From 67273bc4184a93f602d75ae0f62daa6b080f53a5 Mon Sep 17 00:00:00 2001
From: schlagmichdoch <schlagmichdoch@users.noreply.github.com>
Date: Sun, 22 Jan 2023 17:43:54 +0100
Subject: [PATCH] Prevent rogue users from requesting multiple roomKeys

---
 index.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/index.js b/index.js
index 6353c01..c93a001 100644
--- a/index.js
+++ b/index.js
@@ -231,6 +231,7 @@ class PairDropServer {
     _onPairDeviceInitiate(sender) {
         let roomSecret = this.getRandomString(64);
         let roomKey = this._createRoomKey(sender, roomSecret);
+        if (sender.roomKey) this._removeRoomKey(sender.roomKey);
         sender.roomKey = roomKey;
         this._send(sender, {
             type: 'pair-device-initiated',