socketio-jwt/lib/index.js

var connectUtils = require('connect').utils,
    cookie = require('cookie');

function authorize(options){
  var passport      = options.passport        || require('passport'),
      sessionKey    = options.sessionKey      || 'express.sid',
      sessionSecret = options.sessionSecret,
      sessionStore  = options.sessionStore;

  var userProperty  = passport._userProperty  || 'user';

  return function(data, accept){
    if (!data.headers.cookie) {
      return accept('Session cookie required.', false);
    }

    var parsedCookie = cookie.parse(data.headers.cookie);

    data.cookie = connectUtils.parseSignedCookies(parsedCookie, sessionSecret);

    data.sessionID = data.cookie[sessionKey];

    sessionStore.get(data.sessionID, function(err, session){
      
      if (err) {
        return accept('Error in session store.', false);
      } else if (!session) {
        return accept('Session not found.', false);
      }

      if(!session[passport._key]){
        return accept('passport was not initialized', false);
      }

      var userKey = session[passport._key][userProperty];
      
      if(!userKey){
        return accept('not yet authenticated', false);
      }

      passport.deserializeUser(userKey, function(err, user) {
        data[userProperty] = user;
        return accept(null, true);
      });

    });
  };
}

function filterSocketsByUser(socketIo, filter){
  var handshaken = socketIo.sockets.manager.handshaken;
  return Object.keys(handshaken || {})
    .filter(function(skey){
      return filter(handshaken[skey].user);
    })
    .map(function(skey){
      return socketIo.sockets.manager.sockets.sockets[skey];
    });
}

exports.authorize = authorize;
exports.filterSocketsByUser = filterSocketsByUser;
initial 2012-09-05 20:14:36 +02:00			`var connectUtils = require('connect').utils,`
			`cookie = require('cookie');`

			`function authorize(options){`
			`var passport = options.passport \|\| require('passport'),`
			`sessionKey = options.sessionKey \|\| 'express.sid',`
			`sessionSecret = options.sessionSecret,`
			`sessionStore = options.sessionStore;`

			`var userProperty = passport._userProperty \|\| 'user';`

			`return function(data, accept){`
			`if (!data.headers.cookie) {`
			`return accept('Session cookie required.', false);`
			`}`

			`var parsedCookie = cookie.parse(data.headers.cookie);`

			`data.cookie = connectUtils.parseSignedCookies(parsedCookie, sessionSecret);`

Use sessionKey over hard-coded "express.sid" The sessionKey argument was ignored and "express.sid" was always used instead. 2012-09-09 19:31:05 +02:00			`data.sessionID = data.cookie[sessionKey];`
initial 2012-09-05 20:14:36 +02:00
			`sessionStore.get(data.sessionID, function(err, session){`

			`if (err) {`
			`return accept('Error in session store.', false);`
			`} else if (!session) {`
			`return accept('Session not found.', false);`
			`}`

			`if(!session[passport._key]){`
			`return accept('passport was not initialized', false);`
			`}`

			`var userKey = session[passport._key][userProperty];`

			`if(!userKey){`
			`return accept('not yet authenticated', false);`
			`}`

			`passport.deserializeUser(userKey, function(err, user) {`
			`data[userProperty] = user;`
			`return accept(null, true);`
			`});`

			`});`
			`};`
			`}`

			`function filterSocketsByUser(socketIo, filter){`
			`var handshaken = socketIo.sockets.manager.handshaken;`
			`return Object.keys(handshaken \|\| {})`
			`.filter(function(skey){`
			`return filter(handshaken[skey].user);`
			`})`
			`.map(function(skey){`
			`return socketIo.sockets.manager.sockets.sockets[skey];`
			`});`
			`}`

			`exports.authorize = authorize;`
			`exports.filterSocketsByUser = filterSocketsByUser;`