socketio-jwt/test/fixture/secret_function.js

const express = require('express');
const http = require('http');

const socketIo = require('socket.io');
const socketio_jwt = require('../../lib');

const jwt = require('jsonwebtoken');
const xtend = require('xtend');
const bodyParser = require('body-parser');
const enableDestroy = require('server-destroy');

let sio;

exports.start = function (options, callback) {
  const SECRETS = {
    123: 'aaafoo super sercret',
    555: 'other'
  };

  if(typeof options == 'function'){
    callback = options;
    options = {};
  }

  options = xtend({
    secret: function(request, decodedToken, callback) {
      callback(null, SECRETS[decodedToken.id]);
    },
    timeout: 1000,
    handshake: true
  }, options);

  const app = express();
  const server = http.createServer(app);
  sio = socketIo.listen(server);

  app.use(bodyParser.json());
  app.post('/login', function (req, res) {
    const profile = {
      first_name: 'John',
      last_name: 'Doe',
      email: 'john@doe.com',
      id: req.body.username === 'valid_signature' ? 123 : 555
    };

    // We are sending the profile inside the token
    const token = jwt.sign(profile, SECRETS[123], { expiresIn: 60*60*5 });
    res.json({token: token});
  });

  if (options.handshake) {
    sio.use(socketio_jwt.authorize(options));

    sio.sockets.on('echo', function (m) {
      sio.sockets.emit('echo-response', m);
    });
  } else {
    sio.sockets
      .on('connection', socketio_jwt.authorize(options))
      .on('authenticated', function (socket) {
        socket.on('echo', function (m) {
          socket.emit('echo-response', m);
        });
      });
  }

  server.__sockets = [];
  server.on('connection', function (c) {
    server.__sockets.push(c);
  });

  server.listen(9000, callback);
  enableDestroy(server);
};

exports.stop = function (callback) {
  sio.close();
  try {
    server.destroy();
  } catch (er) {}

  callback();
};
Fixed auth.required Misc: - Resolved conflicts - Added test case, to fail if server grants prohibited admin access - Simplified test logic - Prevented usage of "var" (used const / let instead) - Formatting - Cleanup - Typos 2019-10-13 15:52:14 +02:00			`const express = require('express');`
			`const http = require('http');`
Add ability to generate secret dynamically This allow you to pass a function instead of an string in order to generate secret based on the new connection features. 2015-11-18 21:36:24 +01:00
Fixed auth.required Misc: - Resolved conflicts - Added test case, to fail if server grants prohibited admin access - Simplified test logic - Prevented usage of "var" (used const / let instead) - Formatting - Cleanup - Typos 2019-10-13 15:52:14 +02:00			`const socketIo = require('socket.io');`
			`const socketio_jwt = require('../../lib');`
Add ability to generate secret dynamically This allow you to pass a function instead of an string in order to generate secret based on the new connection features. 2015-11-18 21:36:24 +01:00
Fixed auth.required Misc: - Resolved conflicts - Added test case, to fail if server grants prohibited admin access - Simplified test logic - Prevented usage of "var" (used const / let instead) - Formatting - Cleanup - Typos 2019-10-13 15:52:14 +02:00			`const jwt = require('jsonwebtoken');`
			`const xtend = require('xtend');`
			`const bodyParser = require('body-parser');`
			`const enableDestroy = require('server-destroy');`
Add ability to generate secret dynamically This allow you to pass a function instead of an string in order to generate secret based on the new connection features. 2015-11-18 21:36:24 +01:00
Fixed auth.required Misc: - Resolved conflicts - Added test case, to fail if server grants prohibited admin access - Simplified test logic - Prevented usage of "var" (used const / let instead) - Formatting - Cleanup - Typos 2019-10-13 15:52:14 +02:00			`let sio;`
Add ability to generate secret dynamically This allow you to pass a function instead of an string in order to generate secret based on the new connection features. 2015-11-18 21:36:24 +01:00
			`exports.start = function (options, callback) {`
Fixed auth.required Misc: - Resolved conflicts - Added test case, to fail if server grants prohibited admin access - Simplified test logic - Prevented usage of "var" (used const / let instead) - Formatting - Cleanup - Typos 2019-10-13 15:52:14 +02:00			`const SECRETS = {`
Add ability to generate secret dynamically This allow you to pass a function instead of an string in order to generate secret based on the new connection features. 2015-11-18 21:36:24 +01:00			`123: 'aaafoo super sercret',`
			`555: 'other'`
			`};`

			`if(typeof options == 'function'){`
			`callback = options;`
			`options = {};`
			`}`

			`options = xtend({`
			`secret: function(request, decodedToken, callback) {`
			`callback(null, SECRETS[decodedToken.id]);`
			`},`
			`timeout: 1000,`
			`handshake: true`
			`}, options);`

Fixed auth.required Misc: - Resolved conflicts - Added test case, to fail if server grants prohibited admin access - Simplified test logic - Prevented usage of "var" (used const / let instead) - Formatting - Cleanup - Typos 2019-10-13 15:52:14 +02:00			`const app = express();`
			`const server = http.createServer(app);`
			`sio = socketIo.listen(server);`
Add ability to generate secret dynamically This allow you to pass a function instead of an string in order to generate secret based on the new connection features. 2015-11-18 21:36:24 +01:00
			`app.use(bodyParser.json());`
			`app.post('/login', function (req, res) {`
Fixed auth.required Misc: - Resolved conflicts - Added test case, to fail if server grants prohibited admin access - Simplified test logic - Prevented usage of "var" (used const / let instead) - Formatting - Cleanup - Typos 2019-10-13 15:52:14 +02:00			`const profile = {`
Add ability to generate secret dynamically This allow you to pass a function instead of an string in order to generate secret based on the new connection features. 2015-11-18 21:36:24 +01:00			`first_name: 'John',`
			`last_name: 'Doe',`
			`email: 'john@doe.com',`
			`id: req.body.username === 'valid_signature' ? 123 : 555`
			`};`

			`// We are sending the profile inside the token`
Fixed auth.required Misc: - Resolved conflicts - Added test case, to fail if server grants prohibited admin access - Simplified test logic - Prevented usage of "var" (used const / let instead) - Formatting - Cleanup - Typos 2019-10-13 15:52:14 +02:00			`const token = jwt.sign(profile, SECRETS[123], { expiresIn: 60605 });`
Add ability to generate secret dynamically This allow you to pass a function instead of an string in order to generate secret based on the new connection features. 2015-11-18 21:36:24 +01:00			`res.json({token: token});`
			`});`

			`if (options.handshake) {`
			`sio.use(socketio_jwt.authorize(options));`

			`sio.sockets.on('echo', function (m) {`
			`sio.sockets.emit('echo-response', m);`
			`});`
			`} else {`
			`sio.sockets`
			`.on('connection', socketio_jwt.authorize(options))`
			`.on('authenticated', function (socket) {`
			`socket.on('echo', function (m) {`
			`socket.emit('echo-response', m);`
			`});`
			`});`
			`}`

			`server.__sockets = [];`
			`server.on('connection', function (c) {`
			`server.__sockets.push(c);`
			`});`

			`server.listen(9000, callback);`
			`enableDestroy(server);`
			`};`

			`exports.stop = function (callback) {`
			`sio.close();`
			`try {`
			`server.destroy();`
			`} catch (er) {}`

			`callback();`
			`};`