socketio-jwt/src/index.ts

import jwt from 'jsonwebtoken'
import { Socket } from 'socket.io'

class UnauthorizedError extends Error {
  public inner: { message: string }
  public data: { message: string, code: string, type: 'UnauthorizedError' }

  constructor (code: string, error: { message: string }) {
    super(error.message)
    this.message = error.message
    this.inner = error
    this.data = {
      message: this.message,
      code,
      type: 'UnauthorizedError'
    }
    Object.setPrototypeOf(this, UnauthorizedError.prototype)
  }
}

interface ExtendedError extends Error {
  data?: any
}

type SocketIOMiddleware = (
  socket: Socket,
  next: (err?: ExtendedError) => void
) => void

interface AuthorizeOptions {
  secret: string
}

export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
  const { secret } = options
  return (socket, next) => {
    let token: string | null = null
    const authorizationHeader = socket.request.headers.authorization
    if (authorizationHeader != null) {
      const tokenSplitted = authorizationHeader.split(' ')
      if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {
        return next(
          new UnauthorizedError('credentials_bad_format', {
            message: 'Format is Authorization: Bearer [token]'
          })
        )
      }
      token = tokenSplitted[1]
    }
    if (token == null) {
      return next(
        new UnauthorizedError('credentials_required', {
          message: 'no token provided'
        })
      )
    }
    // Store encoded JWT
    socket = Object.assign(socket, { encodedToken: token })
    let payload: any
    try {
      payload = jwt.verify(token, secret)
    } catch {
      return next(
        new UnauthorizedError('invalid_token', {
          message: 'Unauthorized: Token is missing or invalid Bearer'
        })
      )
    }
    // Store decoded JWT
    socket = Object.assign(socket, { decodedToken: payload })
    return next()
  }
}
feat: make it work like before with socket.io 2.0 WIP 2020-12-28 18:09:42 +01:00			`import jwt from 'jsonwebtoken'`
fix: temporary fix ts errors by using any type 2020-12-29 01:55:44 +01:00			`import { Socket } from 'socket.io'`
feat: make it work like before with socket.io 2.0 WIP 2020-12-28 18:09:42 +01:00
			`class UnauthorizedError extends Error {`
			`public inner: { message: string }`
feat: add support for socket.io >= 3.0.0 2020-12-29 03:32:28 +01:00			`public data: { message: string, code: string, type: 'UnauthorizedError' }`
feat: make it work like before with socket.io 2.0 WIP 2020-12-28 18:09:42 +01:00
feat: add support for socket.io >= 3.0.0 2020-12-29 03:32:28 +01:00			`constructor (code: string, error: { message: string }) {`
feat: make it work like before with socket.io 2.0 WIP 2020-12-28 18:09:42 +01:00			`super(error.message)`
			`this.message = error.message`
			`this.inner = error`
			`this.data = {`
			`message: this.message,`
			`code,`
			`type: 'UnauthorizedError'`
			`}`
			`Object.setPrototypeOf(this, UnauthorizedError.prototype)`
			`}`
			`}`

feat: add support for socket.io >= 3.0.0 2020-12-29 03:32:28 +01:00			`interface ExtendedError extends Error {`
			`data?: any`
fix: temporary fix ts errors by using any type 2020-12-29 01:55:44 +01:00			`}`
feat: make it work like before with socket.io 2.0 WIP 2020-12-28 18:09:42 +01:00
feat: add support for socket.io >= 3.0.0 2020-12-29 03:32:28 +01:00			`type SocketIOMiddleware = (`
			`socket: Socket,`
			`next: (err?: ExtendedError) => void`
			`) => void`
feat: make it work like before with socket.io 2.0 WIP 2020-12-28 18:09:42 +01:00
feat: add support for socket.io >= 3.0.0 2020-12-29 03:32:28 +01:00			`interface AuthorizeOptions {`
			`secret: string`
feat: make it work like before with socket.io 2.0 WIP 2020-12-28 18:09:42 +01:00			`}`

feat: add support for socket.io >= 3.0.0 2020-12-29 03:32:28 +01:00			`export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {`
			`const { secret } = options`
			`return (socket, next) => {`
			`let token: string \| null = null`
			`const authorizationHeader = socket.request.headers.authorization`
			`if (authorizationHeader != null) {`
			`const tokenSplitted = authorizationHeader.split(' ')`
			`if (tokenSplitted.length !== 2 \|\| tokenSplitted[0] !== 'Bearer') {`
			`return next(`
			`new UnauthorizedError('credentials_bad_format', {`
			`message: 'Format is Authorization: Bearer [token]'`
			`})`
			`)`
feat: make it work like before with socket.io 2.0 WIP 2020-12-28 18:09:42 +01:00			`}`
feat: add support for socket.io >= 3.0.0 2020-12-29 03:32:28 +01:00			`token = tokenSplitted[1]`
feat: make it work like before with socket.io 2.0 WIP 2020-12-28 18:09:42 +01:00			`}`
feat: add support for socket.io >= 3.0.0 2020-12-29 03:32:28 +01:00			`if (token == null) {`
			`return next(`
			`new UnauthorizedError('credentials_required', {`
			`message: 'no token provided'`
feat: make it work like before with socket.io 2.0 WIP 2020-12-28 18:09:42 +01:00			`})`
			`)`
			`}`
			`// Store encoded JWT`
feat: add support for socket.io >= 3.0.0 2020-12-29 03:32:28 +01:00			`socket = Object.assign(socket, { encodedToken: token })`
			`let payload: any`
			`try {`
			`payload = jwt.verify(token, secret)`
			`} catch {`
			`return next(`
			`new UnauthorizedError('invalid_token', {`
			`message: 'Unauthorized: Token is missing or invalid Bearer'`
			`})`
			`)`
fix: temporary fix ts errors by using any type 2020-12-29 01:55:44 +01:00			`}`
feat: add support for socket.io >= 3.0.0 2020-12-29 03:32:28 +01:00			`// Store decoded JWT`
			`socket = Object.assign(socket, { decodedToken: payload })`
			`return next()`
fix: temporary fix ts errors by using any type 2020-12-29 01:55:44 +01:00			`}`
			`}`