BinaryFissionGames
commented
6 years ago Right now, every connection generates a new secret. Generating it for a whole timeslot, if needed, will be up to a different issue, when we add authentication for the control panel.
Websockets have been upgraded to SSL, which means the webcam stuff is broken if you don't install our self signed certificates, for now (the plan is to change these to actual certificates for production).
In order to make it work, you need to install the CA certificate (this can be done by first attaining the certificate from the pi, saving it, then executing
certutil –addstore -enterprise –f “Root” <pathtocertificatefile>
in command prompt on windows. See notes section for pastebin of certificate.)
Then, you need to edit your hosts file (C:\Windows\System32\drivers\etc\hosts) such that the IP of the pi is resolved from www.robotremote.com and robotremote.com.
The line should look like this:
<pi-ip> www.robotremote.com robotremote.com
Then accessing www.robotremote.com should let you use the site as normal.
Connecting using jsmpeg works like this; A seperate node server is set up, which simply takes data streamed from ffmpeg over its http server, then spits it back out as a websocket stream.
This connection from client to websocket is "secured" by a secret which is appended at the end of the URL. This security is fine if we use a randomly generated secret, but currently we use a static secret. This should be fixed.
Some notes about this secret;
Also, while we're at it, we probably want to change from ws to wss (SSL for websockets, basically), which would help out with security.