980,
"y": 530,
"wires": []
},
{
"id": "d51bab8cbf5f247c",
"type": "group",
"z": "vtest",
"g": "7158964bd67edc52",
"name": "Request verification with specific user & device",
"style": {
"label": true
},
"nodes": [
"inj_request",
"act_request"
],
"x": 114,
"y": 619,
"w": 512,
"h": 82
},
{
"id": "inj_request",
"type": "inject",
"z": "vtest",
"g": "d51bab8cbf5f247c",
"name": "Verify a user & device",
"props": [
{
"p": "userId",
"v": "@CHANGE_ME:example.org",
"vt": "str"
},
{
"p": "deviceId",
"v": "CHANGE_ME",
"vt": "str"
}
],
"repeat": "",
"crontab": "",
"once": false,
"onceDelay": 0.1,
"topic": "",
"x": 260,
"y": 660,
"wires": [
[
"act_request"
]
]
},
{
"id": "act_request",
"type": "matrix-verification-action",
"z": "vtest",
"g": "d51bab8cbf5f247c",
"name": "Request verification",
"server": null,
"mode": "request",
"x": 510,
"y": 660,
"wires": [
[
"dbg_result"
],
[
"dbg_err"
]
]
},
{
"id": "2e543533d49b467c",
"type": "group",
"z": "vtest",
"g": "7158964bd67edc52",
"name": "Request verification with specific user & room",
"style": {
"label": true
},
"nodes": [
"f7c043d39780b9a4",
"b2807fd5125b56b4"
],
"x": 114,
"y": 719,
"w": 512,
"h": 82
},
{
"id": "f7c043d39780b9a4",
"type": "inject",
"z": "vtest",
"g": "2e543533d49b467c",
"name": "Verify a user & room",
"props": [
{
"p": "userId",
"v": "@CHANGE_ME:example.org",
"vt": "str"
},
{
"p": "topic",
"vt": "str"
}
],
"repeat": "",
"crontab": "",
"once": false,
"onceDelay": 0.1,
"topic": "CHANGE_ME",
"x": 250,
"y": 760,
"wires": [
[
"b2807fd5125b56b4"
]
]
},
{
"id": "b2807fd5125b56b4",
"type": "matrix-verification-action",
"z": "vtest",
"g": "2e543533d49b467c",
"name": "Request verification",
"server": null,
"mode": "request",
"x": 510,
"y": 760,
"wires": [
[
"dbg_result"
],
[
"dbg_err"
]
]
}
]
examples/device-verification-flow.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 139 KiB

package-lock.json
Generated
+181 -812
View File
File diff suppressed because it is too large Load Diff
package.json
+8 -7
View File
@@ -1,20 +1,19 @@
{
"name": "node-red-contrib-matrix-chat",
"version": "0.8.0",
"version": "1.0.0",
"description": "Matrix chat server client for Node-RED",
"dependencies": {
"abort-controller": "^3.0.0",
"fake-indexeddb": "^6.2.5",
"fluent-ffmpeg": "^2.1.2",
"fs-extra": "^11.1.0",
"got": "^12.0.2",
"image-size": "^1.0.2",
"isomorphic-webcrypto": "^2.3.8",
"matrix-js-sdk": "^28.0.0",
"matrix-js-sdk": "^41.5.0",
"mime": "^3.0.0",
"node-fetch": "^3.3.0",
"node-localstorage": "^2.2.1",
"olm": "https://gitlab.matrix.org/matrix-org/olm/-/package_files/2572/download",
"request": "^2.88.2",
"sharp": "^0.33.4",
"tmp": "^0.2.1",
"utf8": "^3.0.0"
@@ -52,11 +51,13 @@
"matrix-whois-user": "src/matrix-whois-user.js",
"matrix-paginate-room": "src/matrix-paginate-room.js",
"matrix-get-event": "src/matrix-get-event.js",
"matrix-event-relations": "src/matrix-event-relations.js"
"matrix-event-relations": "src/matrix-event-relations.js",
"matrix-verification": "src/matrix-verification.js",
"matrix-verification-action": "src/matrix-verification-action.js"
}
},
"engines": {
"node": ">=14.0.0"
"node": ">=22.0.0"
},
"keywords": [
"node-red",
@@ -67,7 +68,7 @@
],
"repository": {
"type": "git",
"url": "https://github.com/skylar-tech/node-red-contrib-matrix-chat"
"url": "git+https://github.com/Skylar-Tech/node-red-contrib-matrix-chat.git"
},
"author": {
"name": "Skylar Sadlier",
src/matrix-crypt-file.html
+10
View File
@@ -43,6 +43,16 @@
<span class="property-type">string | null</span>
</dt>
<dd> the decoded mxc url.</dd>
<dt class="optional">msg.headers
<span class="property-type">object</span>
</dt>
<dd>optional HTTP headers. If provided, they are used when downloading media (for example authenticated media bearer tokens).</dd>
<dt class="optional">msg.access_token
<span class="property-type">string</span>
</dt>
<dd>optional Matrix access token. Used as a bearer token if <code>msg.headers.Authorization</code> is not present.</dd>
</dl>
<h3>Outputs</h3>
src/matrix-crypt-file.js
+53 -4
View File
@@ -32,7 +32,9 @@ module.exports = function(RED) {
}
try{
let buffer = await got(msg.url).buffer();
const requestOptions = getRequestOptions(msg);
let buffer = await downloadBufferWithFallback(got, msg.url, requestOptions);
msg.payload = Buffer.from(await decryptAttachment(buffer, msg.content.file));
// handle thumbnail decryption if necessary
@@ -41,13 +43,14 @@ module.exports = function(RED) {
&& msg.thumbnail_url
&& msg.content.info.thumbnail_file
) {
let thumb_buffer = await got(msg.thumbnail_url).buffer();
let thumb_buffer = await downloadBufferWithFallback(got, msg.thumbnail_url, requestOptions);
msg.thumbnail_payload = Buffer.from(await decryptAttachment(thumb_buffer, msg.content.info.thumbnail_file));
}
} catch(error){
node.error(error);
msg.error = error;
node.send([null, msg]);
return;
}
msg.filename = msg.content.filename || msg.content.body;
@@ -57,12 +60,58 @@ module.exports = function(RED) {
}
RED.nodes.registerType("matrix-decrypt-file", MatrixDecryptFile);
function getRequestOptions(msg) {
const headers = { ...(msg.headers || {}) };
if (!headers.Authorization && msg.access_token) {
headers.Authorization = `Bearer ${msg.access_token}`;
}
return Object.keys(headers).length ? { headers } : {};
}
function getMediaEndpointFallbackUrl(url) {
if (typeof url !== "string") {
return null;
}
if (url.includes("/_matrix/media/v3/download/")) {
return url.replace("/_matrix/media/v3/download/", "/_matrix/client/v1/media/download/");
}
if (url.includes("/_matrix/client/v1/media/download/")) {
return url.replace("/_matrix/client/v1/media/download/", "/_matrix/media/v3/download/");
}
if (url.includes("/_matrix/media/v3/thumbnail/")) {
return url.replace("/_matrix/media/v3/thumbnail/", "/_matrix/client/v1/media/thumbnail/");
}
if (url.includes("/_matrix/client/v1/media/thumbnail/")) {
return url.replace("/_matrix/client/v1/media/thumbnail/", "/_matrix/media/v3/thumbnail/");
}
return null;
}
async function downloadBufferWithFallback(got, url, requestOptions) {
try {
return await got(url, requestOptions).buffer();
} catch (error) {
const fallbackUrl = getMediaEndpointFallbackUrl(url);
if (error?.response?.statusCode === 404 && fallbackUrl && fallbackUrl !== url) {
return await got(fallbackUrl, requestOptions).buffer();
}
throw error;
}
}
function atob(a) {
return new Buffer.from(a, 'base64').toString('binary');
return Buffer.from(a, 'base64').toString('binary');
}
function btoa(b) {
return new Buffer.from(b).toString('base64');
return Buffer.from(b).toString('base64');
}
// the following was taken & modified from https://github.com/matrix-org/browser-encrypt-attachment/blob/master/index.js
src/matrix-crypto-store.js
+175
View File
@@ -0,0 +1,175 @@
/**
* Persistence helpers for the matrix-js-sdk Rust crypto store in Node.js.
*
* matrix-js-sdk v37+ removed the legacy (libolm) crypto stack. The Rust crypto
* replacement persists its state (device identity, Olm/megolm sessions, etc.)
* to IndexedDB, which does not exist in Node.js. We provide an in-memory
* IndexedDB via `fake-indexeddb` and snapshot the databases to/from disk so the
* crypto state survives Node-RED restarts.
*
* The `indexeddbshim` package (which can persist to disk directly) is not used
* because it is incompatible with the Rust crypto store migrations
* (see matrix-org/matrix-sdk-crypto-wasm#195). `fake-indexeddb` is spec
* compliant, so snapshotting it through the public IndexedDB API is reliable.
*/
const fs = require('fs-extra');
const v8 = require('v8');
let shimInstalled = false;
/**
* Install the in-memory IndexedDB shim onto globalThis. Idempotent. Must be
* called before MatrixClient.initRustCrypto().
*/
function ensureIndexedDBShim() {
if (shimInstalled || globalThis.indexedDB) {
shimInstalled = true;
return;
}
// `fake-indexeddb/auto` assigns indexedDB / IDBKeyRange / etc. onto globalThis.
require('fake-indexeddb/auto');
shimInstalled = true;
}
function reqAsync(req) {
return new Promise((resolve, reject) => {
req.onsuccess = () => resolve(req.result);
req.onerror = () => reject(req.error);
});
}
function txDone(tx) {
return new Promise((resolve, reject) => {
tx.oncomplete = () => resolve();
tx.onerror = () => reject(tx.error);
tx.onabort = () => reject(tx.error || new Error('IndexedDB transaction aborted'));
});
}
/**
* Restore previously snapshotted IndexedDB databases from `filePath` into the
* in-memory store. No-op if the snapshot does not exist. Databases that are
* already present in memory (e.g. after a Node-RED redeploy that kept the
* process alive) are left untouched so the live state is not clobbered.
*
* Must be called before MatrixClient.initRustCrypto().
*
* @returns {Promise<boolean>} true if at least one database was restored.
*/
async function restoreCryptoStore(filePath) {
ensureIndexedDBShim();
if (!filePath || !fs.pathExistsSync(filePath)) {
return false;
}
let databases;
try {
databases = v8.deserialize(fs.readFileSync(filePath));
} catch (e) {
// Corrupt/unreadable snapshot - start fresh rather than crash.
return false;
}
if (!Array.isArray(databases) || !databases.length) {
return false;
}
const existing = new Set((await indexedDB.databases()).map((d) => d.name));
let restored = 0;
for (const dbSpec of databases) {
if (existing.has(dbSpec.name)) {
continue; // already live in memory - don't overwrite
}
const openReq = indexedDB.open(dbSpec.name, dbSpec.version);
openReq.onupgradeneeded = () => {
const db = openReq.result;
for (const store of dbSpec.stores) {
if (db.objectStoreNames.contains(store.name)) {
continue;
}
const os = db.createObjectStore(store.name, {
keyPath: store.keyPath || undefined,
autoIncrement: store.autoIncrement,
});
for (const ix of store.indexes) {
os.createIndex(ix.name, ix.keyPath, { unique: ix.unique, multiEntry: ix.multiEntry });
}
}
};
const db = await reqAsync(openReq);
for (const store of dbSpec.stores) {
if (!store.values.length) {
continue;
}
const tx = db.transaction(store.name, 'readwrite');
const os = tx.objectStore(store.name);
for (let i = 0; i < store.values.length; i++) {
if (store.keyPath) {
os.put(store.values[i]);
} else {
os.put(store.values[i], store.keys[i]);
}
}
await txDone(tx);
}
db.close();
restored++;
}
return restored > 0;
}
/**
* Snapshot IndexedDB databases to `filePath`. If `dbNamePrefix` is given only
* databases whose name starts with it are written, so multiple Matrix accounts
* sharing one process do not snapshot each other's data.
*
* The write is atomic (temp file + rename). Values are serialized with the V8
* serializer so typed arrays / Maps inside the crypto store survive intact.
*
* @returns {Promise<boolean>} true if a snapshot file was written.
*/
async function snapshotCryptoStore(filePath, dbNamePrefix) {
if (!filePath || !globalThis.indexedDB || typeof indexedDB.databases !== 'function') {
return false;
}
let dbList = await indexedDB.databases();
if (dbNamePrefix) {
dbList = dbList.filter((d) => typeof d.name === 'string' && d.name.startsWith(dbNamePrefix));
}
const out = [];
for (const { name, version } of dbList) {
const db = await reqAsync(indexedDB.open(name, version));
const stores = [];
for (const storeName of Array.from(db.objectStoreNames)) {
const tx = db.transaction(storeName, 'readonly');
const os = tx.objectStore(storeName);
const indexes = Array.from(os.indexNames).map((n) => {
const ix = os.index(n);
return { name: n, keyPath: ix.keyPath, unique: ix.unique, multiEntry: ix.multiEntry };
});
stores.push({
name: storeName,
keyPath: os.keyPath,
autoIncrement: os.autoIncrement,
indexes,
values: await reqAsync(os.getAll()),
keys: await reqAsync(os.getAllKeys()),
});
}
db.close();
out.push({ name, version, stores });
}
const tmp = `${filePath}.tmp`;
fs.writeFileSync(tmp, v8.serialize(out));
fs.renameSync(tmp, filePath);
return true;
}
module.exports = { ensureIndexedDBShim, restoreCryptoStore, snapshotCryptoStore };
src/matrix-event-relations.js
+6 -3
View File
@@ -1,4 +1,4 @@
const {RelationType, EventType, Direction} = require("matrix-js-sdk");
const sdkPromise = import("matrix-js-sdk");
module.exports = function(RED) {
function MatrixFetchRelations(n) {
@@ -49,14 +49,17 @@ module.exports = function(RED) {
}
try {
const sdk = await sdkPromise;
const Direction = sdk.Direction;
function evaluateNodePropertySafe(value, type, node, msg) {
try {
return RED.util.evaluateNodeProperty(value, type, node, msg);
} catch (e) {
if (e instanceof TypeError) {
return undefined; // Handle TypeError and return undefined
return undefined;
}
throw e; // Re-throw other errors to prevent masking issues
throw e;
}
}
src/matrix-get-event.html
+8 -16
View File
@@ -19,14 +19,18 @@
},
oneditprepare: function() {
$("#node-input-roomId").typedInput({
type: this.roomIdType,
types: ['msg','flow','global','str'],
}).typedInput('value', this.roomIdValue);
typeField: "#node-input-roomId"
});
$("#node-input-roomId").typedInput("type", this.roomIdType || "msg");
$("#node-input-roomId").typedInput("value", this.roomIdValue || "topic");
$("#node-input-eventId").typedInput({
type: this.eventIdType,
types: ['msg','flow','global','str'],
}).typedInput('value', this.eventIdValue);
typeField: "#node-input-eventId"
});
$("#node-input-eventId").typedInput("type", this.eventIdType || "msg");
$("#node-input-eventId").typedInput("value", this.eventIdValue || "eventId");
},
oneditsave: function() {
this.roomIdType = $("#node-input-roomId").typedInput('type');
@@ -58,18 +62,6 @@
<label for="node-input-eventId"><i class="fa fa-file"></i> Event ID</label>
<input type="text" id="node-input-eventId">
</div>
<script type="text/javascript">
$(function(){
$("#node-input-roomId").on("keyup", function() {
if($(this).val() && !$(this).val().startsWith("!")) {
$("#node-input-roomId-error").html(`Room IDs start with exclamation point "!"<br />Example: !OGEhHVWSdvArJzumhm:matrix.org`).show();
} else {
$("#node-input-roomId-error").hide();
}
}).trigger('keyup');
});
</script>
</script>
<script type="text/html" data-help-name="matrix-get-event">
src/matrix-get-user.js
+4 -4
View File
@@ -106,14 +106,14 @@ module.exports = function(RED) {
let user2 = {};
try {
let profileInfo = node.server.matrixClient.getProfileInfo(userId);
if(Object.keys(profileInfo).length > 0) {
let profileInfo = await node.server.matrixClient.getProfileInfo(userId);
if(profileInfo && Object.keys(profileInfo).length > 0) {
user2.displayName = profileInfo.displayname;
user2.avatarUrl = profileInfo.avatar_url;
}
let presence = node.server.matrixClient.getPresence(userId);
if(Object.keys(presence).length > 0) {
let presence = await node.server.matrixClient.getPresence(userId);
if(presence && Object.keys(presence).length > 0) {
user2.currentlyActive = presence.currently_active;
user2.lastActiveAgo = presence.last_active_ago;
user2.presenceStatusMsg = presence.presence_status_msg;
src/matrix-invite-room.js
+3 -2
View File
@@ -54,9 +54,10 @@ module.exports = function(RED) {
return;
}
// we need the status code, so set onlydata to false for this request
// invite(roomId, userId, opts|reason) - the SDK no longer accepts a
// callback argument, so the reason is passed as the 3rd parameter.
node.server.matrixClient
.invite(msg.topic, msg.userId, undefined, msg.reason || undefined)
.invite(msg.topic, msg.userId, msg.reason || undefined)
.then(function(e){
msg.payload = e;
node.send([msg, null]);
src/matrix-mark-read.js
+6 -7
View File
@@ -1,9 +1,8 @@
const {TimelineWindow, RelationType, Filter} = require("matrix-js-sdk");
const crypto = require('crypto');
module.exports = function(RED) {
function MatrixReceiveMessage(n) {
RED.nodes.createNode(this, n);
module.exports = function(RED) {
function MatrixMarkRead(n) {
RED.nodes.createNode(this, n);
let node = this;
this.name = n.name;
this.server = RED.nodes.getNode(n.server);
@@ -38,7 +37,7 @@ module.exports = function(RED) {
let value = property;
if (type === "msg") {
value = RED.util.getMessageProperty(msg, property);
} else if ((type === 'flow') || (type === 'global')) {
} else if (type === 'flow' || type === 'global') {
try {
value = RED.util.evaluateNodeProperty(property, type, node, msg);
} catch (e2) {
@@ -66,7 +65,7 @@ module.exports = function(RED) {
throw new Error(`Event ${eventId} not found in room ${roomId}.`);
}
await node.server.matrixClient.sendReceipt(event, "m.read")
await node.server.matrixClient.sendReceipt(event, "m.read");
node.send([msg, null]);
} catch (e) {
msg.error = `Room pagination error: ${e}`;
@@ -79,5 +78,5 @@ module.exports = function(RED) {
node.server.deregister(node);
});
}
RED.nodes.registerType("matrix-mark-read", MatrixReceiveMessage);
RED.nodes.registerType("matrix-mark-read", MatrixMarkRead);
}
src/matrix-paginate-room.js
+19 -19
View File
@@ -1,7 +1,8 @@
const {TimelineWindow, RelationType, Filter} = require("matrix-js-sdk");
const sdkPromise = import("matrix-js-sdk");
const crypto = require('crypto');
module.exports = function(RED) {
function MatrixReceiveMessage(n) {
function MatrixPaginateRoom(n) {
RED.nodes.createNode(this, n);
let node = this;
@@ -43,7 +44,7 @@ module.exports = function(RED) {
let value = property;
if (type === "msg") {
value = RED.util.getMessageProperty(msg, property);
} else if ((type === 'flow') || (type === 'global')) {
} else if (type === 'flow' || type === 'global') {
try {
value = RED.util.evaluateNodeProperty(property, type, node, msg);
} catch(e2) {
@@ -61,17 +62,15 @@ module.exports = function(RED) {
if (type === 'global' || type === 'flow') {
var contextKey = RED.util.parseContextStore(property);
if (/\[msg/.test(contextKey.key)) {
// The key has a nest msg. reference to evaluate first
contextKey.key = RED.util.normalisePropertyExpression(contextKey.key, msg, true)
// The key has a nested msg. reference that must be evaluated first
contextKey.key = RED.util.normalisePropertyExpression(contextKey.key, msg, true);
}
var target = node.context()[type];
var callback = err => {
target.set(contextKey.key, value, contextKey.store, err => {
if (err) {
node.error(err, msg);
getterErrors[rule.p] = err.message;
}
}
target.set(contextKey.key, value, contextKey.store, callback);
});
} else if (type === 'msg') {
if (!RED.util.setMessageProperty(msg, property, value)) {
node.warn(RED._("change.errors.no-override", { property: property }));
@@ -80,6 +79,12 @@ module.exports = function(RED) {
}
try {
// Dynamically load the SDK
const sdk = await sdkPromise;
const TimelineWindow = sdk.TimelineWindow;
const RelationType = sdk.RelationType;
// (Filter was imported originally but is not used, so we omit it.)
let roomId = getToValue(msg, node.roomType, node.roomValue),
paginateBackwards = getToValue(msg, node.paginateBackwardsType, node.paginateBackwardsValue),
pageSize = getToValue(msg, node.pageSizeType, node.pageSizeValue),
@@ -101,24 +106,19 @@ module.exports = function(RED) {
moreMessages = true;
if (!timelineWindow) {
let timelineSet = room.getUnfilteredTimelineSet();
// node.debug(JSON.stringify(timelineSet.getFilter()));
// MatrixClient's option initialSyncLimit gets set to the filter we are using
// so override that value with our pageSize
// MatrixClient's option initialSyncLimit gets set to the filter we are using,
// so override that value with our pageSize.
timelineWindow = new TimelineWindow(node.server.matrixClient, timelineSet);
await timelineWindow.load(msg.eventId || null, pageSize);
node.timelineWindows.set(pageKey, timelineWindow);
} else {
moreMessages = await timelineWindow.paginate(paginateBackwards ? 'b' : 'f', pageSize); // b for backwards f for forwards
moreMessages = await timelineWindow.paginate(paginateBackwards ? 'b' : 'f', pageSize); // 'b' for backwards, 'f' for forwards
if (moreMessages) {
await timelineWindow.unpaginate(pageSize, !paginateBackwards);
}
}
// MatrixEvent objects are massive so this throws an encode error for the string being too long
// since msg objects convert to JSON
// msg.payload = moreMessages ? timelineWindow.getEvents() : false;
// To avoid errors converting massive MatrixEvent objects to JSON, we omit them.
msg.payload = false;
msg.start = timelineWindow.getTimelineIndex('b')?.index;
msg.end = timelineWindow.getTimelineIndex('f')?.index;
@@ -152,5 +152,5 @@ module.exports = function(RED) {
node.server.deregister(node);
});
}
RED.nodes.registerType("matrix-paginate-room", MatrixReceiveMessage);
RED.nodes.registerType("matrix-paginate-room", MatrixPaginateRoom);
}
src/matrix-receive.html
+16
View File
@@ -13,6 +13,7 @@
acceptOwnEvents: {"value": false},
acceptText: {"value": true},
acceptEmotes: {"value": true},
acceptNotices: {"value": true},
acceptStickers: {"value": true},
acceptReactions: {"value": true},
acceptFiles: {"value": true},
@@ -66,6 +67,16 @@
Accept text <code style="text-transform: none;">m.text</code>
</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input
type="checkbox"
id="node-input-acceptNotices"
style="width: auto; margin-left: 125px; vertical-align: top"
/>
<label for="node-input-acceptNotices" style="width: auto">
Accept notices <code style="text-transform: none;">m.notice</code>
</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input
type="checkbox"
@@ -216,6 +227,11 @@
<dt>msg.content <span class="property-type">object</span></dt>
<dd>the message's content object</dd>
</dl>
<dl class="message-properties">
<dt>msg.headers <span class="property-type">object | null</span></dt>
<dd>for media events, includes auth headers (for example <code>Authorization: Bearer ...</code>) used by authed media endpoints.</dd>
</dl>
</li>
<li><code>msg.type</code> == '<strong>m.text</strong>'
src/matrix-receive.js
+37 -3
View File
@@ -1,4 +1,3 @@
const {RelationType} = require("matrix-js-sdk");
module.exports = function(RED) {
function MatrixReceiveMessage(n) {
RED.nodes.createNode(this, n);
@@ -10,6 +9,7 @@ module.exports = function(RED) {
this.acceptOwnEvents = n.acceptOwnEvents;
this.acceptText = n.acceptText;
this.acceptEmotes = n.acceptEmotes;
this.acceptNotices = n.acceptNotices;
this.acceptStickers = n.acceptStickers;
this.acceptReactions = n.acceptReactions;
this.acceptFiles = n.acceptFiles;
@@ -47,11 +47,31 @@ module.exports = function(RED) {
return;
}
const setAuthHeaders = () => {
const accessToken = node.server.matrixClient.getAccessToken?.();
if (accessToken) {
msg.headers = {
...(msg.headers || {}),
Authorization: `Bearer ${accessToken}`,
};
}
};
const setUrls = (urlKey, encryptedKey) => {
const url = msg.encrypted ? msg.content[encryptedKey]?.url : msg.content[urlKey];
if (url) {
msg.url = node.server.matrixClient.mxcUrlToHttp(url);
const authenticatedUrl = node.server.matrixClient.mxcUrlToHttp(
url,
undefined,
undefined,
undefined,
false,
true,
true,
);
msg.url = authenticatedUrl || node.server.matrixClient.mxcUrlToHttp(url);
msg.mxc_url = url;
setAuthHeaders();
}
};
@@ -59,8 +79,18 @@ module.exports = function(RED) {
const thumbnailFile = msg.content.info?.[infoKey];
const thumbnailUrl = thumbnailFile?.url;
if (thumbnailUrl) {
msg.thumbnail_url = node.server.matrixClient.mxcUrlToHttp(thumbnailUrl);
const authenticatedThumbnailUrl = node.server.matrixClient.mxcUrlToHttp(
thumbnailUrl,
undefined,
undefined,
undefined,
false,
true,
true,
);
msg.thumbnail_url = authenticatedThumbnailUrl || node.server.matrixClient.mxcUrlToHttp(thumbnailUrl);
msg.thumbnail_mxc_url = thumbnailUrl;
setAuthHeaders();
}
};
@@ -69,6 +99,10 @@ module.exports = function(RED) {
if (!node.acceptEmotes) return;
break;
case 'm.notice':
if (!node.acceptNotices) return;
break;
case 'm.text':
if (!node.acceptText) return;
break;
src/matrix-send-message.js
+16 -10
View File
@@ -1,9 +1,8 @@
const {RelationType} = require("matrix-js-sdk");
const sdkPromise = import("matrix-js-sdk");
module.exports = function(RED) {
function MatrixSendImage(n) {
RED.nodes.createNode(this, n);
var node = this;
this.name = n.name;
@@ -68,12 +67,17 @@ module.exports = function(RED) {
node.status({ fill: "green", shape: "ring", text: "connected" });
});
node.on("input", function (msg) {
// Make the input handler async so we can await the dynamic import.
node.on("input", async function (msg) {
// Await the SDK import and get the RelationType constant.
const sdk = await sdkPromise;
const RelationType = sdk.RelationType;
function getToValue(msg, type, property) {
let value = property;
if (type === "msg") {
value = RED.util.getMessageProperty(msg, property);
} else if ((type === 'flow') || (type === 'global')) {
} else if (type === 'flow' || type === 'global') {
try {
value = RED.util.evaluateNodeProperty(property, type, node, msg);
} catch(e2) {
@@ -120,14 +124,14 @@ module.exports = function(RED) {
} else {
if (msgType === 'msg.type') {
if (!msg.type) {
node.error("msg.type type is set to be passed in via msg.type but was not defined", msg);
node.error("msg.type is set to be passed in via msg.type but was not defined", msg);
return;
}
msgType = msg.type;
}
if (msgFormat === 'msg.format') {
if(!msg.format) {
if (!Object.hasOwn(msg, 'format')) {
node.error("Message format is set to be passed in via msg.format but was not defined", msg);
return;
}
@@ -165,9 +169,11 @@ module.exports = function(RED) {
};
content['body'] = ' * ' + content['body'];
} else if (threadReply) {
// if incoming message is a reply to a thread we fetch the thread parent from the m.relates_to property
// otherwise fallback to msg.eventId
let threadParent = (msg?.content?.['m.relates_to']?.rel_type === RelationType.Thread ? msg?.content?.['m.relates_to']?.event_id : null) || msg.eventId;
// If incoming message is a reply to a thread we fetch the thread parent from m.relates_to,
// otherwise fallback to msg.eventId.
let threadParent = (msg?.content?.['m.relates_to']?.rel_type === RelationType.Thread
? msg?.content?.['m.relates_to']?.event_id
: null) || msg.eventId;
if (threadParent) {
content["m.relates_to"] = {
"rel_type": RelationType.Thread,
@@ -202,4 +208,4 @@ module.exports = function(RED) {
});
}
RED.nodes.registerType("matrix-send-message", MatrixSendImage);
}
};
src/matrix-server-config.html
+806 -70
View File
@@ -31,17 +31,765 @@
accessToken: { type: "password", required: true },
deviceId: { type: "text", required: false },
url: { type: "text", required: true },
password: { type: "password", required: false },
},
defaults: {
name: { value: null },
autoAcceptRoomInvites: { value: true },
enableE2ee: { type: "checkbox", value: true },
global: { type: "checkbox", value: true },
allowUnknownDevices: { type: "checkbox", value: false }
allowUnknownDevices: { type: "checkbox", value: true }
},
icon: "matrix.png",
label: function() {
return this.name || undefined;
},
oneditprepare: function() {
const nodeId = this.id;
// --- Secure backup / cross-signing setup (modal dialog) ---
// The modal is built once and reused across editor sessions; the
// current node id is stored on the overlay so its handlers target
// whichever server config node is being edited.
if (!document.getElementById("matrix-sb-overlay")) {
$('<style>'
+ '.matrix-sb-overlay{position:fixed;inset:0;z-index:3000;display:none;background:rgba(0,0,0,.45);}'
+ '.matrix-sb-modal{position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);'
+ 'width:540px;max-width:92vw;max-height:88vh;display:flex;flex-direction:column;'
+ 'border-radius:6px;overflow:hidden;box-shadow:0 12px 44px rgba(0,0,0,.45);'
+ 'background:var(--red-ui-primary-background,#fff);color:var(--red-ui-primary-text-color,#2a2a2a);}'
+ '.matrix-sb-head{display:flex;justify-content:space-between;align-items:center;'
+ 'padding:12px 16px;font-size:15px;font-weight:bold;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-bottom:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '.matrix-sb-x{cursor:pointer;font-size:20px;line-height:1;opacity:.55;}'
+ '.matrix-sb-x:hover{opacity:1;}'
+ '.matrix-sb-body{padding:16px;overflow:auto;}'
+ '.matrix-sb-state{display:flex;gap:10px;align-items:flex-start;font-size:14px;line-height:1.5;}'
+ '.matrix-sb-section{margin-top:18px;}'
+ '.matrix-sb-section label{display:block;font-weight:bold;margin-bottom:5px;}'
+ '.matrix-sb-section input{width:100%;box-sizing:border-box;padding:7px 9px;border-radius:4px;'
+ 'border:1px solid var(--red-ui-form-input-border-color,#ccc);'
+ 'background:var(--red-ui-form-input-background,#fff);color:var(--red-ui-primary-text-color,#2a2a2a);}'
+ '.matrix-sb-hint{color:var(--red-ui-secondary-text-color,#888);font-size:12px;margin-top:5px;}'
+ '.matrix-sb-actions{margin-top:12px;text-align:right;}'
+ '.matrix-sb-warn{background:#fdf3e7;border:1px solid #f0c36d;color:#7a5b16;'
+ 'border-radius:4px;padding:9px 11px;font-size:13px;margin-bottom:12px;}'
+ '.matrix-sb-result{margin-top:18px;padding:11px 13px;border-radius:4px;font-size:13px;white-space:pre-wrap;}'
+ '.matrix-sb-result.ok{background:#e7f4ea;border:1px solid #8fcea5;color:#1e6b33;}'
+ '.matrix-sb-result.err{background:#fde7e9;border:1px solid #e8a0a8;color:#8a1f2b;}'
+ '.matrix-sb-key{margin-top:9px;padding:9px;border-radius:4px;font-family:monospace;'
+ 'font-size:13px;word-break:break-all;background:rgba(127,127,127,.16);border:1px dashed #999;}'
+ '.matrix-sb-foot{display:flex;justify-content:flex-end;gap:8px;padding:10px 16px;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-top:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '</style>').appendTo("head");
$('<div id="matrix-sb-overlay" class="matrix-sb-overlay"><div class="matrix-sb-modal">'
+ '<div class="matrix-sb-head"><span><i class="fa fa-shield"></i> Secure Backup &amp; Cross-signing</span>'
+ '<span class="matrix-sb-x" id="matrix-sb-x" title="Close">&times;</span></div>'
+ '<div class="matrix-sb-body">'
+ '<div class="matrix-sb-state" id="matrix-sb-state"></div>'
+ '<div class="matrix-sb-section" id="matrix-sb-unlock" style="display:none;">'
+ '<label>Recovery key or passphrase</label>'
+ '<input type="text" id="matrix-sb-recoverykey" placeholder="EsTx xxxx xxxx xxxx ...">'
+ '<div class="matrix-sb-hint">The recovery key created when secure backup / key storage was first set up on this account.</div>'
+ '<div class="matrix-sb-actions"><button type="button" class="red-ui-button" id="matrix-sb-unlock-btn">Unlock &amp; set up cross-signing</button></div>'
+ '</div>'
+ '<div class="matrix-sb-section" id="matrix-sb-reset" style="display:none;">'
+ '<div class="matrix-sb-warn">Resetting creates new cross-signing keys and a new recovery key, replacing the existing ones. Other sessions that trusted the old identity will need to be re-verified.</div>'
+ '<label>Account password</label>'
+ '<input type="password" id="matrix-sb-password" placeholder="Account password">'
+ '<div class="matrix-sb-actions"><button type="button" class="red-ui-button" id="matrix-sb-reset-btn">Reset cross-signing &amp; secure backup</button></div>'
+ '</div>'
+ '<div class="matrix-sb-result" id="matrix-sb-result" style="display:none;"></div>'
+ '</div>'
+ '<div class="matrix-sb-foot">'
+ '<button type="button" class="red-ui-button" id="matrix-sb-reset-toggle" style="display:none;">Reset instead…</button>'
+ '<button type="button" class="red-ui-button" id="matrix-sb-close">Close</button>'
+ '</div></div></div>').appendTo(document.body);
var sbEsc = function(s) { return $("<div>").text(s == null ? "" : String(s)).html(); };
var sbClose = function() { $("#matrix-sb-overlay").fadeOut(120); };
var sbId = function() { return $("#matrix-sb-overlay").data("matrixNodeId"); };
var sbBtns = function(disabled) { $("#matrix-sb-unlock-btn,#matrix-sb-reset-btn").prop("disabled", disabled); };
var sbCall = function(body) {
return $.ajax({
url: "matrix-chat/secure-backup", type: "POST",
contentType: "application/json", data: JSON.stringify(body),
});
};
var sbState = function(icon, color, html) {
$("#matrix-sb-state").html('<i class="fa ' + icon + '" style="color:' + color + ';font-size:18px;"></i><span>' + html + '</span>');
};
var sbResult = function(ok, text, key) {
var h = sbEsc(text);
if (key) { h += '<div class="matrix-sb-key">' + sbEsc(key) + '</div>'; }
$("#matrix-sb-result").removeClass("ok err").addClass(ok ? "ok" : "err").html(h).show();
};
var sbStatus = function() {
$("#matrix-sb-unlock,#matrix-sb-reset,#matrix-sb-result,#matrix-sb-reset-toggle").hide();
sbState("fa-spinner fa-spin", "#888", "Checking the account…");
sbCall({ id: sbId(), action: "status" }).done(function(data) {
if (data.result !== "ok") {
sbState("fa-exclamation-triangle", "#c9302c", "Could not check the account.");
sbResult(false, data.message || "Unknown error");
return;
}
if (data.crossSigningReady) {
sbState("fa-check-circle", "#3a9a4e", "<b>Cross-signing is set up.</b> The bot's device is cross-signed.");
$("#matrix-sb-reset-toggle").show();
} else if (data.secretStorageExists) {
sbState("fa-lock", "#d18a1b", "This account has an existing secure backup. Enter its recovery key to set up cross-signing for the bot.");
$("#matrix-sb-recoverykey").val("");
$("#matrix-sb-unlock,#matrix-sb-reset-toggle").show();
} else {
sbState("fa-shield", "#888", "No secure backup exists yet. Set one up to enable cross-signing.");
$("#matrix-sb-password").val("");
$("#matrix-sb-reset").show();
}
sbBtns(false);
}).fail(function() {
sbState("fa-exclamation-triangle", "#c9302c", "Request failed — is Node-RED still running?");
});
};
$("#matrix-sb-x,#matrix-sb-close").on("click", sbClose);
$("#matrix-sb-overlay").on("mousedown", function(e) { if (e.target === this) { sbClose(); } });
$(document).on("keydown.matrixsb", function(e) {
if (e.key === "Escape" && $("#matrix-sb-overlay").is(":visible")) { sbClose(); }
});
$("#matrix-sb-reset-toggle").on("click", function() {
$(this).hide();
$("#matrix-sb-password").val("");
$("#matrix-sb-reset").show();
});
$("#matrix-sb-unlock-btn").on("click", function() {
sbBtns(true);
sbState("fa-spinner fa-spin", "#888", "Unlocking secure backup…");
sbCall({ id: sbId(), action: "unlock", recoveryKey: $("#matrix-sb-recoverykey").val() })
.done(function(data) {
if (data.result !== "ok") {
sbState("fa-lock", "#d18a1b", "Enter the recovery key to set up cross-signing.");
sbResult(false, data.message); sbBtns(false); return;
}
$("#matrix-sb-unlock,#matrix-sb-reset,#matrix-sb-reset-toggle").hide();
sbState("fa-check-circle", "#3a9a4e", "<b>Done.</b>");
sbResult(true, data.message);
})
.fail(function() { sbResult(false, "Request failed — is Node-RED still running?"); sbBtns(false); });
});
$("#matrix-sb-reset-btn").on("click", function() {
sbBtns(true);
sbState("fa-spinner fa-spin", "#888", "Resetting cross-signing & secure backup…");
sbCall({ id: sbId(), action: "reset", password: $("#matrix-sb-password").val() })
.done(function(data) {
if (data.result !== "ok") {
sbState("fa-shield", "#d18a1b", "Enter the account password to reset.");
sbResult(false, data.message); sbBtns(false); return;
}
$("#matrix-sb-unlock,#matrix-sb-reset,#matrix-sb-reset-toggle").hide();
sbState("fa-check-circle", "#3a9a4e", "<b>Reset complete.</b>");
sbResult(true, data.message, data.recoveryKey);
})
.fail(function() { sbResult(false, "Request failed — is Node-RED still running?"); sbBtns(false); });
});
// expose the status loader so per-session click handlers can call it
$("#matrix-sb-overlay").data("sbStatusFn", sbStatus);
}
$("#matrix-secure-backup-btn").on("click", function() {
$("#matrix-sb-overlay").data("matrixNodeId", nodeId).fadeIn(120);
$("#matrix-sb-overlay").data("sbStatusFn")();
});
// --- Verification list (modal) ---
// Built once and reused; the node id is stored on the overlay.
if (!document.getElementById("matrix-vl-overlay")) {
$('<style>'
+ '.matrix-vl-overlay{position:fixed;inset:0;z-index:3000;display:none;background:rgba(0,0,0,.45);}'
+ '.matrix-vl-modal{position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);'
+ 'width:560px;max-width:92vw;max-height:88vh;display:flex;flex-direction:column;'
+ 'border-radius:6px;overflow:hidden;box-shadow:0 12px 44px rgba(0,0,0,.45);'
+ 'background:var(--red-ui-primary-background,#fff);color:var(--red-ui-primary-text-color,#2a2a2a);}'
+ '.matrix-vl-head{display:flex;justify-content:space-between;align-items:center;'
+ 'padding:12px 16px;font-size:15px;font-weight:bold;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-bottom:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '.matrix-vl-x{cursor:pointer;font-size:20px;line-height:1;opacity:.55;}'
+ '.matrix-vl-x:hover{opacity:1;}'
+ '.matrix-vl-body{padding:14px 16px;overflow:auto;}'
+ '.matrix-vl-note{font-size:12px;color:var(--red-ui-secondary-text-color,#888);margin-bottom:10px;}'
+ '.matrix-vl-item{display:flex;justify-content:space-between;gap:12px;padding:10px 12px;'
+ 'margin-bottom:8px;border-radius:5px;cursor:pointer;'
+ 'border:1px solid var(--red-ui-secondary-border-color,#ddd);'
+ 'background:var(--red-ui-secondary-background,#f7f7f7);}'
+ '.matrix-vl-item:hover{border-color:var(--red-ui-node-border,#999);}'
+ '.matrix-vl-item-l{flex:1;min-width:0;}'
+ '.matrix-vl-item-title{font-weight:bold;}'
+ '.matrix-vl-item-sub{font-size:12px;color:var(--red-ui-secondary-text-color,#888);'
+ 'margin-top:2px;word-break:break-word;}'
+ '.matrix-vl-item-r{text-align:right;font-size:12px;white-space:nowrap;}'
+ '.matrix-vl-exp{color:#d18a1b;}'
+ '.matrix-vl-empty,.matrix-vl-more{font-size:13px;'
+ 'color:var(--red-ui-secondary-text-color,#888);padding:6px 2px;}'
+ '.matrix-vl-d-state{display:flex;gap:10px;align-items:flex-start;font-size:14px;line-height:1.5;}'
+ '.matrix-vl-d-state .fa{font-size:18px;}'
+ '.matrix-vl-sas{display:flex;flex-wrap:wrap;gap:10px;margin:14px 0;}'
+ '.matrix-vl-emoji{width:88px;text-align:center;padding:8px 4px;border-radius:5px;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '.matrix-vl-emoji .e{font-size:30px;line-height:1.3;}'
+ '.matrix-vl-emoji .n{font-size:11px;color:var(--red-ui-secondary-text-color,#888);text-transform:capitalize;}'
+ '.matrix-vl-result{margin-top:12px;padding:10px 12px;border-radius:4px;font-size:13px;}'
+ '.matrix-vl-foot{display:flex;align-items:center;gap:8px;padding:10px 16px;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-top:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '</style>').appendTo("head");
$('<div id="matrix-vl-overlay" class="matrix-vl-overlay"><div class="matrix-vl-modal">'
+ '<div class="matrix-vl-head"><span><i class="fa fa-check-circle"></i> Device Verification</span>'
+ '<span class="matrix-vl-x" id="matrix-vl-x" title="Close">&times;</span></div>'
+ '<div class="matrix-vl-body">'
+ '<div id="matrix-vl-listview">'
+ '<div class="matrix-vl-note">Pending verification requests &mdash; this list refreshes every 5 seconds. Click a request to verify it.</div>'
+ '<div id="matrix-vl-items"></div>'
+ '<div id="matrix-vl-empty" class="matrix-vl-empty" style="display:none;">No pending verification requests.</div>'
+ '<div id="matrix-vl-more" class="matrix-vl-more" style="display:none;"></div>'
+ '</div>'
+ '<div id="matrix-vl-detailview" style="display:none;">'
+ '<div id="matrix-vl-d-head" class="matrix-vl-item-sub" style="margin-bottom:10px;"></div>'
+ '<div id="matrix-vl-d-state" class="matrix-vl-d-state"></div>'
+ '<div id="matrix-vl-d-sas" class="matrix-vl-sas" style="display:none;"></div>'
+ '<div id="matrix-vl-d-actions" style="display:none;text-align:right;">'
+ '<button type="button" class="red-ui-button" id="matrix-vl-d-mismatch">They don&#39;t match</button> '
+ '<button type="button" class="red-ui-button" id="matrix-vl-d-confirm">They match</button>'
+ '</div>'
+ '<div id="matrix-vl-d-result" class="matrix-vl-result" style="display:none;"></div>'
+ '</div>'
+ '</div>'
+ '<div class="matrix-vl-foot">'
+ '<button type="button" class="red-ui-button" id="matrix-vl-back" style="display:none;">&larr; Back to list</button>'
+ '<span style="flex:1;"></span>'
+ '<button type="button" class="red-ui-button" id="matrix-vl-cancel" style="display:none;">Cancel verification</button>'
+ '<button type="button" class="red-ui-button" id="matrix-vl-close">Close</button>'
+ '</div></div></div>').appendTo(document.body);
var vlListTimer = null, vlTickTimer = null, vlDetailTimer = null;
var vlEsc = function(s) { return $("<div>").text(s == null ? "" : String(s)).html(); };
var vlId = function() { return $("#matrix-vl-overlay").data("matrixNodeId"); };
var vlCurId = function() { return $("#matrix-vl-overlay").data("vlCurrentId"); };
var vlCall = function(body) {
return $.ajax({
url: "matrix-chat/verification", type: "POST",
contentType: "application/json", data: JSON.stringify(body),
});
};
var vlClearTimers = function() {
if(vlListTimer) { clearInterval(vlListTimer); vlListTimer = null; }
if(vlTickTimer) { clearInterval(vlTickTimer); vlTickTimer = null; }
if(vlDetailTimer) { clearInterval(vlDetailTimer); vlDetailTimer = null; }
};
var vlDur = function(ms) {
var s = Math.max(0, Math.round(ms / 1000));
if(s < 60) { return s + "s"; }
var m = Math.floor(s / 60), r = s % 60;
return m + "m " + (r < 10 ? "0" : "") + r + "s";
};
var vlState = function(icon, color, html) {
$("#matrix-vl-d-state").html('<i class="fa ' + icon + '" style="color:' + color + ';"></i><span>' + html + '</span>');
};
var vlTick = function() {
var now = Date.now();
$("#matrix-vl-items .matrix-vl-item").each(function() {
var $it = $(this);
var seen = parseInt($it.attr("data-seen"), 10);
var expires = $it.attr("data-expires");
$it.find(".matrix-vl-age").text(isNaN(seen) ? "" : "age " + vlDur(now - seen));
if(expires) {
var left = parseInt(expires, 10) - now;
$it.find(".matrix-vl-exp").text(left > 0 ? "expires in " + vlDur(left) : "expired");
}
});
};
var vlRenderList = function(data) {
if(data.result !== "ok") {
$("#matrix-vl-items").html('<div class="matrix-vl-empty">' + vlEsc(data.message) + '</div>');
$("#matrix-vl-empty,#matrix-vl-more").hide();
return;
}
var now = Date.now();
var $items = $("#matrix-vl-items").empty();
(data.verifications || []).forEach(function(v) {
var typeLabel = v.type === "room" ? "Room verification" : "Device verification";
var sub = "from " + vlEsc(v.userId || "unknown");
if(v.type === "device" && v.deviceId) { sub += " &middot; device " + vlEsc(v.deviceId); }
else if(v.type === "room" && v.roomId) { sub += " &middot; in room " + vlEsc(v.roomId); }
if(v.isSelfVerification) { sub += " &middot; your own session"; }
$items.append($('<div class="matrix-vl-item">')
.attr("data-vid", v.verificationId)
.attr("data-seen", now - (v.ageMs || 0))
.attr("data-expires", (v.expiresInMs != null) ? (now + v.expiresInMs) : "")
.html('<div class="matrix-vl-item-l"><div class="matrix-vl-item-title">' + vlEsc(typeLabel) + '</div>'
+ '<div class="matrix-vl-item-sub">' + sub + '</div></div>'
+ '<div class="matrix-vl-item-r"><div class="matrix-vl-age"></div>'
+ '<div class="matrix-vl-exp"></div></div>'));
});
$("#matrix-vl-empty").toggle(!(data.verifications || []).length);
if(data.hidden > 0) {
$("#matrix-vl-more").text(data.hidden + " older request" + (data.hidden === 1 ? "" : "s") + " hidden.").show();
} else {
$("#matrix-vl-more").hide();
}
vlTick();
};
var vlLoadList = function() {
vlCall({ id: vlId(), action: "list" })
.done(vlRenderList)
.fail(function() { vlRenderList({ result: "error", message: "Request failed — is Node-RED still running?" }); });
};
var vlShowList = function() {
vlClearTimers();
$("#matrix-vl-overlay").data("vlConfirmed", false);
$("#matrix-vl-detailview").hide();
$("#matrix-vl-listview").show();
$("#matrix-vl-back,#matrix-vl-cancel").hide();
$("#matrix-vl-items").html('<div class="matrix-vl-empty">Loading…</div>');
$("#matrix-vl-empty,#matrix-vl-more").hide();
vlLoadList();
vlListTimer = setInterval(vlLoadList, 5000);
vlTickTimer = setInterval(vlTick, 1000);
};
var vlRenderSas = function(sas) {
var $sas = $("#matrix-vl-d-sas").empty();
if(sas.emoji && sas.emoji.length) {
sas.emoji.forEach(function(pair) {
$sas.append('<div class="matrix-vl-emoji"><div class="e">' + vlEsc(pair[0])
+ '</div><div class="n">' + vlEsc(pair[1]) + '</div></div>');
});
} else if(sas.decimal) {
$sas.append('<div style="font-size:24px;font-family:monospace;">' + vlEsc(sas.decimal.join(" ")) + '</div>');
}
};
var vlRenderDetail = function(v) {
var typeLabel = v.type === "room" ? "Room verification" : "Device verification";
var head = vlEsc(typeLabel);
if(v.userId) { head += " &mdash; " + vlEsc(v.userId); }
if(v.deviceId) { head += " (device " + vlEsc(v.deviceId) + ")"; }
$("#matrix-vl-d-head").html(head);
if(v.phase === "done") {
vlClearTimers();
vlState("fa-check-circle", "#3a9a4e", "<b>Verified.</b> This session is now verified.");
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
$("#matrix-vl-cancel").hide();
return;
}
if(v.phase === "cancelled") {
vlClearTimers();
var why = v.cancellationCode ? (" (" + vlEsc(v.cancellationCode) + ")") : "";
vlState("fa-times-circle", "#c9302c", "Verification was cancelled" + why + ".");
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
$("#matrix-vl-cancel").hide();
return;
}
if(v.phase === "gone") {
vlClearTimers();
vlState("fa-exclamation-triangle", "#888", "This verification is no longer available.");
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
$("#matrix-vl-cancel").hide();
return;
}
if($("#matrix-vl-overlay").data("vlConfirmed")) {
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
vlState("fa-spinner fa-spin", "#888", "Waiting for the other device to confirm…");
return;
}
if(v.sas && (v.sas.emoji || v.sas.decimal)) {
vlState("fa-key", "#d18a1b", "Compare these emoji with the other device, then choose below.");
vlRenderSas(v.sas);
$("#matrix-vl-d-sas,#matrix-vl-d-actions").show();
return;
}
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
vlState("fa-spinner fa-spin", "#888", "Waiting for the verification to start…");
};
var vlPollDetail = function() {
vlCall({ id: vlId(), action: "advance", verificationId: vlCurId() })
.done(function(data) {
if(data.result !== "ok") {
vlState("fa-exclamation-triangle", "#c9302c", vlEsc(data.message));
return;
}
vlRenderDetail(data.verification);
})
.fail(function() { vlState("fa-exclamation-triangle", "#c9302c", "Request failed — is Node-RED still running?"); });
};
var vlShowDetail = function(vid) {
vlClearTimers();
$("#matrix-vl-overlay").data("vlCurrentId", vid).data("vlConfirmed", false);
$("#matrix-vl-listview").hide();
$("#matrix-vl-detailview").show();
$("#matrix-vl-d-sas,#matrix-vl-d-actions,#matrix-vl-d-result").hide();
$("#matrix-vl-d-head").text("");
vlState("fa-spinner fa-spin", "#888", "Starting verification…");
$("#matrix-vl-back,#matrix-vl-cancel").show();
vlPollDetail();
vlDetailTimer = setInterval(vlPollDetail, 1500);
};
var vlClose = function() { vlClearTimers(); $("#matrix-vl-overlay").fadeOut(120); };
$("#matrix-vl-x,#matrix-vl-close").on("click", vlClose);
$("#matrix-vl-overlay").on("mousedown", function(e) { if(e.target === this) { vlClose(); } });
$(document).on("keydown.matrixvl", function(e) {
if(e.key === "Escape" && $("#matrix-vl-overlay").is(":visible")) { vlClose(); }
});
$("#matrix-vl-back").on("click", vlShowList);
$("#matrix-vl-items").on("click", ".matrix-vl-item", function() {
vlShowDetail($(this).attr("data-vid"));
});
$("#matrix-vl-cancel").on("click", function() {
vlCall({ id: vlId(), action: "cancel", verificationId: vlCurId() }).always(vlPollDetail);
});
$("#matrix-vl-d-confirm").on("click", function() {
$("#matrix-vl-overlay").data("vlConfirmed", true);
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
vlState("fa-spinner fa-spin", "#888", "Confirming…");
vlCall({ id: vlId(), action: "confirm", verificationId: vlCurId() })
.done(function(data) {
if(data.result !== "ok") {
$("#matrix-vl-overlay").data("vlConfirmed", false);
vlState("fa-exclamation-triangle", "#c9302c", vlEsc(data.message));
$("#matrix-vl-d-actions").show();
}
});
});
$("#matrix-vl-d-mismatch").on("click", function() {
$("#matrix-vl-d-actions").hide();
vlState("fa-spinner fa-spin", "#888", "Cancelling…");
vlCall({ id: vlId(), action: "mismatch", verificationId: vlCurId() }).always(vlPollDetail);
});
$("#matrix-vl-overlay").data("vlShowListFn", vlShowList);
$("#matrix-vl-overlay").data("vlShowDetailFn", vlShowDetail);
}
$("#matrix-verification-list-btn").on("click", function() {
$("#matrix-vl-overlay").data("matrixNodeId", nodeId).fadeIn(120);
$("#matrix-vl-overlay").data("vlShowListFn")();
});
// --- Sessions (modal) ---
// Built once and reused; the node id is stored on the overlay.
if (!document.getElementById("matrix-ss-overlay")) {
$('<style>'
+ '.matrix-ss-overlay{position:fixed;inset:0;z-index:3000;display:none;background:rgba(0,0,0,.45);}'
+ '.matrix-ss-modal{position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);'
+ 'width:560px;max-width:92vw;max-height:88vh;display:flex;flex-direction:column;'
+ 'border-radius:6px;overflow:hidden;box-shadow:0 12px 44px rgba(0,0,0,.45);'
+ 'background:var(--red-ui-primary-background,#fff);color:var(--red-ui-primary-text-color,#2a2a2a);}'
+ '.matrix-ss-head{display:flex;justify-content:space-between;align-items:center;'
+ 'padding:12px 16px;font-size:15px;font-weight:bold;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-bottom:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '.matrix-ss-x{cursor:pointer;font-size:20px;line-height:1;opacity:.55;}'
+ '.matrix-ss-x:hover{opacity:1;}'
+ '.matrix-ss-body{padding:14px 16px;overflow:auto;}'
+ '.matrix-ss-h{font-weight:bold;font-size:12px;text-transform:uppercase;'
+ 'letter-spacing:.04em;color:var(--red-ui-secondary-text-color,#888);margin:2px 0 8px;}'
+ '.matrix-ss-h.spaced{margin-top:20px;}'
+ '.matrix-ss-item{display:flex;align-items:center;gap:10px;padding:10px 12px;'
+ 'margin-bottom:8px;border-radius:5px;cursor:pointer;'
+ 'border:1px solid var(--red-ui-secondary-border-color,#ddd);'
+ 'background:var(--red-ui-secondary-background,#f7f7f7);}'
+ '.matrix-ss-item:hover{border-color:var(--red-ui-node-border,#999);}'
+ '.matrix-ss-item-l{flex:1;min-width:0;}'
+ '.matrix-ss-item-title{font-weight:bold;word-break:break-word;}'
+ '.matrix-ss-item-sub{font-size:12px;color:var(--red-ui-secondary-text-color,#888);'
+ 'margin-top:2px;word-break:break-word;}'
+ '.matrix-ss-shield{font-size:20px;width:22px;text-align:center;flex-shrink:0;}'
+ '.matrix-ss-box{display:flex;gap:10px;align-items:flex-start;margin:10px 0;'
+ 'padding:10px 12px;border-radius:4px;font-size:13px;line-height:1.45;}'
+ '.matrix-ss-box.ok{background:#e7f4ea;border:1px solid #8fcea5;color:#1e6b33;}'
+ '.matrix-ss-box.err{background:#fde7e9;border:1px solid #e8a0a8;color:#8a1f2b;}'
+ '.matrix-ss-box .fa{font-size:18px;margin-top:1px;}'
+ '.matrix-ss-details div{display:flex;font-size:13px;padding:5px 0;'
+ 'border-bottom:1px solid var(--red-ui-secondary-border-color,#eee);}'
+ '.matrix-ss-details .k{width:130px;flex-shrink:0;color:var(--red-ui-secondary-text-color,#888);}'
+ '.matrix-ss-details .v{word-break:break-all;}'
+ '.matrix-ss-empty,.matrix-ss-more{font-size:13px;'
+ 'color:var(--red-ui-secondary-text-color,#888);padding:6px 2px;}'
+ '.matrix-ss-removelink{color:#c9302c;cursor:pointer;font-weight:bold;}'
+ '.matrix-ss-result{margin-top:12px;padding:10px 12px;border-radius:4px;font-size:13px;}'
+ '.matrix-ss-result.ok{background:#e7f4ea;border:1px solid #8fcea5;color:#1e6b33;}'
+ '.matrix-ss-result.err{background:#fde7e9;border:1px solid #e8a0a8;color:#8a1f2b;}'
+ '.matrix-ss-foot{display:flex;align-items:center;gap:8px;padding:10px 16px;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-top:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '</style>').appendTo("head");
$('<div id="matrix-ss-overlay" class="matrix-ss-overlay"><div class="matrix-ss-modal">'
+ '<div class="matrix-ss-head"><span><i class="fa fa-desktop"></i> Sessions</span>'
+ '<span class="matrix-ss-x" id="matrix-ss-x" title="Close">&times;</span></div>'
+ '<div class="matrix-ss-body">'
+ '<div id="matrix-ss-listview">'
+ '<div class="matrix-ss-h">Current session</div>'
+ '<div id="matrix-ss-current"></div>'
+ '<div id="matrix-ss-currentmsg"></div>'
+ '<div class="matrix-ss-h spaced">Other sessions</div>'
+ '<div id="matrix-ss-others"></div>'
+ '<div id="matrix-ss-others-empty" class="matrix-ss-empty" style="display:none;">No other sessions.</div>'
+ '<div id="matrix-ss-more" class="matrix-ss-more" style="display:none;"></div>'
+ '</div>'
+ '<div id="matrix-ss-detailview" style="display:none;">'
+ '<div style="display:flex;justify-content:space-between;align-items:center;gap:10px;">'
+ '<div id="matrix-ss-d-name" style="font-size:15px;font-weight:bold;word-break:break-word;"></div>'
+ '<button type="button" class="red-ui-button" id="matrix-ss-d-rename">Rename</button></div>'
+ '<div id="matrix-ss-d-status"></div>'
+ '<div class="matrix-ss-h spaced">Session details</div>'
+ '<div id="matrix-ss-d-details" class="matrix-ss-details"></div>'
+ '<div id="matrix-ss-d-verifywrap" style="display:none;margin-top:14px;">'
+ '<button type="button" class="red-ui-button" id="matrix-ss-d-verify">Verify this session</button></div>'
+ '<div id="matrix-ss-d-removewrap" style="display:none;margin-top:16px;">'
+ '<span class="matrix-ss-removelink" id="matrix-ss-d-removelink">Remove this session</span>'
+ '<div id="matrix-ss-d-removeconfirm" style="display:none;margin-top:8px;">'
+ '<div style="background:#fdf3e7;border:1px solid #f0c36d;color:#7a5b16;border-radius:4px;'
+ 'padding:8px 10px;font-size:13px;margin-bottom:8px;">Removing a session signs it out. '
+ 'Enter the account password to confirm.</div>'
+ '<input type="password" id="matrix-ss-d-password" placeholder="Account password" '
+ 'style="width:100%;box-sizing:border-box;padding:7px 9px;border-radius:4px;'
+ 'border:1px solid var(--red-ui-form-input-border-color,#ccc);'
+ 'background:var(--red-ui-form-input-background,#fff);color:var(--red-ui-primary-text-color,#2a2a2a);">'
+ '<div style="text-align:right;margin-top:8px;"><button type="button" class="red-ui-button" '
+ 'id="matrix-ss-d-removeconfirmbtn">Confirm removal</button></div>'
+ '</div></div>'
+ '<div id="matrix-ss-d-result" class="matrix-ss-result" style="display:none;"></div>'
+ '</div>'
+ '</div>'
+ '<div class="matrix-ss-foot">'
+ '<button type="button" class="red-ui-button" id="matrix-ss-back" style="display:none;">&larr; Back</button>'
+ '<span style="flex:1;"></span>'
+ '<button type="button" class="red-ui-button" id="matrix-ss-close">Close</button>'
+ '</div></div></div>').appendTo(document.body);
var ssEsc = function(s) { return $("<div>").text(s == null ? "" : String(s)).html(); };
var ssId = function() { return $("#matrix-ss-overlay").data("matrixNodeId"); };
var ssCall = function(body) {
return $.ajax({
url: "matrix-chat/sessions", type: "POST",
contentType: "application/json", data: JSON.stringify(body),
});
};
var ssRelative = function(ts) {
if(!ts) { return "activity unknown"; }
var days = Math.floor((Date.now() - ts) / 86400000);
if(days <= 0) { return "active today"; }
if(days === 1) { return "active yesterday"; }
if(days < 90) { return "active " + days + " days ago"; }
return "inactive for 90+ days";
};
var ssFullDate = function(ts) {
return ts ? new Date(ts).toLocaleString() : "unknown";
};
var ssShield = function(verified) {
return '<i class="fa fa-shield matrix-ss-shield" style="color:'
+ (verified ? '#3a9a4e' : '#c9302c') + ';" title="'
+ (verified ? 'Verified' : 'Not verified') + '"></i>';
};
var ssCard = function(d, isCurrent) {
var sub = (d.verified ? 'Verified' : 'Not verified')
+ ' · ' + ssRelative(d.lastSeenTs)
+ (d.lastSeenIp ? (' · ' + d.lastSeenIp) : '');
return $('<div class="matrix-ss-item">')
.data("device", d).data("isCurrent", isCurrent)
.html(ssShield(d.verified)
+ '<div class="matrix-ss-item-l"><div class="matrix-ss-item-title">'
+ ssEsc(d.displayName || d.deviceId) + '</div>'
+ '<div class="matrix-ss-item-sub">' + ssEsc(sub) + '</div></div>'
+ '<i class="fa fa-angle-right" style="opacity:.5;"></i>');
};
var ssResult = function(ok, text) {
$("#matrix-ss-d-result").removeClass("ok err").addClass(ok ? "ok" : "err").text(text).show();
};
var ssRenderList = function(data) {
if(data.result !== "ok") {
$("#matrix-ss-current").html('<div class="matrix-ss-empty">' + ssEsc(data.message) + '</div>');
$("#matrix-ss-currentmsg,#matrix-ss-others").empty();
$("#matrix-ss-others-empty,#matrix-ss-more").hide();
return;
}
$("#matrix-ss-current").empty().append(ssCard(data.current, true));
$("#matrix-ss-currentmsg").html(data.current.verified
? '<div class="matrix-ss-box ok"><i class="fa fa-shield"></i><div><b>Verified session</b><br>'
+ 'This session is cross-signed and ready for secure messaging.</div></div>'
: '<div class="matrix-ss-box err"><i class="fa fa-shield"></i><div><b>Not verified</b><br>'
+ 'This session is not cross-signed. Use the Set up secure backup &amp; cross-signing '
+ 'button to verify it.</div></div>');
var $others = $("#matrix-ss-others").empty();
(data.others || []).forEach(function(d) { $others.append(ssCard(d, false)); });
$("#matrix-ss-others-empty").toggle(!(data.others || []).length);
if(data.hidden > 0) {
$("#matrix-ss-more").text(data.hidden + " more session" + (data.hidden === 1 ? "" : "s") + " hidden.").show();
} else {
$("#matrix-ss-more").hide();
}
};
var ssShowList = function() {
$("#matrix-ss-detailview").hide();
$("#matrix-ss-listview").show();
$("#matrix-ss-back").hide();
$("#matrix-ss-current").html('<div class="matrix-ss-empty">Loading…</div>');
$("#matrix-ss-currentmsg,#matrix-ss-others").empty();
$("#matrix-ss-others-empty,#matrix-ss-more").hide();
ssCall({ id: ssId(), action: "list" })
.done(ssRenderList)
.fail(function() { ssRenderList({ result: "error", message: "Request failed — is Node-RED still running?" }); });
};
var ssDetailRow = function(k, v) {
return '<div><span class="k">' + ssEsc(k) + '</span><span class="v">' + ssEsc(v) + '</span></div>';
};
var ssShowDetail = function(d, isCurrent) {
$("#matrix-ss-overlay").data("ssDevice", d).data("ssIsCurrent", isCurrent);
$("#matrix-ss-listview").hide();
$("#matrix-ss-detailview").show();
$("#matrix-ss-back").show();
$("#matrix-ss-d-result,#matrix-ss-d-removeconfirm").hide();
$("#matrix-ss-d-name").text(d.displayName || d.deviceId);
$("#matrix-ss-d-status").html(d.verified
? '<div class="matrix-ss-box ok"><i class="fa fa-shield"></i><div><b>Verified session</b><br>'
+ 'This session is ready for secure messaging.</div></div>'
: '<div class="matrix-ss-box err"><i class="fa fa-shield"></i><div><b>Not verified</b><br>'
+ (isCurrent
? 'This session is not cross-signed. Use the Set up secure backup &amp; cross-signing button to verify it.'
: 'Verify this session to confirm it is trusted.')
+ '</div></div>');
$("#matrix-ss-d-details").html(
ssDetailRow("Session ID", d.deviceId)
+ ssDetailRow("Last activity", ssFullDate(d.lastSeenTs))
+ ssDetailRow("IP address", d.lastSeenIp || "unknown"));
$("#matrix-ss-d-verifywrap").toggle(!isCurrent && !d.verified);
$("#matrix-ss-d-removewrap").toggle(!isCurrent);
};
var ssClose = function() { $("#matrix-ss-overlay").fadeOut(120); };
$("#matrix-ss-x,#matrix-ss-close").on("click", ssClose);
$("#matrix-ss-overlay").on("mousedown", function(e) { if(e.target === this) { ssClose(); } });
$(document).on("keydown.matrixss", function(e) {
if(e.key === "Escape" && $("#matrix-ss-overlay").is(":visible")) { ssClose(); }
});
$("#matrix-ss-back").on("click", ssShowList);
$("#matrix-ss-current,#matrix-ss-others").on("click", ".matrix-ss-item", function() {
ssShowDetail($(this).data("device"), $(this).data("isCurrent"));
});
$("#matrix-ss-d-rename").on("click", function() {
var d = $("#matrix-ss-overlay").data("ssDevice");
var name = prompt("Session display name:", d.displayName || "");
if(name === null) { return; }
ssCall({ id: ssId(), action: "rename", deviceId: d.deviceId, displayName: name })
.done(function(r) {
if(r.result !== "ok") { ssResult(false, r.message); return; }
d.displayName = name;
$("#matrix-ss-d-name").text(name || d.deviceId);
ssResult(true, "Session renamed.");
})
.fail(function() { ssResult(false, "Request failed."); });
});
$("#matrix-ss-d-verify").on("click", function() {
var d = $("#matrix-ss-overlay").data("ssDevice");
$("#matrix-ss-d-result").removeClass("ok err").html('<i class="fa fa-spinner fa-spin"></i> Starting verification…').show();
ssCall({ id: ssId(), action: "verify", deviceId: d.deviceId })
.done(function(r) {
if(r.result !== "ok" || !r.verificationId) {
ssResult(false, r.message || "Could not start verification.");
return;
}
// hand off to the verification modal's detail view
$("#matrix-ss-overlay").fadeOut(120);
$("#matrix-vl-overlay").data("matrixNodeId", ssId()).fadeIn(120);
$("#matrix-vl-overlay").data("vlShowDetailFn")(r.verificationId);
})
.fail(function() { ssResult(false, "Request failed."); });
});
$("#matrix-ss-d-removelink").on("click", function() {
$("#matrix-ss-d-password").val("");
$("#matrix-ss-d-removeconfirm").show();
});
$("#matrix-ss-d-removeconfirmbtn").on("click", function() {
var d = $("#matrix-ss-overlay").data("ssDevice");
$("#matrix-ss-d-result").removeClass("ok err").html('<i class="fa fa-spinner fa-spin"></i> Removing session…').show();
ssCall({ id: ssId(), action: "remove", deviceId: d.deviceId, password: $("#matrix-ss-d-password").val() })
.done(function(r) {
if(r.result !== "ok") { ssResult(false, r.message); return; }
ssShowList();
})
.fail(function() { ssResult(false, "Request failed."); });
});
$("#matrix-ss-overlay").data("ssShowListFn", ssShowList);
}
$("#matrix-sessions-btn").on("click", function() {
$("#matrix-ss-overlay").data("matrixNodeId", nodeId).fadeIn(120);
$("#matrix-ss-overlay").data("ssShowListFn")();
});
// --- Login: fetch a fresh access token & device id ---
$("#matrix-login-btn").on("click", function() {
function prettyPrintJson(json) {
try { return typeof json === 'object' ? JSON.stringify(json, null, 2) : json; }
catch (error) { return json; }
}
let userId = $("#node-config-input-userId").val(),
userPassword = $("#node-config-input-password").val(),
serverUrl = $("#node-config-input-url").val();
if (!userId) { alert("User ID is required to fetch access token."); return; }
if (!userPassword) { alert("Password is required to fetch access token."); return; }
if (!serverUrl) { alert("Server URL is required to fetch access token."); return; }
$("#matrix-login-btn, #matrix-chat-login-error, #matrix-chat-login-success").hide();
$("#matrix-access-token-loader").show();
$.ajax({
type: 'POST',
url: 'matrix-chat/login',
dataType: 'json',
data: {
'userId': userId,
'password': userPassword,
'baseUrl': serverUrl,
'displayName': $("#node-config-input-deviceLabel").val(),
}
}).then(
function(data) {
if (data.result && data.result === 'ok') {
$("#matrix-chat-login-error").hide();
$("#matrix-chat-login-success")
.html("Login Successful! Auth Token and Device ID have been set below.")
.show();
$("#node-config-input-accessToken").val(data.token);
$("#node-config-input-deviceId").val(data.device_id);
} else if (data.result && data.result === 'error') {
$("#matrix-chat-login-success").hide();
$("#matrix-chat-login-error")
.html(data.message ? ('Failed to login: <br />' + prettyPrintJson(data.message)) : 'Failed to login')
.show();
}
$("#matrix-login-btn").show();
$("#matrix-access-token-loader").hide();
},
function() {
$("#matrix-chat-login-success").hide();
$("#matrix-chat-login-error")
.html("Failed to login due to server error communicating with Node-RED")
.show();
$("#matrix-login-btn").show();
$("#matrix-access-token-loader").hide();
}
);
});
}
});
</script>
@@ -72,7 +820,10 @@
<input type="password" placeholder="" id="node-config-input-password">
</div>
<div class="form-tips" style="margin-bottom: 12px;">
Password is never saved and is only used to fetch an access token using the button below.
Optional. Used to fetch an access token with the button below, and &mdash; if you
enable cross-signing &mdash; as a fallback when the homeserver requires the account
password to upload signing keys. If set, it is stored (encrypted) with the node's
credentials. Leave blank if you only want to use an access token.
</div>
<pre class="form-tips" id="matrix-chat-login-error" style="color: #721c24;background-color: #f8d7da;border-color: #f5c6cb;margin-bottom: 12px;display:none;"></pre>
<pre class="form-tips" id="matrix-chat-login-success" style="color: #155724;background-color: #d4edda;border-color: #c3e6cb;margin-bottom: 12px;display:none;"></pre>
@@ -145,88 +896,73 @@
Allow sending messages to a room with unknown devices which have not been verified.
</div>
</div>
<script type="text/javascript">
$("#matrix-login-btn").on("click", function() {
function prettyPrintJson(json) {
try{
return typeof json === 'object' ? JSON.stringify(json, null, 2) : json;
}
catch (error){
return json;
}
}
let userId = $("#node-config-input-userId").val(),
userPassword = $("#node-config-input-password").val(),
serverUrl = $("#node-config-input-url").val();
<div class="form-row">
<label><i class="fa fa-shield"></i> Secure Backup</label>
<button type="button" class="red-ui-button" id="matrix-secure-backup-btn">Set up secure backup &amp; cross-signing</button>
</div>
<div class="form-tips" style="margin-bottom: 12px;">
Sets up cross-signing so the bot's own device shows as verified. The server
configuration must be deployed and connected first.
</div>
if(!userId) {
alert("User ID is required to fetch access token.");
return;
}
if(!userPassword) {
alert("Password is required to fetch access token.");
return;
}
if(!serverUrl) {
alert("Server URL is required to fetch access token.");
return;
}
<div class="form-row">
<label><i class="fa fa-check-circle"></i> Verification</label>
<button type="button" class="red-ui-button" id="matrix-verification-list-btn">Pending verification requests</button>
</div>
<div class="form-tips" style="margin-bottom: 12px;">
Review and complete incoming device verification requests without building a flow.
The server configuration must be deployed and connected first.
</div>
$("#matrix-login-btn, #matrix-chat-login-error, #matrix-chat-login-success").hide();
$("#matrix-access-token-loader").show();
$.ajax({
type: 'POST',
url: 'matrix-chat/login',
dataType: 'json',
data: {
'userId': userId,
'password': userPassword,
'baseUrl': serverUrl,
'displayName': $("#node-config-input-deviceLabel").val(),
}
}).then(
function(data) {
if(data.result && data.result === 'ok') {
$("#matrix-chat-login-error").hide();
$("#matrix-chat-login-success")
.html("Login Successful! Auth Token and Device ID have been set below.")
.show();
$("#node-config-input-accessToken").val(data.token);
$("#node-config-input-deviceId").val(data.device_id);
} else if(data.result && data.result === 'error') {
$("#matrix-chat-login-success").hide();
$("#matrix-chat-login-error")
.html(data.message ? ('Failed to login: <br />' + prettyPrintJson(data.message)) : 'Failed to login')
.show();
}
$("#matrix-login-btn").show();
$("#matrix-access-token-loader").hide();
}, function() {
$("#matrix-chat-login-success").hide();
$("#matrix-chat-login-error")
.html("Failed to login due to server error communicating with Node-RED")
.show();
$("#matrix-login-btn").show();
$("#matrix-access-token-loader").hide();
}
);
});
</script>
<div class="form-row">
<label><i class="fa fa-desktop"></i> Sessions</label>
<button type="button" class="red-ui-button" id="matrix-sessions-btn">Manage sessions</button>
</div>
<div class="form-tips" style="margin-bottom: 12px;">
View the account's logged-in sessions, verify them, or remove ones you don't recognize.
The server configuration must be deployed and connected first.
</div>
</script>
<script type="text/html" data-help-name="matrix-server-config">
<h3>Details</h3>
<p>Matrix client connection configuration</p>
<h3>Server URL</h3>
<p>
The URL of your homeserver. You can enter either the homeserver URL directly
(e.g. <code>https://matrix.example.org</code>) or the delegating domain
(e.g. <code>https://example.org</code>) &mdash; in the latter case the real
homeserver is resolved automatically via <code>.well-known</code> discovery.
</p>
<h3>Setting up an account</h3>
<div>
<p>
You need an account for your client to use. If you are going to be using End-to-End Encryption you should generate the bot and only use it within Node-RED otherwise if you have other clients connected on the same user it could cause problems with e2ee (key sharing is currently not supported).
You need an account for your client to use. For End-to-End Encryption it is simplest to dedicate the account to the bot and run it only within Node-RED. The account may also be signed in on other clients &mdash; if so, verify those sessions against the bot (see <em>Cross-signing &amp; secure backup</em> below) so they trust each other and share keys.
</p>
<p>If you have access to the server directly you can use Shared Secret Registration as described <a href="https://github.com/Skylar-Tech/node-red-contrib-matrix-chat/tree/master/examples#create-user-with-shared-secret-registration" target="_blank" style="text-decoration: underline;">here</a>.</p>
<p>If this is a server you do not administrate/have access to follow these instructions:</p>
<ol><li>In a private/incognito browser window, open Element.</li><li>Log in to the account you want to get the access token for, such as the bot's account. <strong>Do not setup key storage</strong>.</li><li>Click on the bot's name in the top left corner then "Settings".</li><li>(Optional) Set your bot's display name and avatar.</li><li>Click the "Help &amp; About" tab (left side of the dialog).</li><li>Scroll to the bottom and click the <code>&lt;click to reveal&gt;</code> part of <code>Access Token: &lt;click to reveal&gt;</code>.</li><li>Copy your access token to a safe place, like the bot's configuration file.</li><li><strong>Do not log out.</strong> Instead, just close the window. If you used a private browsing session, you should be able to still use Element for your own account. Logging out deletes the access token from the server, making the bot unable to use it.</li></ol>
<ol><li>In a private/incognito browser window, open Element.</li><li>Log in to the account you want to get the access token for, such as the bot's account.</li><li>Click on the bot's name in the top left corner then "Settings".</li><li>(Optional) Set your bot's display name and avatar.</li><li>Click the "Help &amp; About" tab (left side of the dialog).</li><li>Scroll to the bottom and click the <code>&lt;click to reveal&gt;</code> part of <code>Access Token: &lt;click to reveal&gt;</code>.</li><li>Copy your access token to a safe place, like the bot's configuration file.</li><li><strong>Do not log out.</strong> Instead, just close the window. If you used a private browsing session, you should be able to still use Element for your own account. Logging out deletes the access token from the server, making the bot unable to use it.</li></ol>
</div>
<h3>Cross-signing &amp; secure backup</h3>
<div>
<p>
Use the <strong>Set up secure backup &amp; cross-signing</strong> button to set up
cross-signing so the bot's own device is verified. The server configuration must be
deployed and connected first; the button then checks the account and, interactively:
</p>
<ul>
<li>if the account already has a secure backup, lets you <strong>unlock</strong> it with its recovery key (or passphrase) and set up cross-signing for the bot;</li>
<li>otherwise (or on request) lets you <strong>reset</strong> cross-signing and secure backup, creating a new recovery key &mdash; this needs the account password.</li>
</ul>
<p>
To verify other devices interactively (SAS emoji), use the <code>matrix-verification</code>
node to receive verification requests and <code>matrix-verification-action</code> to
accept, start, confirm or cancel them. This lets you build your own approval flow
(for example emailing the emoji for a human to confirm).
</p>
</div>
</script>
src/matrix-server-config.js
+752 -87
View File
File diff suppressed because it is too large Load Diff
src/matrix-verification-action.html
+126
View File
@@ -0,0 +1,126 @@
<script type="text/javascript">
RED.nodes.registerType('matrix-verification-action',{
category: 'matrix',
color: '#00b7ca',
icon: "matrix.png",
inputs: 1,
outputs: 2,
outputLabels: ["success", "error"],
align: 'right',
defaults: {
name: { value: null },
server: { type: "matrix-server-config" },
mode: { value: "accept" }
},
label: function() {
const labels = {
request: "Request verification",
accept: "Accept verification",
start: "Start SAS verification",
confirm: "Confirm SAS",
mismatch: "Reject SAS (mismatch)",
cancel: "Cancel verification"
};
return this.name || labels[this.mode] || "Verification Action";
},
paletteLabel: 'Verification Action'
});
</script>
<script type="text/html" data-template-name="matrix-verification-action">
<div class="form-row">
<label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
<input type="text" id="node-input-name" placeholder="Name">
</div>
<div class="form-row">
<label for="node-input-server"><i class="fa fa-user"></i> Matrix Server Config</label>
<input type="text" id="node-input-server">
</div>
<div class="form-row">
<label for="node-input-mode"><i class="fa fa-shield"></i> Action</label>
<select id="node-input-mode">
<option value="request">Request verification</option>
<option value="accept">Accept verification</option>
<option value="start">Start SAS verification</option>
<option value="confirm">Confirm SAS</option>
<option value="mismatch">Reject SAS (mismatch)</option>
<option value="cancel">Cancel verification</option>
</select>
</div>
<div class="form-tips" style="margin-bottom: 12px;">
The action can also be overridden per message with <code>msg.mode</code>.
</div>
</script>
<script type="text/html" data-help-name="matrix-verification-action">
<h3>Details</h3>
<p>Acts on a Matrix device verification: request, accept, start, confirm or cancel it.</p>
<p>
This is the action counterpart to the <code>matrix-verification</code> node. The
<b>Action</b> set on the node decides what it does; it can also be overridden per
message with <code>msg.mode</code>. Every action except <b>Request verification</b>
operates on an existing verification identified by <code>msg.verificationId</code>
(as emitted by the <code>matrix-verification</code> node).
</p>
<p>
A typical SAS (emoji) flow: receive a <code>requested</code> event &rarr;
<b>Accept</b> &rarr; <b>Start SAS</b> &rarr; receive the <code>sas</code> event with
the emoji &rarr; have a human confirm &rarr; <b>Confirm SAS</b>.
</p>
<h3>Actions</h3>
<dl class="message-properties">
<dt>Request verification</dt>
<dd>Starts a new verification. With <code>msg.userId</code> + <code>msg.deviceId</code> it verifies a specific device; with <code>msg.userId</code> + <code>msg.topic</code> it verifies a user in that DM room; with neither it verifies the bot's own other devices.</dd>
<dt>Accept verification</dt>
<dd>Accepts an incoming verification request (moves it to the <code>ready</code> phase).</dd>
<dt>Start SAS verification</dt>
<dd>Begins SAS (emoji) verification. The emoji/decimal are delivered through the <code>matrix-verification</code> node as a <code>sas</code> phase event.</dd>
<dt>Confirm SAS</dt>
<dd>Confirms that the SAS emoji/decimal match. Call this once a human has verified the emoji.</dd>
<dt>Reject SAS (mismatch)</dt>
<dd>Declares that the SAS does not match, cancelling the verification.</dd>
<dt>Cancel verification</dt>
<dd>Cancels the verification request.</dd>
</dl>
<h3>Inputs</h3>
<dl class="message-properties">
<dt class="optional">msg.mode <span class="property-type">string</span></dt>
<dd>optional. Overrides the node's configured Action. One of <code>request</code>, <code>accept</code>, <code>start</code>, <code>confirm</code>, <code>mismatch</code>, <code>cancel</code>.</dd>
<dt>msg.verificationId <span class="property-type">string</span></dt>
<dd>required for every action except <code>request</code>. The id of the verification to act on, from the <code>matrix-verification</code> node.</dd>
<dt class="optional">msg.userId <span class="property-type">string</span></dt>
<dd>used by <code>request</code>: the user to verify.</dd>
<dt class="optional">msg.deviceId <span class="property-type">string</span></dt>
<dd>used by <code>request</code>: the specific device to verify (to-device verification).</dd>
<dt class="optional">msg.topic <span class="property-type">string</span></dt>
<dd>used by <code>request</code>: a DM room id, to verify a user in-room.</dd>
</dl>
<h3>Outputs</h3>
<ol class="node-ports">
<li>Success
<dl class="message-properties">
<dt>msg.verificationId <span class="property-type">string</span></dt>
<dd>the id of the verification that was acted on (or created, for <code>request</code>).</dd>
</dl>
</li>
<li>Error
<dl class="message-properties">
<dt>msg.error <span class="property-type">string</span></dt>
<dd>the error that occurred.</dd>
</dl>
</li>
</ol>
</script>
src/matrix-verification-action.js
+139
View File
@@ -0,0 +1,139 @@
module.exports = function(RED) {
function MatrixVerificationAction(n) {
RED.nodes.createNode(this, n);
let node = this;
this.name = n.name;
this.server = RED.nodes.getNode(n.server);
this.mode = n.mode || "accept";
node.status({ fill: "red", shape: "ring", text: "disconnected" });
if (!node.server) {
node.error("No configuration node");
return;
}
node.server.register(node);
node.server.on("disconnected", function() {
node.status({ fill: "red", shape: "ring", text: "disconnected" });
});
node.server.on("connected", function() {
node.status({ fill: "green", shape: "ring", text: "connected" });
});
node.on("input", async function(msg) {
if (!node.server || !node.server.matrixClient) {
msg.error = "No matrix server selected";
node.error(msg.error, msg);
node.send([null, msg]);
return;
}
if (!node.server.isConnected()) {
msg.error = "Matrix server connection is currently closed";
node.error(msg.error, msg);
node.send([null, msg]);
return;
}
const crypto = node.server.matrixClient.getCrypto();
if (!crypto) {
msg.error = "End-to-end encryption is not enabled on the Matrix server config";
node.error(msg.error, msg);
node.send([null, msg]);
return;
}
// msg.mode overrides the node's configured mode if provided
const mode = msg.mode || node.mode;
try {
if (mode === "request") {
// Start a new verification request.
// - msg.userId + msg.deviceId : verify a specific device (to-device)
// - msg.userId + msg.topic : verify a user in a DM room
// - otherwise : verify our own other devices
let request;
if (msg.userId && msg.deviceId) {
request = await crypto.requestDeviceVerification(msg.userId, msg.deviceId);
} else if (msg.userId && msg.topic) {
request = await crypto.requestVerificationDM(msg.userId, msg.topic);
} else {
request = await crypto.requestOwnUserVerification();
}
if (typeof node.server.trackVerificationRequest === "function") {
node.server.trackVerificationRequest(request);
}
msg.verificationId = request.transactionId;
node.send([msg, null]);
return;
}
// Every other mode acts on an existing tracked request.
const request = node.server.verificationRequests.get(msg.verificationId);
if (!request) {
throw new Error(`No active verification found for msg.verificationId '${msg.verificationId}'`);
}
switch (mode) {
case "accept":
await request.accept();
break;
case "start": {
// Begin SAS (emoji) verification. The SAS emoji is delivered
// through the matrix-verification node when it becomes ready.
let verifier = request.verifier;
if (!verifier) {
verifier = await request.startVerification("m.sas.v1");
}
verifier.verify().catch(function(e) {
node.warn("Verification ended: " + e);
});
break;
}
case "confirm": {
const sas = node.server.verificationSas.get(msg.verificationId);
if (!sas) {
throw new Error("This verification has no SAS awaiting confirmation");
}
await sas.confirm();
break;
}
case "mismatch": {
const sas = node.server.verificationSas.get(msg.verificationId);
if (!sas) {
throw new Error("This verification has no SAS awaiting confirmation");
}
sas.mismatch();
break;
}
case "cancel":
await request.cancel();
break;
default:
throw new Error("Unknown verification action mode: " + mode);
}
msg.verificationId = request.transactionId;
node.send([msg, null]);
} catch (e) {
msg.error = String(e && e.message || e);
node.error("Verification action failed: " + msg.error, msg);
node.send([null, msg]);
}
});
node.on("close", function() {
node.server.deregister(node);
});
}
RED.nodes.registerType("matrix-verification-action", MatrixVerificationAction);
}
src/matrix-verification.html
+199
View File
@@ -0,0 +1,199 @@
<script type="text/javascript">
RED.nodes.registerType('matrix-verification',{
category: 'matrix',
color: '#00b7ca',
icon: "matrix.png",
inputs: 0,
outputs: 1,
defaults: {
name: { value: null },
server: { type: "matrix-server-config" },
phaseRequested: { value: true },
phaseReady: { value: true },
phaseStarted: { value: true },
phaseSas: { value: true },
phaseDone: { value: true },
phaseCancelled: { value: true },
initiatedBy: { value: "any" },
verificationType: { value: "any" },
selfVerification: { value: "any" },
userFilter: { value: "" },
roomFilter: { value: "" }
},
label: function() {
return this.name || "Verification";
},
paletteLabel: 'Verification'
});
</script>
<script type="text/html" data-template-name="matrix-verification">
<div class="form-row">
<label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
<input type="text" id="node-input-name" placeholder="Name">
</div>
<div class="form-row">
<label for="node-input-server"><i class="fa fa-server"></i> Matrix Server</label>
<input type="text" id="node-input-server">
</div>
<div class="form-row" style="margin-left: 100px;margin-top:10px;font-weight:bold;">
Phase filter
</div>
<div class="form-tips" style="margin-bottom:6px;">Emit only the ticked phases.</div>
<div class="form-row" style="margin-bottom:0;">
<input type="checkbox" id="node-input-phaseRequested" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseRequested" style="width:auto">requested</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input type="checkbox" id="node-input-phaseReady" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseReady" style="width:auto">ready</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input type="checkbox" id="node-input-phaseStarted" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseStarted" style="width:auto">started</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input type="checkbox" id="node-input-phaseSas" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseSas" style="width:auto">sas (emoji ready to confirm)</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input type="checkbox" id="node-input-phaseDone" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseDone" style="width:auto">done</label>
</div>
<div class="form-row">
<input type="checkbox" id="node-input-phaseCancelled" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseCancelled" style="width:auto">cancelled</label>
</div>
<div class="form-row">
<label for="node-input-initiatedBy"><i class="fa fa-filter"></i> Initiated by</label>
<select id="node-input-initiatedBy">
<option value="any">Any</option>
<option value="me">Me (the bot started it)</option>
<option value="notme">Not me (the other party)</option>
</select>
</div>
<div class="form-row">
<label for="node-input-verificationType"><i class="fa fa-filter"></i> Type</label>
<select id="node-input-verificationType">
<option value="any">Any</option>
<option value="room">Room (in-room / DM)</option>
<option value="device">Device (to-device)</option>
</select>
</div>
<div class="form-row">
<label for="node-input-selfVerification"><i class="fa fa-filter"></i> Self-verify</label>
<select id="node-input-selfVerification">
<option value="any">Any</option>
<option value="self">Self only (bot's own devices)</option>
<option value="others">Others only (other users)</option>
</select>
</div>
<div class="form-row">
<label for="node-input-userFilter"><i class="fa fa-user"></i> User IDs</label>
<input type="text" id="node-input-userFilter" placeholder="@alice:example.org, @bob:example.org">
</div>
<div class="form-tips" style="margin-bottom:12px;">User ID allowlist - only emit verifications involving these users. Comma separated, or blank for any.</div>
<div class="form-row">
<label for="node-input-roomFilter"><i class="fa fa-comments"></i> Room IDs</label>
<input type="text" id="node-input-roomFilter" placeholder="!room:example.org, !other:example.org">
</div>
<div class="form-tips" style="margin-bottom:12px;">Restrict room verifications to these rooms. Comma separated, or blank for any. Device verifications are not affected.</div>
</script>
<script type="text/html" data-help-name="matrix-verification">
<h3>Details</h3>
<p>Emits a message when a device verification request is received or changes phase.</p>
<p>
This node is the event source for device verification. It outputs a message every
time a verification request is created (either incoming, or started with the
<code>matrix-verification-action</code> node) and again on every phase change. Use
it together with <code>matrix-verification-action</code> to build your own approval
flow &mdash; for example, emailing the SAS emoji to a human for confirmation.
</p>
<p>
Each message carries a <code>msg.verificationId</code> which is the handle you pass
to <code>matrix-verification-action</code> to act on that verification.
</p>
<h3>Filters</h3>
<p>
All filters are applied on the node so you don't need <code>switch</code> nodes
downstream. They AND-combine, and each defaults to passing everything.
</p>
<dl class="message-properties">
<dt>Phase filter</dt>
<dd>Emits only the ticked phases (<code>requested</code>, <code>ready</code>, <code>started</code>, <code>sas</code>, <code>done</code>, <code>cancelled</code>). All ticked = emit every phase.</dd>
<dt>Initiated by</dt>
<dd><code>Any</code>, <code>Me</code> (only verifications the bot started), or <code>Not me</code> (only verifications started by the other party).</dd>
<dt>Type</dt>
<dd><code>Any</code>, <code>Room</code> (in-room / DM verifications), or <code>Device</code> (to-device verifications).</dd>
<dt>Self-verify</dt>
<dd><code>Any</code>, <code>Self only</code> (the other party is another of the bot's own devices), or <code>Others only</code> (a different user).</dd>
<dt>User IDs</dt>
<dd>Allowlist of user IDs (comma separated). When set, only verifications involving one of these users are emitted. Blank = any user.</dd>
<dt>Room IDs</dt>
<dd>Comma separated room IDs. When set, room verifications are restricted to these rooms. Device verifications have no room and are not affected by this filter. Blank = any room.</dd>
</dl>
<h3>Outputs</h3>
<dl class="message-properties">
<dt>msg.verificationId <span class="property-type">string</span></dt>
<dd>unique id of the verification. Pass this as <code>msg.verificationId</code> to the <code>matrix-verification-action</code> node.</dd>
<dt>msg.phase <span class="property-type">string</span></dt>
<dd>
current phase of the verification, one of:
<code>requested</code> (a request was received/sent),
<code>ready</code> (the request was accepted),
<code>started</code> (a method was chosen),
<code>sas</code> (SAS emoji/decimal are ready to confirm &mdash; see <code>msg.sas</code>),
<code>done</code> (verification completed),
<code>cancelled</code> (verification cancelled).
</dd>
<dt>msg.payload <span class="property-type">string</span></dt>
<dd>same value as <code>msg.phase</code>, for convenience.</dd>
<dt>msg.userId <span class="property-type">string</span></dt>
<dd>the user id of the other party in the verification.</dd>
<dt>msg.deviceId <span class="property-type">string | null</span></dt>
<dd>the other party's device id, for to-device verifications. <code>null</code> for in-room verifications.</dd>
<dt>msg.topic <span class="property-type">string | null</span></dt>
<dd>the room id, for in-room (DM) verifications. <code>null</code> for to-device verifications.</dd>
<dt>msg.sas <span class="property-type">object</span></dt>
<dd>
present only when <code>msg.phase</code> is <code>sas</code>. Contains
<code>emoji</code> (an array of <code>[emoji, name]</code> pairs) and
<code>decimal</code> (an array of three numbers). One or both may be
populated depending on what was negotiated.
</dd>
<dt>msg.isSelfVerification <span class="property-type">boolean</span></dt>
<dd><code>true</code> if the other party is another device of the bot's own account.</dd>
<dt>msg.initiatedByMe <span class="property-type">boolean</span></dt>
<dd><code>true</code> if this verification was started by the bot.</dd>
<dt>msg.chosenMethod <span class="property-type">string | null</span></dt>
<dd>the verification method that was chosen (e.g. <code>m.sas.v1</code>), once one has been picked; <code>null</code> before then.</dd>
<dt>msg.cancellationCode <span class="property-type">string | null</span></dt>
<dd>present when <code>msg.phase</code> is <code>cancelled</code>; the reason code (e.g. <code>m.user</code>).</dd>
</dl>
<h3>References</h3>
<ul>
<li><a href="https://spec.matrix.org/latest/client-server-api/#device-verification">Matrix spec</a> - device verification</li>
</ul>
</script>
src/matrix-verification.js
+113
View File
@@ -0,0 +1,113 @@
module.exports = function(RED) {
function MatrixVerification(n) {
RED.nodes.createNode(this, n);
let node = this;
this.name = n.name;
this.server = RED.nodes.getNode(n.server);
// Phase filter - emit only the ticked phases. Undefined (config saved
// before these options existed) is treated as ticked, so old nodes
// keep emitting every phase.
this.phases = {
requested: n.phaseRequested !== false,
ready: n.phaseReady !== false,
started: n.phaseStarted !== false,
sas: n.phaseSas !== false,
done: n.phaseDone !== false,
cancelled: n.phaseCancelled !== false,
};
this.initiatedBy = n.initiatedBy || 'any'; // any | me | notme
this.verificationType = n.verificationType || 'any'; // any | room | device
this.selfVerification = n.selfVerification || 'any'; // any | self | others
this.userFilter = (n.userFilter || '').split(',')
.map(function(s){ return s.trim().toLowerCase(); })
.filter(Boolean);
this.roomFilter = (n.roomFilter || '').split(',')
.map(function(s){ return s.trim(); })
.filter(Boolean);
node.status({ fill: "red", shape: "ring", text: "disconnected" });
if (!node.server) {
node.error("No configuration node");
return;
}
node.server.register(node);
// Returns true if a verification update message passes every configured
// filter. All filters AND-combine; each defaults to "pass everything".
function passesFilters(m) {
// phase
if ((m.phase in node.phases) && !node.phases[m.phase]) {
return false;
}
// initiated by
if (node.initiatedBy === 'me' && !m.initiatedByMe) {
return false;
}
if (node.initiatedBy === 'notme' && m.initiatedByMe) {
return false;
}
// verification type - room verifications carry a roomId (msg.topic),
// to-device verifications do not
if (node.verificationType === 'room' && !m.topic) {
return false;
}
if (node.verificationType === 'device' && m.topic) {
return false;
}
// self-verification (the other party is one of the bot's own devices)
if (node.selfVerification === 'self' && !m.isSelfVerification) {
return false;
}
if (node.selfVerification === 'others' && m.isSelfVerification) {
return false;
}
// user id allowlist
if (node.userFilter.length &&
(!m.userId || node.userFilter.indexOf(m.userId.toLowerCase()) === -1)) {
return false;
}
// room id filter - only constrains room verifications; device
// verifications have no room and are not affected
if (node.roomFilter.length && m.topic &&
node.roomFilter.indexOf(m.topic) === -1) {
return false;
}
return true;
}
const onConnected = function() {
node.status({ fill: "green", shape: "ring", text: "connected" });
};
const onDisconnected = function() {
node.status({ fill: "red", shape: "ring", text: "disconnected" });
};
const onVerificationUpdate = function(verificationMsg) {
if (!passesFilters(verificationMsg)) {
return;
}
node.status({ fill: "blue", shape: "dot", text: verificationMsg.phase });
// clone so multiple verification nodes don't share/mutate one object
node.send(RED.util.cloneMessage(verificationMsg));
};
node.server.on("connected", onConnected);
node.server.on("disconnected", onDisconnected);
node.server.on("Verification.update", onVerificationUpdate);
if (node.server.isConnected && node.server.isConnected()) {
onConnected();
}
node.on("close", function() {
node.server.removeListener("connected", onConnected);
node.server.removeListener("disconnected", onDisconnected);
node.server.removeListener("Verification.update", onVerificationUpdate);
node.server.deregister(node);
});
}
RED.nodes.registerType("matrix-verification", MatrixVerification);
}