2
1
mirror of https://github.com/Thream/socketio-jwt.git synced 2024-07-21 09:38:31 +02:00
socketio-jwt/lib/index.js

102 lines
2.5 KiB
JavaScript
Raw Normal View History

2013-06-05 13:38:33 +02:00
var xtend = require('xtend');
var jwt = require('jsonwebtoken');
var UnauthorizedError = require('./UnauthorizedError');
2014-01-13 22:41:10 +01:00
function noQsMethod(options, onConnection) {
return function (socket) {
var auth_timeout = setTimeout(function () {
socket.disconnect('unauthorized');
}, options.timeout || 5000);
socket.on('authenticate', function (data) {
clearTimeout(auth_timeout);
jwt.verify(data.token, options.secret, options, function(err, decoded) {
if (err) {
return socket.disconnect('unauthorized');
}
socket.user = decoded;
socket.emit('authenticated');
onConnection(socket);
});
});
};
}
function authorize(options, onConnection) {
var defaults = {
success: function(data, accept){
accept(null, true);
},
fail: function(error, data, accept){
accept(null, false);
}
};
2012-09-05 20:14:36 +02:00
2013-11-15 10:47:51 +01:00
var auth = xtend(defaults, options);
2013-06-30 21:06:21 +02:00
2014-01-13 22:41:10 +01:00
if (onConnection) {
return noQsMethod(options, onConnection);
}
2012-09-05 20:14:36 +02:00
return function(data, accept){
var token, error;
2012-09-05 20:14:36 +02:00
if (data.headers && data.headers.authorization) {
var parts = data.headers.authorization.split(' ');
if (parts.length == 2) {
var scheme = parts[0],
credentials = parts[1];
2012-09-05 20:14:36 +02:00
if (/^Bearer$/i.test(scheme)) {
token = credentials;
}
} else {
error = new UnauthorizedError('credentials_bad_format', {
message: 'Format is Authorization: Bearer [token]'
});
return auth.fail(error, data, accept);
}
}
if (data.query.token) {
token = data.query.token;
}
2012-09-05 20:14:36 +02:00
if (!token) {
error = new UnauthorizedError('credentials_required', {
message: 'No Authorization header was found'
2012-09-05 20:14:36 +02:00
});
return auth.fail(error, data, accept);
}
jwt.verify(token, options.secret, options, function(err, decoded) {
if (err) {
error = new UnauthorizedError('invalid_token', err);
return auth.fail(error, data, accept);
}
data.user = decoded;
data.logged_in = true;
2012-09-05 20:14:36 +02:00
auth.success(data, accept);
2012-09-05 20:14:36 +02:00
});
};
}
function filterSocketsByUser(socketIo, filter){
var handshaken = socketIo.sockets.manager.handshaken;
return Object.keys(handshaken || {})
.filter(function(skey){
return filter(handshaken[skey].user);
})
.map(function(skey){
return socketIo.sockets.manager.sockets.sockets[skey];
});
}
exports.authorize = authorize;
exports.filterSocketsByUser = filterSocketsByUser;