mirror of
https://github.com/livebook-dev/livebook.git
synced 2024-11-16 12:57:32 +08:00
19baf013d5
* Introduce a dedicated channel for JS widget communication * Handle payload serialization errors * Tie channel lifetime to the session * Catch serialization errors instead of encoding twice * Merge JS static and dynamic outputs * Authenticate socket connection from session * Update JS output format * Remove unused helper * Apply review comments
91 lines
2.8 KiB
Elixir
91 lines
2.8 KiB
Elixir
defmodule LivebookWeb.Endpoint do
|
|
use Phoenix.Endpoint, otp_app: :livebook
|
|
|
|
# The session will be stored in the cookie and signed,
|
|
# this means its contents can be read but not tampered with.
|
|
# Set :encryption_salt if you would also like to encrypt it.
|
|
@session_options [
|
|
store: :cookie,
|
|
key: "_livebook_key",
|
|
signing_salt: "deadbook",
|
|
same_site: "Lax"
|
|
]
|
|
|
|
socket "/live", LivebookWeb.Socket,
|
|
# Don't check the origin as we don't know how the web app is gonna be accessed.
|
|
# It runs locally, but may be exposed via IP or domain name.
|
|
# The WebSocket connection is already protected from CSWSH by using CSRF token.
|
|
websocket: [check_origin: false, connect_info: [:user_agent, :uri, session: @session_options]]
|
|
|
|
# We use Escript for distributing Livebook, so we don't have access to the static
|
|
# files at runtime in the prod environment. To overcome this we load contents of
|
|
# those files at compilation time, so that they become a part of the executable
|
|
# and can be served from memory.
|
|
defmodule AssetsMemoryProvider do
|
|
use LivebookWeb.MemoryProvider,
|
|
from: Path.expand("../../static", __DIR__),
|
|
gzip: true
|
|
end
|
|
|
|
defmodule AssetsFileSystemProvider do
|
|
use LivebookWeb.FileSystemProvider,
|
|
from: "tmp/static_dev"
|
|
end
|
|
|
|
# Serve static files at "/"
|
|
|
|
if code_reloading? do
|
|
# In development we use assets from tmp/static_dev (rebuilt dynamically on every change).
|
|
# Note that this directory doesn't contain predefined files (e.g. images), so we also
|
|
# use `AssetsMemoryProvider` to serve those from static/.
|
|
plug LivebookWeb.StaticPlug,
|
|
at: "/",
|
|
file_provider: AssetsFileSystemProvider,
|
|
gzip: false
|
|
end
|
|
|
|
plug LivebookWeb.StaticPlug,
|
|
at: "/",
|
|
file_provider: AssetsMemoryProvider,
|
|
gzip: true
|
|
|
|
# Code reloading can be explicitly enabled under the
|
|
# :code_reloader configuration of your endpoint.
|
|
if code_reloading? do
|
|
socket "/phoenix/live_reload/socket", Phoenix.LiveReloader.Socket
|
|
plug Phoenix.LiveReloader
|
|
plug Phoenix.CodeReloader
|
|
end
|
|
|
|
plug Phoenix.LiveDashboard.RequestLogger,
|
|
param_key: "request_logger",
|
|
cookie_key: "request_logger"
|
|
|
|
plug Plug.RequestId
|
|
plug Plug.Telemetry, event_prefix: [:phoenix, :endpoint]
|
|
|
|
plug Plug.Parsers,
|
|
parsers: [:urlencoded, :multipart, :json],
|
|
pass: ["*/*"],
|
|
json_decoder: Phoenix.json_library()
|
|
|
|
plug Plug.MethodOverride
|
|
plug Plug.Head
|
|
plug Plug.Session, @session_options
|
|
|
|
# Run custom plugs from the app configuration
|
|
plug LivebookWeb.ConfiguredPlug
|
|
|
|
plug LivebookWeb.Router
|
|
|
|
def access_url() do
|
|
root_url = url()
|
|
|
|
if Livebook.Config.auth_mode() == :token do
|
|
token = Application.fetch_env!(:livebook, :token)
|
|
root_url <> "/?token=" <> token
|
|
else
|
|
root_url
|
|
end
|
|
end
|
|
end
|