Merge pull request #155 from Root-Core/matwithonet1
Cherrypicked commits of #105 by matwithonet1
This commit is contained in:
commit
1c60171179
@ -1,5 +1,7 @@
|
|||||||
language: node_js
|
language: node_js
|
||||||
node_js:
|
node_js:
|
||||||
- "0.12"
|
- 4
|
||||||
- "0.11"
|
- 8
|
||||||
- "0.10"
|
- 10
|
||||||
|
- 12
|
||||||
|
- node
|
||||||
|
59
README.md
59
README.md
@ -41,9 +41,10 @@ io.sockets
|
|||||||
.on('connection', socketioJwt.authorize({
|
.on('connection', socketioJwt.authorize({
|
||||||
secret: 'your secret or public key',
|
secret: 'your secret or public key',
|
||||||
timeout: 15000 // 15 seconds to send the authentication message
|
timeout: 15000 // 15 seconds to send the authentication message
|
||||||
})).on('authenticated', function(socket) {
|
}))
|
||||||
|
.on('authenticated', (socket) => {
|
||||||
//this socket is authenticated, we are good to handle more events from it.
|
//this socket is authenticated, we are good to handle more events from it.
|
||||||
console.log('hello! ' + socket.decoded_token.name);
|
console.log(`hello! ${socket.decoded_token.name}`);
|
||||||
});
|
});
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -52,15 +53,15 @@ io.sockets
|
|||||||
**Client side**
|
**Client side**
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var socket = io.connect('http://localhost:9000');
|
const socket = io.connect('http://localhost:9000');
|
||||||
socket.on('connect', function () {
|
socket.on('connect', () => {
|
||||||
socket
|
socket
|
||||||
.emit('authenticate', {token: jwt}) //send the jwt
|
.emit('authenticate', { token: jwt }) //send the jwt
|
||||||
.on('authenticated', function () {
|
.on('authenticated', () => {
|
||||||
//do other things
|
//do other things
|
||||||
})
|
})
|
||||||
.on('unauthorized', function(msg) {
|
.on('unauthorized', (msg) => {
|
||||||
console.log("unauthorized: " + JSON.stringify(msg.data));
|
console.log(`unauthorized: ${JSON.stringify(msg.data)}`);
|
||||||
throw new Error(msg.data.type);
|
throw new Error(msg.data.type);
|
||||||
})
|
})
|
||||||
});
|
});
|
||||||
@ -71,8 +72,8 @@ socket.on('connect', function () {
|
|||||||
The previous approach uses a second roundtrip to send the jwt. There is a way you can authenticate on the handshake by sending the JWT as a query string, the caveat is that intermediary HTTP servers can log the url.
|
The previous approach uses a second roundtrip to send the jwt. There is a way you can authenticate on the handshake by sending the JWT as a query string, the caveat is that intermediary HTTP servers can log the url.
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var io = require('socket.io')(server);
|
const io = require('socket.io')(server);
|
||||||
var socketioJwt = require('socketio-jwt');
|
const socketioJwt = require('socketio-jwt');
|
||||||
```
|
```
|
||||||
|
|
||||||
With socket.io < 1.0:
|
With socket.io < 1.0:
|
||||||
@ -83,7 +84,7 @@ io.set('authorization', socketioJwt.authorize({
|
|||||||
handshake: true
|
handshake: true
|
||||||
}));
|
}));
|
||||||
|
|
||||||
io.on('connection', function (socket) {
|
io.on('connection', (socket) => {
|
||||||
console.log('hello!', socket.handshake.decoded_token.name);
|
console.log('hello!', socket.handshake.decoded_token.name);
|
||||||
});
|
});
|
||||||
```
|
```
|
||||||
@ -96,7 +97,7 @@ io.use(socketioJwt.authorize({
|
|||||||
handshake: true
|
handshake: true
|
||||||
}));
|
}));
|
||||||
|
|
||||||
io.on('connection', function (socket) {
|
io.on('connection', (socket) => {
|
||||||
console.log('hello!', socket.decoded_token.name);
|
console.log('hello!', socket.decoded_token.name);
|
||||||
});
|
});
|
||||||
```
|
```
|
||||||
@ -108,21 +109,35 @@ For more validation options see [auth0/jsonwebtoken](https://github.com/auth0/no
|
|||||||
Append the jwt token using query string:
|
Append the jwt token using query string:
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'query': 'token=' + your_jwt
|
query: `token=${your_jwt}`
|
||||||
});
|
});
|
||||||
```
|
```
|
||||||
|
|
||||||
Append the jwt token using 'Authorization Header' (Bearer Token):
|
Append the jwt token using 'Authorization Header' (Bearer Token):
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'extraHeaders': { Authorization: `Bearer ${your_jwt}` }
|
extraHeaders: { Authorization: `Bearer ${your_jwt}` }
|
||||||
});
|
});
|
||||||
```
|
```
|
||||||
|
|
||||||
Both options can be combined or used optionally.
|
Both options can be combined or used optionally.
|
||||||
|
|
||||||
|
### Authorization Header Requirement
|
||||||
|
|
||||||
|
Require Bearer Tokens to be passed in as an Authorization Header
|
||||||
|
|
||||||
|
**Server side**:
|
||||||
|
|
||||||
|
```javascript
|
||||||
|
io.use(socketioJwt.authorize({
|
||||||
|
secret: 'your secret or public key',
|
||||||
|
handshake: true,
|
||||||
|
auth_header_required: true
|
||||||
|
}));
|
||||||
|
```
|
||||||
|
|
||||||
### Handling token expiration
|
### Handling token expiration
|
||||||
|
|
||||||
**Server side**
|
**Server side**
|
||||||
@ -130,7 +145,7 @@ Both options can be combined or used optionally.
|
|||||||
When you sign the token with an expiration time (example: 60 minutes):
|
When you sign the token with an expiration time (example: 60 minutes):
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var token = jwt.sign(user_profile, jwt_secret, {expiresIn: 60*60});
|
const token = jwt.sign(user_profile, jwt_secret, { expiresIn: 60*60 });
|
||||||
```
|
```
|
||||||
|
|
||||||
Your client-side code should handle it as below:
|
Your client-side code should handle it as below:
|
||||||
@ -138,7 +153,7 @@ Your client-side code should handle it as below:
|
|||||||
**Client side**
|
**Client side**
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
socket.on('unauthorized', function(error) {
|
socket.on('unauthorized', (error) => {
|
||||||
if (error.data.type == 'UnauthorizedError' || error.data.code == 'invalid_token') {
|
if (error.data.type == 'UnauthorizedError' || error.data.code == 'invalid_token') {
|
||||||
// redirect user to login page perhaps?
|
// redirect user to login page perhaps?
|
||||||
console.log('User token has expired');
|
console.log('User token has expired');
|
||||||
@ -159,7 +174,7 @@ No further configuration needed.
|
|||||||
Add a callback client-side to execute socket disconnect server-side.
|
Add a callback client-side to execute socket disconnect server-side.
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
socket.on('unauthorized', function(error, callback) {
|
socket.on('unauthorized', (error, callback) => {
|
||||||
if (error.data.type == 'UnauthorizedError' || error.data.code == 'invalid_token') {
|
if (error.data.type == 'UnauthorizedError' || error.data.code == 'invalid_token') {
|
||||||
// redirect user to login page perhaps or execute callback:
|
// redirect user to login page perhaps or execute callback:
|
||||||
callback();
|
callback();
|
||||||
@ -201,7 +216,7 @@ Your client-side code should handle it as below:
|
|||||||
**Client side**
|
**Client side**
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
socket.on('unauthorized', function(error, callback) {
|
socket.on('unauthorized', (error, callback) => {
|
||||||
if (error.data.type == 'UnauthorizedError' || error.data.code == 'invalid_token') {
|
if (error.data.type == 'UnauthorizedError' || error.data.code == 'invalid_token') {
|
||||||
// redirect user to login page perhaps or execute callback:
|
// redirect user to login page perhaps or execute callback:
|
||||||
callback();
|
callback();
|
||||||
@ -220,13 +235,13 @@ the provided token.
|
|||||||
**Server side**
|
**Server side**
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var SECRETS = {
|
const SECRETS = {
|
||||||
'user1': 'secret 1',
|
'user1': 'secret 1',
|
||||||
'user2': 'secret 2'
|
'user2': 'secret 2'
|
||||||
}
|
}
|
||||||
|
|
||||||
io.use(socketioJwt.authorize({
|
io.use(socketioJwt.authorize({
|
||||||
secret: function(request, decodedToken, callback) {
|
secret: (request, decodedToken, callback) => {
|
||||||
// SECRETS[decodedToken.userId] will be used as a secret or
|
// SECRETS[decodedToken.userId] will be used as a secret or
|
||||||
// public key for connection user.
|
// public key for connection user.
|
||||||
|
|
||||||
|
@ -5,7 +5,7 @@ function UnauthorizedError (code, error) {
|
|||||||
this.data = {
|
this.data = {
|
||||||
message: this.message,
|
message: this.message,
|
||||||
code: code,
|
code: code,
|
||||||
type: "UnauthorizedError"
|
type: 'UnauthorizedError'
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
159
lib/index.js
159
lib/index.js
@ -1,102 +1,107 @@
|
|||||||
var xtend = require('xtend');
|
const xtend = require('xtend');
|
||||||
var jwt = require('jsonwebtoken');
|
const jwt = require('jsonwebtoken');
|
||||||
var UnauthorizedError = require('./UnauthorizedError');
|
const UnauthorizedError = require('./UnauthorizedError');
|
||||||
|
|
||||||
function noQsMethod(options) {
|
function noQsMethod (options) {
|
||||||
var defaults = { required: true };
|
const defaults = { required: true };
|
||||||
options = xtend(defaults, options);
|
options = xtend(defaults, options);
|
||||||
|
|
||||||
return function (socket) {
|
return (socket) => {
|
||||||
var server = this.server || socket.server;
|
'use strict'; // Node 4.x workaround
|
||||||
|
const server = this.server || socket.server;
|
||||||
|
|
||||||
if (!server.$emit) {
|
if (!server.$emit) {
|
||||||
//then is socket.io 1.0
|
//then is socket.io 1.0
|
||||||
var Namespace = Object.getPrototypeOf(server.sockets).constructor;
|
const Namespace = Object.getPrototypeOf(server.sockets).constructor;
|
||||||
if (!~Namespace.events.indexOf('authenticated')) {
|
if (!~Namespace.events.indexOf('authenticated')) {
|
||||||
Namespace.events.push('authenticated');
|
Namespace.events.push('authenticated');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(options.required){
|
let auth_timeout = null;
|
||||||
var auth_timeout = setTimeout(function () {
|
if (options.required) {
|
||||||
|
auth_timeout = setTimeout(() => {
|
||||||
socket.disconnect('unauthorized');
|
socket.disconnect('unauthorized');
|
||||||
}, options.timeout || 5000);
|
}, options.timeout || 5000);
|
||||||
}
|
}
|
||||||
|
|
||||||
socket.on('authenticate', function (data) {
|
socket.on('authenticate', (data) => {
|
||||||
if(options.required){
|
if (options.required) {
|
||||||
clearTimeout(auth_timeout);
|
clearTimeout(auth_timeout);
|
||||||
}
|
}
|
||||||
|
|
||||||
// error handler
|
// error handler
|
||||||
var onError = function(err, code) {
|
const onError = (err, code) => {
|
||||||
if (err) {
|
if (err) {
|
||||||
code = code || 'unknown';
|
code = code || 'unknown';
|
||||||
var error = new UnauthorizedError(code, {
|
const error = new UnauthorizedError(code, {
|
||||||
message: (Object.prototype.toString.call(err) === '[object Object]' && err.message) ? err.message : err
|
message: (Object.prototype.toString.call(err) === '[object Object]' && err.message) ? err.message : err
|
||||||
});
|
});
|
||||||
var callback_timeout;
|
|
||||||
// If callback explicitely set to false, start timeout to disconnect socket
|
let callback_timeout;
|
||||||
if (options.callback === false || typeof options.callback === "number") {
|
// If callback explicitly set to false, start timeout to disconnect socket
|
||||||
if (typeof options.callback === "number") {
|
if (options.callback === false || typeof options.callback === 'number') {
|
||||||
if (options.callback < 0) {
|
if (typeof options.callback === 'number') {
|
||||||
// If callback is negative(invalid value), make it positive
|
if (options.callback < 0) {
|
||||||
options.callback = Math.abs(options.callback);
|
// If callback is negative(invalid value), make it positive
|
||||||
}
|
options.callback = Math.abs(options.callback);
|
||||||
}
|
}
|
||||||
callback_timeout = setTimeout(function () {
|
|
||||||
socket.disconnect('unauthorized');
|
|
||||||
}, (options.callback === false ? 0 : options.callback));
|
|
||||||
}
|
}
|
||||||
socket.emit('unauthorized', error, function() {
|
|
||||||
if (typeof options.callback === "number") {
|
callback_timeout = setTimeout(() => {
|
||||||
clearTimeout(callback_timeout);
|
|
||||||
}
|
|
||||||
socket.disconnect('unauthorized');
|
socket.disconnect('unauthorized');
|
||||||
});
|
}, (options.callback === false ? 0 : options.callback));
|
||||||
return; // stop logic, socket will be close on next tick
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
socket.emit('unauthorized', error, () => {
|
||||||
|
if (typeof options.callback === 'number') {
|
||||||
|
clearTimeout(callback_timeout);
|
||||||
|
}
|
||||||
|
socket.disconnect('unauthorized');
|
||||||
|
});
|
||||||
|
return; // stop logic, socket will be close on next tick
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
var token = options.cookie ? socket.request.cookies[options.cookie] : (data ? data.token : undefined);
|
const token = options.cookie ? socket.request.cookies[options.cookie] : (data ? data.token : undefined);
|
||||||
|
|
||||||
if(!token || typeof token !== "string") {
|
if (!token || typeof token !== 'string') {
|
||||||
return onError({message: 'invalid token datatype'}, 'invalid_token');
|
return onError({ message: 'invalid token datatype' }, 'invalid_token');
|
||||||
}
|
}
|
||||||
|
|
||||||
// Store encoded JWT
|
// Store encoded JWT
|
||||||
socket[options.encodedPropertyName] = data.token;
|
socket[options.encodedPropertyName] = token;
|
||||||
|
|
||||||
var onJwtVerificationReady = function(err, decoded) {
|
|
||||||
|
|
||||||
|
const onJwtVerificationReady = (err, decoded) => {
|
||||||
if (err) {
|
if (err) {
|
||||||
return onError(err, 'invalid_token');
|
return onError(err, 'invalid_token');
|
||||||
}
|
}
|
||||||
|
|
||||||
// success handler
|
// success handler
|
||||||
var onSuccess = function() {
|
const onSuccess = () => {
|
||||||
socket[options.decodedPropertyName] = decoded;
|
socket[options.decodedPropertyName] = decoded;
|
||||||
socket.emit('authenticated');
|
socket.emit('authenticated');
|
||||||
if (server.$emit) {
|
if (server.$emit) {
|
||||||
server.$emit('authenticated', socket);
|
server.$emit('authenticated', socket);
|
||||||
} else {
|
} else {
|
||||||
//try getting the current namespace otherwise fallback to all sockets.
|
//try getting the current namespace otherwise fallback to all sockets.
|
||||||
var namespace = (server.nsps && socket.nsp &&
|
const namespace = (server.nsps && socket.nsp &&
|
||||||
server.nsps[socket.nsp.name]) ||
|
server.nsps[socket.nsp.name]) ||
|
||||||
server.sockets;
|
server.sockets;
|
||||||
|
|
||||||
// explicit namespace
|
// explicit namespace
|
||||||
namespace.emit('authenticated', socket);
|
namespace.emit('authenticated', socket);
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
if(options.additional_auth && typeof options.additional_auth === 'function') {
|
if (options.additional_auth && typeof options.additional_auth === 'function') {
|
||||||
options.additional_auth(decoded, onSuccess, onError);
|
options.additional_auth(decoded, onSuccess, onError);
|
||||||
} else {
|
} else {
|
||||||
onSuccess();
|
onSuccess();
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
var onSecretReady = function(err, secret) {
|
const onSecretReady = (err, secret) => {
|
||||||
if (err || !secret) {
|
if (err || !secret) {
|
||||||
return onError(err, 'invalid_secret');
|
return onError(err, 'invalid_secret');
|
||||||
}
|
}
|
||||||
@ -109,26 +114,26 @@ function noQsMethod(options) {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
function authorize(options, onConnection) {
|
function authorize (options, onConnection) {
|
||||||
options = xtend({ decodedPropertyName: 'decoded_token', encodedPropertyName: 'encoded_token' }, options);
|
options = xtend({ decodedPropertyName: 'decoded_token', encodedPropertyName: 'encoded_token' }, options);
|
||||||
|
|
||||||
if (typeof options.secret !== 'string' && typeof options.secret !== 'function') {
|
if (typeof options.secret !== 'string' && typeof options.secret !== 'function') {
|
||||||
throw new Error('Provided secret "' + options.secret + '" is invalid, must be of type string or function.');
|
throw new Error(`Provided secret ${options.secret} is invalid, must be of type string or function.`);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!options.handshake) {
|
if (!options.handshake) {
|
||||||
return noQsMethod(options);
|
return noQsMethod(options);
|
||||||
}
|
}
|
||||||
|
|
||||||
var defaults = {
|
const defaults = {
|
||||||
success: function(socket, accept){
|
success: (socket, accept) => {
|
||||||
if (socket.request) {
|
if (socket.request) {
|
||||||
accept();
|
accept();
|
||||||
} else {
|
} else {
|
||||||
accept(null, true);
|
accept(null, true);
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
fail: function(error, socket, accept){
|
fail: (error, socket, accept) => {
|
||||||
if (socket.request) {
|
if (socket.request) {
|
||||||
accept(error);
|
accept(error);
|
||||||
} else {
|
} else {
|
||||||
@ -137,19 +142,21 @@ function authorize(options, onConnection) {
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
var auth = xtend(defaults, options);
|
const auth = xtend(defaults, options);
|
||||||
|
|
||||||
return function(socket, accept){
|
return (socket, accept) => {
|
||||||
var token, error;
|
'use strict'; // Node 4.x workaround
|
||||||
var handshake = socket.handshake;
|
let token, error;
|
||||||
var req = socket.request || socket;
|
|
||||||
var authorization_header = (req.headers || {}).authorization;
|
const handshake = socket.handshake;
|
||||||
|
const req = socket.request || socket;
|
||||||
|
const authorization_header = (req.headers || {}).authorization;
|
||||||
|
|
||||||
if (authorization_header) {
|
if (authorization_header) {
|
||||||
var parts = authorization_header.split(' ');
|
const parts = authorization_header.split(' ');
|
||||||
if (parts.length == 2) {
|
if (parts.length == 2) {
|
||||||
var scheme = parts[0],
|
const scheme = parts[0],
|
||||||
credentials = parts[1];
|
credentials = parts[1];
|
||||||
|
|
||||||
if (scheme.toLowerCase() === 'bearer') {
|
if (scheme.toLowerCase() === 'bearer') {
|
||||||
token = credentials;
|
token = credentials;
|
||||||
@ -162,8 +169,15 @@ function authorize(options, onConnection) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//get the token from handshake or query string
|
// Check if the header has to include authentication
|
||||||
if (handshake && handshake.query.token){
|
if (options.auth_header_required && !token) {
|
||||||
|
return auth.fail(new UnauthorizedError('missing_authorization_header', {
|
||||||
|
message: 'Server requires Authorization Header'
|
||||||
|
}), socket, accept);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the token from handshake or query string
|
||||||
|
if (handshake && handshake.query.token) {
|
||||||
token = handshake.query.token;
|
token = handshake.query.token;
|
||||||
}
|
}
|
||||||
else if (req._query && req._query.token) {
|
else if (req._query && req._query.token) {
|
||||||
@ -175,7 +189,7 @@ function authorize(options, onConnection) {
|
|||||||
|
|
||||||
if (!token) {
|
if (!token) {
|
||||||
error = new UnauthorizedError('credentials_required', {
|
error = new UnauthorizedError('credentials_required', {
|
||||||
message: 'No Authorization header was found'
|
message: 'no token provided'
|
||||||
});
|
});
|
||||||
return auth.fail(error, socket, accept);
|
return auth.fail(error, socket, accept);
|
||||||
}
|
}
|
||||||
@ -183,8 +197,7 @@ function authorize(options, onConnection) {
|
|||||||
// Store encoded JWT
|
// Store encoded JWT
|
||||||
socket[options.encodedPropertyName] = token;
|
socket[options.encodedPropertyName] = token;
|
||||||
|
|
||||||
var onJwtVerificationReady = function(err, decoded) {
|
const onJwtVerificationReady = (err, decoded) => {
|
||||||
|
|
||||||
if (err) {
|
if (err) {
|
||||||
error = new UnauthorizedError(err.code || 'invalid_token', err);
|
error = new UnauthorizedError(err.code || 'invalid_token', err);
|
||||||
return auth.fail(error, socket, accept);
|
return auth.fail(error, socket, accept);
|
||||||
@ -195,7 +208,7 @@ function authorize(options, onConnection) {
|
|||||||
return auth.success(socket, accept);
|
return auth.success(socket, accept);
|
||||||
};
|
};
|
||||||
|
|
||||||
var onSecretReady = function(err, secret) {
|
const onSecretReady = (err, secret) => {
|
||||||
if (err) {
|
if (err) {
|
||||||
error = new UnauthorizedError(err.code || 'invalid_secret', err);
|
error = new UnauthorizedError(err.code || 'invalid_secret', err);
|
||||||
return auth.fail(error, socket, accept);
|
return auth.fail(error, socket, accept);
|
||||||
@ -208,13 +221,15 @@ function authorize(options, onConnection) {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
function getSecret(request, secret, token, callback) {
|
function getSecret (request, secret, token, callback) {
|
||||||
|
'use strict'; // Node 4.x workaround
|
||||||
|
|
||||||
if (typeof secret === 'function') {
|
if (typeof secret === 'function') {
|
||||||
if (!token) {
|
if (!token) {
|
||||||
return callback({ code: 'invalid_token', message: 'jwt must be provided' });
|
return callback({ code: 'invalid_token', message: 'jwt must be provided' });
|
||||||
}
|
}
|
||||||
|
|
||||||
var parts = token.split('.');
|
const parts = token.split('.');
|
||||||
|
|
||||||
if (parts.length < 3) {
|
if (parts.length < 3) {
|
||||||
return callback({ code: 'invalid_token', message: 'jwt malformed' });
|
return callback({ code: 'invalid_token', message: 'jwt malformed' });
|
||||||
@ -224,7 +239,7 @@ function getSecret(request, secret, token, callback) {
|
|||||||
return callback({ code: 'invalid_token', message: 'jwt signature is required' });
|
return callback({ code: 'invalid_token', message: 'jwt signature is required' });
|
||||||
}
|
}
|
||||||
|
|
||||||
var decodedToken = jwt.decode(token);
|
let decodedToken = jwt.decode(token);
|
||||||
|
|
||||||
if (!decodedToken) {
|
if (!decodedToken) {
|
||||||
return callback({ code: 'invalid_token', message: 'jwt malformed' });
|
return callback({ code: 'invalid_token', message: 'jwt malformed' });
|
||||||
@ -234,7 +249,7 @@ function getSecret(request, secret, token, callback) {
|
|||||||
} else {
|
} else {
|
||||||
callback(null, secret);
|
callback(null, secret);
|
||||||
}
|
}
|
||||||
};
|
}
|
||||||
|
|
||||||
exports.authorize = authorize;
|
exports.authorize = authorize;
|
||||||
exports.UnauthorizedError = UnauthorizedError;
|
exports.UnauthorizedError = UnauthorizedError;
|
||||||
|
@ -32,7 +32,8 @@
|
|||||||
"express": "~4.15.2",
|
"express": "~4.15.2",
|
||||||
"mocha": "~3.2.0",
|
"mocha": "~3.2.0",
|
||||||
"request": "~2.81.0",
|
"request": "~2.81.0",
|
||||||
"serve-static": "^1.12.1",
|
"serve-static": "^1.13.2",
|
||||||
|
"q": "^1.5.1",
|
||||||
"server-destroy": "~1.0.1",
|
"server-destroy": "~1.0.1",
|
||||||
"should": "~11.2.1",
|
"should": "~11.2.1",
|
||||||
"socket.io": "^1.7.3",
|
"socket.io": "^1.7.3",
|
||||||
|
@ -1,74 +1,141 @@
|
|||||||
var fixture = require('./fixture');
|
const Q = require('q');
|
||||||
var request = require('request');
|
const fixture = require('./fixture');
|
||||||
var io = require('socket.io-client');
|
const request = require('request');
|
||||||
|
const io = require('socket.io-client');
|
||||||
describe('authorizer', function () {
|
|
||||||
|
|
||||||
|
describe('authorizer', () => {
|
||||||
//start and stop the server
|
//start and stop the server
|
||||||
before(fixture.start);
|
before((done) => { fixture.start({ }, done) });
|
||||||
after(fixture.stop);
|
after(fixture.stop);
|
||||||
|
|
||||||
describe('when the user is not logged in', function () {
|
describe('when the user is not logged in', () => {
|
||||||
|
it('should emit error with unauthorized handshake', (done) => {
|
||||||
it('should emit error with unauthorized handshake', function (done){
|
const socket = io.connect('http://localhost:9000?token=boooooo', {
|
||||||
var socket = io.connect('http://localhost:9000?token=boooooo', {
|
forceNew: true
|
||||||
'forceNew': true
|
|
||||||
});
|
});
|
||||||
|
|
||||||
socket.on('error', function(err){
|
socket.on('error', (err) => {
|
||||||
err.message.should.eql("jwt malformed");
|
err.message.should.eql('jwt malformed');
|
||||||
err.code.should.eql("invalid_token");
|
err.code.should.eql('invalid_token');
|
||||||
socket.close();
|
socket.close();
|
||||||
done();
|
done();
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('when the user is logged in', function() {
|
describe('when the user is logged in', () => {
|
||||||
|
before((done) => {
|
||||||
beforeEach(function (done) {
|
|
||||||
request.post({
|
request.post({
|
||||||
url: 'http://localhost:9000/login',
|
url: 'http://localhost:9000/login',
|
||||||
form: { username: 'jose', password: 'Pa123' },
|
form: { username: 'jose', password: 'Pa123' },
|
||||||
json: true
|
json: true
|
||||||
}, function (err, resp, body) {
|
}, (err, resp, body) => {
|
||||||
this.token = body.token;
|
this.token = body.token;
|
||||||
done();
|
done();
|
||||||
}.bind(this));
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', function (done){
|
describe('authorizer disallows query string token when specified in startup options', () => {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
before((done) => {
|
||||||
'forceNew':true,
|
Q.ninvoke(fixture, 'stop')
|
||||||
'query': 'token=' + this.token
|
.then(() => Q.ninvoke(fixture, 'start', { auth_header_required: true }))
|
||||||
|
.done(done);
|
||||||
});
|
});
|
||||||
socket.on('connect', function(){
|
|
||||||
socket.close();
|
after((done) => {
|
||||||
done();
|
Q.ninvoke(fixture, 'stop')
|
||||||
}).on('error', done);
|
.then(() => Q.ninvoke(fixture, 'start', { }))
|
||||||
|
.done(done);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('auth headers are supported', (done) => {
|
||||||
|
const socket = io.connect('http://localhost:9000', {
|
||||||
|
forceNew: true,
|
||||||
|
extraHeaders: { Authorization: 'Bearer ' + this.token}
|
||||||
|
});
|
||||||
|
|
||||||
|
socket
|
||||||
|
.on('connect', () => {
|
||||||
|
socket.close();
|
||||||
|
done();
|
||||||
|
})
|
||||||
|
.on('error', done);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('auth token in query string is disallowed', (done) => {
|
||||||
|
const socket = io.connect('http://localhost:9000', {
|
||||||
|
forceNew: true,
|
||||||
|
query: 'token=' + this.token
|
||||||
|
});
|
||||||
|
|
||||||
|
socket.on('error', (err) => {
|
||||||
|
err.message.should.eql('Server requires Authorization Header');
|
||||||
|
err.code.should.eql('missing_authorization_header');
|
||||||
|
socket.close();
|
||||||
|
done();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
})
|
||||||
|
|
||||||
|
describe('authorizer all auth types allowed', () => {
|
||||||
|
before((done) => {
|
||||||
|
Q.ninvoke(fixture, 'stop')
|
||||||
|
.then(() => Q.ninvoke(fixture, 'start', {}))
|
||||||
|
.done(done);
|
||||||
|
})
|
||||||
|
|
||||||
|
it('auth headers are supported', (done) => {
|
||||||
|
const socket = io.connect('http://localhost:9000', {
|
||||||
|
forceNew: true,
|
||||||
|
extraHeaders: { Authorization: 'Bearer ' + this.token }
|
||||||
|
});
|
||||||
|
|
||||||
|
socket
|
||||||
|
.on('connect', () => {
|
||||||
|
socket.close();
|
||||||
|
done();
|
||||||
|
})
|
||||||
|
.on('error', done);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should do the handshake and connect', (done) => {
|
||||||
|
const socket = io.connect('http://localhost:9000', {
|
||||||
|
forceNew: true,
|
||||||
|
query: 'token=' + this.token
|
||||||
|
});
|
||||||
|
|
||||||
|
socket
|
||||||
|
.on('connect', () => {
|
||||||
|
socket.close();
|
||||||
|
done();
|
||||||
|
})
|
||||||
|
.on('error', done);
|
||||||
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('unsgined token', function() {
|
describe('unsigned token', () => {
|
||||||
beforeEach(function () {
|
beforeEach(() => {
|
||||||
this.token = 'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.';
|
this.token = 'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.';
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should not do the handshake and connect', function (done){
|
it('should not do the handshake and connect', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'forceNew':true,
|
forceNew: true,
|
||||||
'query': 'token=' + this.token
|
query: 'token=' + this.token
|
||||||
});
|
|
||||||
socket.on('connect', function () {
|
|
||||||
socket.close();
|
|
||||||
done(new Error('this shouldnt happen'));
|
|
||||||
}).on('error', function (err) {
|
|
||||||
socket.close();
|
|
||||||
err.message.should.eql("jwt signature is required");
|
|
||||||
done();
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
socket
|
||||||
|
.on('connect', () => {
|
||||||
|
socket.close();
|
||||||
|
done(new Error('this shouldnt happen'));
|
||||||
|
})
|
||||||
|
.on('error', (err) => {
|
||||||
|
socket.close();
|
||||||
|
err.message.should.eql('jwt signature is required');
|
||||||
|
done();
|
||||||
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
|
@ -1,53 +1,45 @@
|
|||||||
var fixture = require('./fixture/namespace');
|
const fixture = require('./fixture/namespace');
|
||||||
var request = require('request');
|
const request = require('request');
|
||||||
var io = require('socket.io-client');
|
const io = require('socket.io-client');
|
||||||
|
|
||||||
describe('authorizer with namespaces', function () {
|
describe('authorizer with namespaces', () => {
|
||||||
|
|
||||||
//start and stop the server
|
//start and stop the server
|
||||||
before(fixture.start);
|
before(fixture.start);
|
||||||
|
|
||||||
after(fixture.stop);
|
after(fixture.stop);
|
||||||
|
|
||||||
describe('when the user is not logged in', function () {
|
describe('when the user is not logged in', () => {
|
||||||
|
|
||||||
it('should be able to connect to the default namespace', function (done){
|
it('should be able to connect to the default namespace', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000');
|
io.connect('http://localhost:9000')
|
||||||
socket.once('hi', done);
|
.once('hi', () => done());
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should not be able to connect to the admin namespace', function (done){
|
it('should not be able to connect to the admin namespace', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000/admin');
|
io.connect('http://localhost:9000/admin')
|
||||||
socket.once('disconnect', function () {
|
.once('disconnect', () => done())
|
||||||
done();
|
.once('hi admin', () => done(new Error('unauthenticated client was able to connect to the admin namespace')));
|
||||||
});
|
|
||||||
});
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('when the user is logged in', function() {
|
describe('when the user is logged in', () => {
|
||||||
|
|
||||||
beforeEach(function (done) {
|
beforeEach((done) => {
|
||||||
request.post({
|
request.post({
|
||||||
url: 'http://localhost:9000/login',
|
url: 'http://localhost:9000/login',
|
||||||
form: { username: 'jose', password: 'Pa123' },
|
form: { username: 'jose', password: 'Pa123' },
|
||||||
json: true
|
json: true
|
||||||
}, function (err, resp, body) {
|
}, (err, resp, body) => {
|
||||||
this.token = body.token;
|
this.token = body.token;
|
||||||
done();
|
done();
|
||||||
}.bind(this));
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', function (done){
|
it('should do the handshake and connect', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000/admin', {
|
io.connect('http://localhost:9000/admin', { forceNew: true })
|
||||||
'forceNew': true,
|
.on('authenticated', () => done())
|
||||||
});
|
.emit('authenticate', { token: this.token });
|
||||||
var token = this.token;
|
|
||||||
socket.on('connect', function(){
|
|
||||||
socket.on('authenticated', function () {
|
|
||||||
done();
|
|
||||||
}).emit('authenticate', { token: token });
|
|
||||||
});
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -1,69 +1,56 @@
|
|||||||
var fixture = require('./fixture');
|
const fixture = require('./fixture');
|
||||||
var request = require('request');
|
const request = require('request');
|
||||||
var io = require('socket.io-client');
|
const io = require('socket.io-client');
|
||||||
|
|
||||||
describe('authorizer without querystring', function () {
|
describe('authorizer without querystring', () => {
|
||||||
|
|
||||||
//start and stop the server
|
//start and stop the server
|
||||||
before(function (done) {
|
before((done) => {
|
||||||
fixture.start({
|
fixture.start({ handshake: false }, done);
|
||||||
handshake: false
|
|
||||||
} , done);
|
|
||||||
});
|
});
|
||||||
|
|
||||||
after(fixture.stop);
|
after(fixture.stop);
|
||||||
|
|
||||||
describe('when the user is not logged in', function () {
|
describe('when the user is not logged in', () => {
|
||||||
|
|
||||||
it('should close the connection after a timeout if no auth message is received', function (done){
|
it('should close the connection after a timeout if no auth message is received', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
io.connect('http://localhost:9000', { forceNew: true })
|
||||||
forceNew: true
|
.once('disconnect', () => done());
|
||||||
});
|
|
||||||
socket.once('disconnect', function () {
|
|
||||||
done();
|
|
||||||
});
|
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should not respond echo', function (done){
|
it('should not respond echo', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
io.connect('http://localhost:9000', { forceNew: true })
|
||||||
'forceNew':true,
|
.on('echo-response', () => done(new Error('this should not happen')))
|
||||||
});
|
.emit('echo', { hi: 123 });
|
||||||
|
|
||||||
socket.on('echo-response', function () {
|
|
||||||
done(new Error('this should not happen'));
|
|
||||||
}).emit('echo', { hi: 123 });
|
|
||||||
|
|
||||||
setTimeout(done, 1200);
|
setTimeout(done, 1200);
|
||||||
});
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('when the user is logged in', function() {
|
describe('when the user is logged in', () => {
|
||||||
|
|
||||||
beforeEach(function (done) {
|
beforeEach((done) => {
|
||||||
request.post({
|
request.post({
|
||||||
url: 'http://localhost:9000/login',
|
url: 'http://localhost:9000/login',
|
||||||
form: { username: 'jose', password: 'Pa123' },
|
form: { username: 'jose', password: 'Pa123' },
|
||||||
json: true
|
json: true
|
||||||
}, function (err, resp, body) {
|
}, (err, resp, body) => {
|
||||||
this.token = body.token;
|
this.token = body.token;
|
||||||
done();
|
done();
|
||||||
}.bind(this));
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', function (done){
|
it('should do the handshake and connect', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', { forceNew: true });
|
||||||
'forceNew':true,
|
|
||||||
});
|
socket
|
||||||
var token = this.token;
|
.on('echo-response', () => {
|
||||||
socket.on('connect', function(){
|
|
||||||
socket.on('echo-response', function () {
|
|
||||||
socket.close();
|
socket.close();
|
||||||
done();
|
done();
|
||||||
}).on('authenticated', function () {
|
})
|
||||||
socket.emit('echo');
|
.on('authenticated', () => { socket.emit('echo'); })
|
||||||
}).emit('authenticate', { token: token });
|
.emit('authenticate', { token: this.token });
|
||||||
});
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -1,76 +1,62 @@
|
|||||||
var fixture = require('./fixture/secret_function');
|
const fixture = require('./fixture/secret_function');
|
||||||
var request = require('request');
|
const request = require('request');
|
||||||
var io = require('socket.io-client');
|
const io = require('socket.io-client');
|
||||||
|
|
||||||
describe('authorizer with secret function', function () {
|
describe('authorizer with secret function', () => {
|
||||||
|
|
||||||
//start and stop the server
|
//start and stop the server
|
||||||
before(function (done) {
|
before((done) => {
|
||||||
fixture.start({
|
fixture.start({
|
||||||
handshake: false
|
handshake: false
|
||||||
} , done);
|
}, done);
|
||||||
});
|
});
|
||||||
|
|
||||||
after(fixture.stop);
|
after(fixture.stop);
|
||||||
|
|
||||||
describe('when the user is not logged in', function () {
|
describe('when the user is not logged in', () => {
|
||||||
|
|
||||||
describe('and when token is not valid', function() {
|
describe('and when token is not valid', () => {
|
||||||
beforeEach(function (done) {
|
beforeEach((done) => {
|
||||||
request.post({
|
request.post({
|
||||||
url: 'http://localhost:9000/login',
|
url: 'http://localhost:9000/login',
|
||||||
json: { username: 'invalid_signature', password: 'Pa123' }
|
json: { username: 'invalid_signature', password: 'Pa123' }
|
||||||
}, function (err, resp, body) {
|
}, (err, resp, body) => {
|
||||||
this.invalidToken = body.token;
|
this.invalidToken = body.token;
|
||||||
done();
|
done();
|
||||||
}.bind(this));
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should emit unauthorized', function (done){
|
it('should emit unauthorized', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
io.connect('http://localhost:9000', { forceNew: true })
|
||||||
'forceNew':true,
|
.on('unauthorized', () => done())
|
||||||
});
|
.emit('authenticate', { token: this.invalidToken + 'ass' })
|
||||||
|
|
||||||
var invalidToken = this.invalidToken;
|
|
||||||
socket.on('unauthorized', function() {
|
|
||||||
done();
|
|
||||||
});
|
|
||||||
|
|
||||||
socket.on('connect', function(){
|
|
||||||
socket
|
|
||||||
.emit('authenticate', { token: invalidToken + 'ass' })
|
|
||||||
});
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('when the user is logged in', function() {
|
describe('when the user is logged in', () => {
|
||||||
|
|
||||||
beforeEach(function (done) {
|
beforeEach((done) => {
|
||||||
request.post({
|
request.post({
|
||||||
url: 'http://localhost:9000/login',
|
url: 'http://localhost:9000/login',
|
||||||
json: { username: 'valid_signature', password: 'Pa123' }
|
json: { username: 'valid_signature', password: 'Pa123' }
|
||||||
}, function (err, resp, body) {
|
}, (err, resp, body) => {
|
||||||
this.token = body.token;
|
this.token = body.token;
|
||||||
done();
|
done();
|
||||||
}.bind(this));
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', function (done){
|
it('should do the handshake and connect', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', { forceNew: true });
|
||||||
'forceNew':true,
|
|
||||||
});
|
socket
|
||||||
var token = this.token;
|
.on('echo-response', () => {
|
||||||
socket.on('connect', function(){
|
|
||||||
socket.on('echo-response', function () {
|
|
||||||
socket.close();
|
socket.close();
|
||||||
done();
|
done();
|
||||||
}).on('authenticated', function () {
|
|
||||||
socket.emit('echo');
|
|
||||||
})
|
})
|
||||||
.emit('authenticate', { token: token })
|
.on('authenticated', () => { socket.emit('echo'); })
|
||||||
});
|
.emit('authenticate', { token: this.token });
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -1,23 +1,21 @@
|
|||||||
var fixture = require('./fixture/secret_function');
|
const fixture = require('./fixture/secret_function');
|
||||||
var request = require('request');
|
const request = require('request');
|
||||||
var io = require('socket.io-client');
|
const io = require('socket.io-client');
|
||||||
|
|
||||||
describe('authorizer with secret function', function () {
|
describe('authorizer with secret function', () => {
|
||||||
|
|
||||||
//start and stop the server
|
//start and stop the server
|
||||||
before(fixture.start);
|
before(fixture.start);
|
||||||
after(fixture.stop);
|
after(fixture.stop);
|
||||||
|
|
||||||
describe('when the user is not logged in', function () {
|
describe('when the user is not logged in', () => {
|
||||||
|
|
||||||
it('should emit error with unauthorized handshake', function (done){
|
it('should emit error with unauthorized handshake', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000?token=boooooo', {
|
const socket = io.connect('http://localhost:9000?token=boooooo', { forceNew: true });
|
||||||
'forceNew': true
|
|
||||||
});
|
|
||||||
|
|
||||||
socket.on('error', function(err){
|
socket.on('error', (err) => {
|
||||||
err.message.should.eql("jwt malformed");
|
err.message.should.eql('jwt malformed');
|
||||||
err.code.should.eql("invalid_token");
|
err.code.should.eql('invalid_token');
|
||||||
socket.close();
|
socket.close();
|
||||||
done();
|
done();
|
||||||
});
|
});
|
||||||
@ -25,48 +23,54 @@ describe('authorizer with secret function', function () {
|
|||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('when the user is logged in', function() {
|
describe('when the user is logged in', () => {
|
||||||
|
|
||||||
beforeEach(function (done) {
|
beforeEach((done) => {
|
||||||
request.post({
|
request.post({
|
||||||
url: 'http://localhost:9000/login',
|
url: 'http://localhost:9000/login',
|
||||||
json: { username: 'valid_signature', password: 'Pa123' }
|
json: { username: 'valid_signature', password: 'Pa123' }
|
||||||
}, function (err, resp, body) {
|
}, (err, resp, body) => {
|
||||||
this.token = body.token;
|
this.token = body.token;
|
||||||
done();
|
done();
|
||||||
}.bind(this));
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', function (done){
|
it('should do the handshake and connect', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'forceNew':true,
|
forceNew: true,
|
||||||
'query': 'token=' + this.token
|
query: 'token=' + this.token
|
||||||
});
|
});
|
||||||
socket.on('connect', function(){
|
|
||||||
socket.close();
|
socket
|
||||||
done();
|
.on('connect', () => {
|
||||||
}).on('error', done);
|
socket.close();
|
||||||
|
done();
|
||||||
|
})
|
||||||
|
.on('error', done);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('unsigned token', function() {
|
describe('unsigned token', () => {
|
||||||
beforeEach(function () {
|
beforeEach(() => {
|
||||||
this.token = 'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.';
|
this.token = 'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.';
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should not do the handshake and connect', function (done){
|
it('should not do the handshake and connect', (done) => {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'forceNew':true,
|
forceNew: true,
|
||||||
'query': 'token=' + this.token
|
query: 'token=' + this.token
|
||||||
});
|
|
||||||
socket.on('connect', function () {
|
|
||||||
socket.close();
|
|
||||||
done(new Error('this shouldnt happen'));
|
|
||||||
}).on('error', function (err) {
|
|
||||||
socket.close();
|
|
||||||
err.message.should.eql("jwt signature is required");
|
|
||||||
done();
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
socket
|
||||||
|
.on('connect', () => {
|
||||||
|
socket.close();
|
||||||
|
done(new Error('this shouldnt happen'));
|
||||||
|
})
|
||||||
|
.on('error', (err) => {
|
||||||
|
socket.close();
|
||||||
|
err.message.should.eql('jwt signature is required');
|
||||||
|
done();
|
||||||
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -1,20 +1,21 @@
|
|||||||
var express = require('express');
|
'use strict'; // Node 4.x workaround
|
||||||
var http = require('http');
|
|
||||||
|
|
||||||
var socketIo = require('socket.io');
|
const express = require('express');
|
||||||
var socketio_jwt = require('../../lib');
|
const http = require('http');
|
||||||
|
|
||||||
var jwt = require('jsonwebtoken');
|
const socketIo = require('socket.io');
|
||||||
|
const socketio_jwt = require('../../lib');
|
||||||
|
|
||||||
var xtend = require('xtend');
|
const jwt = require('jsonwebtoken');
|
||||||
var bodyParser = require('body-parser');
|
const xtend = require('xtend');
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const enableDestroy = require('server-destroy');
|
||||||
|
|
||||||
var server, sio;
|
let sio;
|
||||||
var enableDestroy = require('server-destroy');
|
|
||||||
|
|
||||||
exports.start = function (options, callback) {
|
exports.start = (options, callback) => {
|
||||||
|
|
||||||
if(typeof options == 'function'){
|
if (typeof options == 'function') {
|
||||||
callback = options;
|
callback = options;
|
||||||
options = {};
|
options = {};
|
||||||
}
|
}
|
||||||
@ -25,12 +26,13 @@ exports.start = function (options, callback) {
|
|||||||
handshake: true
|
handshake: true
|
||||||
}, options);
|
}, options);
|
||||||
|
|
||||||
var app = express();
|
const app = express();
|
||||||
|
const server = http.createServer(app);
|
||||||
|
sio = socketIo.listen(server);
|
||||||
|
|
||||||
app.use(bodyParser.json());
|
app.use(bodyParser.json());
|
||||||
|
app.post('/login', (req, res) => {
|
||||||
app.post('/login', function (req, res) {
|
const profile = {
|
||||||
var profile = {
|
|
||||||
first_name: 'John',
|
first_name: 'John',
|
||||||
last_name: 'Doe',
|
last_name: 'Doe',
|
||||||
email: 'john@doe.com',
|
email: 'john@doe.com',
|
||||||
@ -38,43 +40,39 @@ exports.start = function (options, callback) {
|
|||||||
};
|
};
|
||||||
|
|
||||||
// We are sending the profile inside the token
|
// We are sending the profile inside the token
|
||||||
var token = jwt.sign(profile, options.secret, { expiresIn: 60*60*5 });
|
const token = jwt.sign(profile, options.secret, { expiresIn: 60*60*5 });
|
||||||
|
|
||||||
res.json({token: token});
|
res.json({token: token});
|
||||||
});
|
});
|
||||||
|
|
||||||
server = http.createServer(app);
|
|
||||||
|
|
||||||
sio = socketIo.listen(server);
|
|
||||||
|
|
||||||
if (options.handshake) {
|
if (options.handshake) {
|
||||||
sio.use(socketio_jwt.authorize(options));
|
sio.use(socketio_jwt.authorize(options));
|
||||||
|
|
||||||
sio.sockets.on('echo', function (m) {
|
sio.sockets.on('echo', (m) => {
|
||||||
sio.sockets.emit('echo-response', m);
|
sio.sockets.emit('echo-response', m);
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
sio.sockets
|
sio.sockets
|
||||||
.on('connection', socketio_jwt.authorize(options))
|
.on('connection', socketio_jwt.authorize(options))
|
||||||
.on('authenticated', function (socket) {
|
.on('authenticated', (socket) => {
|
||||||
socket.on('echo', function (m) {
|
socket.on('echo', (m) => {
|
||||||
socket.emit('echo-response', m);
|
socket.emit('echo-response', m);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
server.__sockets = [];
|
server.__sockets = [];
|
||||||
server.on('connection', function (c) {
|
server.on('connection', (c) => {
|
||||||
server.__sockets.push(c);
|
server.__sockets.push(c);
|
||||||
});
|
});
|
||||||
server.listen(9000, callback);
|
server.listen(9000, callback);
|
||||||
enableDestroy(server);
|
enableDestroy(server);
|
||||||
};
|
};
|
||||||
|
|
||||||
exports.stop = function (callback) {
|
exports.stop = (callback) => {
|
||||||
sio.close();
|
sio.close();
|
||||||
try {
|
try {
|
||||||
server.destroy();
|
server.destroy();
|
||||||
} catch (er) {}
|
} catch (er) {}
|
||||||
callback();
|
callback();
|
||||||
};
|
};
|
||||||
|
@ -1,36 +1,37 @@
|
|||||||
var express = require('express');
|
'use strict'; // Node 4.x workaround
|
||||||
var http = require('http');
|
|
||||||
|
|
||||||
var socketIo = require('socket.io');
|
const express = require('express');
|
||||||
var socketio_jwt = require('../../lib');
|
const http = require('http');
|
||||||
|
|
||||||
var jwt = require('jsonwebtoken');
|
const socketIo = require('socket.io');
|
||||||
|
const socketio_jwt = require('../../lib');
|
||||||
|
|
||||||
var xtend = require('xtend');
|
const jwt = require('jsonwebtoken');
|
||||||
var bodyParser = require('body-parser');
|
const enableDestroy = require('server-destroy');
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
|
||||||
var server, sio;
|
let sio;
|
||||||
var enableDestroy = require('server-destroy');
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This is an example server that shows how to do namespace authentication.
|
* This is an example server that shows how to do namespace authentication.
|
||||||
*
|
*
|
||||||
* The /admin namespace is protected by JWTs while the global namespace is public.
|
* The /admin namespace is protected by JWTs while the global namespace is public.
|
||||||
*/
|
*/
|
||||||
exports.start = function (callback) {
|
exports.start = (callback) => {
|
||||||
|
|
||||||
options = {
|
const options = {
|
||||||
secret: 'aaafoo super sercret',
|
secret: 'aaafoo super sercret',
|
||||||
timeout: 1000,
|
timeout: 1000,
|
||||||
handshake: false
|
handshake: false
|
||||||
};
|
};
|
||||||
|
|
||||||
var app = express();
|
const app = express();
|
||||||
|
const server = http.createServer(app);
|
||||||
|
sio = socketIo.listen(server);
|
||||||
|
|
||||||
app.use(bodyParser.json());
|
app.use(bodyParser.json());
|
||||||
|
app.post('/login', (req, res) => {
|
||||||
app.post('/login', function (req, res) {
|
const profile = {
|
||||||
var profile = {
|
|
||||||
first_name: 'John',
|
first_name: 'John',
|
||||||
last_name: 'Doe',
|
last_name: 'Doe',
|
||||||
email: 'john@doe.com',
|
email: 'john@doe.com',
|
||||||
@ -38,23 +39,20 @@ exports.start = function (callback) {
|
|||||||
};
|
};
|
||||||
|
|
||||||
// We are sending the profile inside the token
|
// We are sending the profile inside the token
|
||||||
var token = jwt.sign(profile, options.secret, { expiresIn: 60*60*5 });
|
const token = jwt.sign(profile, options.secret, { expiresIn: 60*60*5 });
|
||||||
|
res.json({ token: token });
|
||||||
res.json({token: token});
|
|
||||||
});
|
});
|
||||||
|
|
||||||
server = http.createServer(app);
|
|
||||||
|
|
||||||
sio = socketIo.listen(server);
|
|
||||||
|
|
||||||
sio.on('connection', function (socket) {
|
sio.on('connection', (socket) => {
|
||||||
socket.emit('hi');
|
socket.emit('hi');
|
||||||
});
|
});
|
||||||
|
|
||||||
var admin_nsp = sio.of('/admin');
|
const admin_nsp = sio.of('/admin');
|
||||||
|
|
||||||
admin_nsp.on('connection', socketio_jwt.authorize(options))
|
admin_nsp.on('connection', socketio_jwt.authorize(options))
|
||||||
.on('authenticated', function (socket) {
|
.on('authenticated', (socket) => {
|
||||||
socket.emit('hi admin');
|
socket.emit('hi admin');
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -63,10 +61,10 @@ exports.start = function (callback) {
|
|||||||
enableDestroy(server);
|
enableDestroy(server);
|
||||||
};
|
};
|
||||||
|
|
||||||
exports.stop = function (callback) {
|
exports.stop = (callback) => {
|
||||||
sio.close();
|
sio.close();
|
||||||
try {
|
try {
|
||||||
server.destroy();
|
server.destroy();
|
||||||
} catch (er) {}
|
} catch (er) {}
|
||||||
callback();
|
callback();
|
||||||
};
|
};
|
||||||
|
@ -1,42 +1,44 @@
|
|||||||
var express = require('express');
|
'use strict'; // Node 4.x workaround
|
||||||
var http = require('http');
|
|
||||||
|
|
||||||
var socketIo = require('socket.io');
|
const express = require('express');
|
||||||
var socketio_jwt = require('../../lib');
|
const http = require('http');
|
||||||
|
|
||||||
var jwt = require('jsonwebtoken');
|
const socketIo = require('socket.io');
|
||||||
|
const socketio_jwt = require('../../lib');
|
||||||
|
|
||||||
var xtend = require('xtend');
|
const jwt = require('jsonwebtoken');
|
||||||
var bodyParser = require('body-parser');
|
const xtend = require('xtend');
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const enableDestroy = require('server-destroy');
|
||||||
|
|
||||||
var server, sio;
|
let sio;
|
||||||
var enableDestroy = require('server-destroy');
|
|
||||||
|
|
||||||
exports.start = function (options, callback) {
|
exports.start = (options, callback) => {
|
||||||
var SECRETS = {
|
const SECRETS = {
|
||||||
123: 'aaafoo super sercret',
|
123: 'aaafoo super sercret',
|
||||||
555: 'other'
|
555: 'other'
|
||||||
};
|
};
|
||||||
|
|
||||||
if(typeof options == 'function'){
|
if (typeof options == 'function') {
|
||||||
callback = options;
|
callback = options;
|
||||||
options = {};
|
options = {};
|
||||||
}
|
}
|
||||||
|
|
||||||
options = xtend({
|
options = xtend({
|
||||||
secret: function(request, decodedToken, callback) {
|
secret: (request, decodedToken, callback) => {
|
||||||
callback(null, SECRETS[decodedToken.id]);
|
callback(null, SECRETS[decodedToken.id]);
|
||||||
},
|
},
|
||||||
timeout: 1000,
|
timeout: 1000,
|
||||||
handshake: true
|
handshake: true
|
||||||
}, options);
|
}, options);
|
||||||
|
|
||||||
var app = express();
|
const app = express();
|
||||||
|
const server = http.createServer(app);
|
||||||
|
sio = socketIo.listen(server);
|
||||||
|
|
||||||
app.use(bodyParser.json());
|
app.use(bodyParser.json());
|
||||||
|
app.post('/login', (req, res) => {
|
||||||
app.post('/login', function (req, res) {
|
const profile = {
|
||||||
var profile = {
|
|
||||||
first_name: 'John',
|
first_name: 'John',
|
||||||
last_name: 'Doe',
|
last_name: 'Doe',
|
||||||
email: 'john@doe.com',
|
email: 'john@doe.com',
|
||||||
@ -44,33 +46,28 @@ exports.start = function (options, callback) {
|
|||||||
};
|
};
|
||||||
|
|
||||||
// We are sending the profile inside the token
|
// We are sending the profile inside the token
|
||||||
var token = jwt.sign(profile, SECRETS[123], { expiresIn: 60*60*5 });
|
const token = jwt.sign(profile, SECRETS[123], { expiresIn: 60*60*5 });
|
||||||
|
|
||||||
res.json({token: token});
|
res.json({token: token});
|
||||||
});
|
});
|
||||||
|
|
||||||
server = http.createServer(app);
|
|
||||||
|
|
||||||
sio = socketIo.listen(server);
|
|
||||||
|
|
||||||
if (options.handshake) {
|
if (options.handshake) {
|
||||||
sio.use(socketio_jwt.authorize(options));
|
sio.use(socketio_jwt.authorize(options));
|
||||||
|
|
||||||
sio.sockets.on('echo', function (m) {
|
sio.sockets.on('echo', (m) => {
|
||||||
sio.sockets.emit('echo-response', m);
|
sio.sockets.emit('echo-response', m);
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
sio.sockets
|
sio.sockets
|
||||||
.on('connection', socketio_jwt.authorize(options))
|
.on('connection', socketio_jwt.authorize(options))
|
||||||
.on('authenticated', function (socket) {
|
.on('authenticated', (socket) => {
|
||||||
socket.on('echo', function (m) {
|
socket.on('echo', (m) => {
|
||||||
socket.emit('echo-response', m);
|
socket.emit('echo-response', m);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
server.__sockets = [];
|
server.__sockets = [];
|
||||||
server.on('connection', function (c) {
|
server.on('connection', (c) => {
|
||||||
server.__sockets.push(c);
|
server.__sockets.push(c);
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -78,7 +75,7 @@ exports.start = function (options, callback) {
|
|||||||
enableDestroy(server);
|
enableDestroy(server);
|
||||||
};
|
};
|
||||||
|
|
||||||
exports.stop = function (callback) {
|
exports.stop = (callback) => {
|
||||||
sio.close();
|
sio.close();
|
||||||
try {
|
try {
|
||||||
server.destroy();
|
server.destroy();
|
||||||
@ -86,4 +83,3 @@ exports.stop = function (callback) {
|
|||||||
|
|
||||||
callback();
|
callback();
|
||||||
};
|
};
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user