Fixed auth.required
Misc: - Resolved conflicts - Added test case, to fail if server grants prohibited admin access - Simplified test logic - Prevented usage of "var" (used const / let instead) - Formatting - Cleanup - Typos
This commit is contained in:
commit
27c59c3b0f
14
README.md
14
README.md
@ -52,7 +52,7 @@ io.sockets
|
|||||||
**Client side**
|
**Client side**
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var socket = io.connect('http://localhost:9000');
|
const socket = io.connect('http://localhost:9000');
|
||||||
socket.on('connect', function () {
|
socket.on('connect', function () {
|
||||||
socket
|
socket
|
||||||
.emit('authenticate', {token: jwt}) //send the jwt
|
.emit('authenticate', {token: jwt}) //send the jwt
|
||||||
@ -71,8 +71,8 @@ socket.on('connect', function () {
|
|||||||
The previous approach uses a second roundtrip to send the jwt. There is a way you can authenticate on the handshake by sending the JWT as a query string, the caveat is that intermediary HTTP servers can log the url.
|
The previous approach uses a second roundtrip to send the jwt. There is a way you can authenticate on the handshake by sending the JWT as a query string, the caveat is that intermediary HTTP servers can log the url.
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var io = require('socket.io')(server);
|
const io = require('socket.io')(server);
|
||||||
var socketioJwt = require('socketio-jwt');
|
const socketioJwt = require('socketio-jwt');
|
||||||
```
|
```
|
||||||
|
|
||||||
With socket.io < 1.0:
|
With socket.io < 1.0:
|
||||||
@ -108,7 +108,7 @@ For more validation options see [auth0/jsonwebtoken](https://github.com/auth0/no
|
|||||||
Append the jwt token using query string:
|
Append the jwt token using query string:
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'query': 'token=' + your_jwt
|
'query': 'token=' + your_jwt
|
||||||
});
|
});
|
||||||
```
|
```
|
||||||
@ -116,7 +116,7 @@ var socket = io.connect('http://localhost:9000', {
|
|||||||
Append the jwt token using 'Authorization Header' (Bearer Token):
|
Append the jwt token using 'Authorization Header' (Bearer Token):
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'extraHeaders': { Authorization: `Bearer ${your_jwt}` }
|
'extraHeaders': { Authorization: `Bearer ${your_jwt}` }
|
||||||
});
|
});
|
||||||
```
|
```
|
||||||
@ -144,7 +144,7 @@ io.use(socketioJwt.authorize({
|
|||||||
When you sign the token with an expiration time (example: 60 minutes):
|
When you sign the token with an expiration time (example: 60 minutes):
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var token = jwt.sign(user_profile, jwt_secret, {expiresIn: 60*60});
|
const token = jwt.sign(user_profile, jwt_secret, {expiresIn: 60*60});
|
||||||
```
|
```
|
||||||
|
|
||||||
Your client-side code should handle it as below:
|
Your client-side code should handle it as below:
|
||||||
@ -234,7 +234,7 @@ the provided token.
|
|||||||
**Server side**
|
**Server side**
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var SECRETS = {
|
const SECRETS = {
|
||||||
'user1': 'secret 1',
|
'user1': 'secret 1',
|
||||||
'user2': 'secret 2'
|
'user2': 'secret 2'
|
||||||
}
|
}
|
||||||
|
16
lib/index.js
16
lib/index.js
@ -17,12 +17,15 @@ function noQsMethod (options) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
socket.on('authenticate', function (data) {
|
let auth_timeout = null;
|
||||||
if (options.required) {
|
if (options.required) {
|
||||||
let auth_timeout = setTimeout(function () {
|
auth_timeout = setTimeout(function () {
|
||||||
socket.disconnect('unauthorized');
|
socket.disconnect('unauthorized');
|
||||||
}, options.timeout || 5000);
|
}, options.timeout || 5000);
|
||||||
|
}
|
||||||
|
|
||||||
|
socket.on('authenticate', function (data) {
|
||||||
|
if (options.required) {
|
||||||
clearTimeout(auth_timeout);
|
clearTimeout(auth_timeout);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -30,13 +33,12 @@ function noQsMethod (options) {
|
|||||||
const onError = function (err, code) {
|
const onError = function (err, code) {
|
||||||
if (err) {
|
if (err) {
|
||||||
code = code || 'unknown';
|
code = code || 'unknown';
|
||||||
|
|
||||||
const error = new UnauthorizedError(code, {
|
const error = new UnauthorizedError(code, {
|
||||||
message: (Object.prototype.toString.call(err) === '[object Object]' && err.message) ? err.message : err
|
message: (Object.prototype.toString.call(err) === '[object Object]' && err.message) ? err.message : err
|
||||||
});
|
});
|
||||||
|
|
||||||
let callback_timeout;
|
let callback_timeout;
|
||||||
// If callback explicitely set to false, start timeout to disconnect socket
|
// If callback explicitly set to false, start timeout to disconnect socket
|
||||||
if (options.callback === false || typeof options.callback === 'number') {
|
if (options.callback === false || typeof options.callback === 'number') {
|
||||||
if (typeof options.callback === 'number') {
|
if (typeof options.callback === 'number') {
|
||||||
if (options.callback < 0) {
|
if (options.callback < 0) {
|
||||||
@ -113,6 +115,10 @@ function noQsMethod (options) {
|
|||||||
function authorize (options, onConnection) {
|
function authorize (options, onConnection) {
|
||||||
options = xtend({ decodedPropertyName: 'decoded_token', encodedPropertyName: 'encoded_token' }, options);
|
options = xtend({ decodedPropertyName: 'decoded_token', encodedPropertyName: 'encoded_token' }, options);
|
||||||
|
|
||||||
|
if (typeof options.secret !== 'string') {
|
||||||
|
throw new Error(`Provided secret "${options.secret}" is invalid, must be of type string.`)
|
||||||
|
}
|
||||||
|
|
||||||
if (!options.handshake) {
|
if (!options.handshake) {
|
||||||
return noQsMethod(options);
|
return noQsMethod(options);
|
||||||
}
|
}
|
||||||
@ -163,7 +169,7 @@ function authorize (options, onConnection) {
|
|||||||
if (options.auth_header_required && !token) {
|
if (options.auth_header_required && !token) {
|
||||||
return auth.fail(new UnauthorizedError('missing_authorization_header', {
|
return auth.fail(new UnauthorizedError('missing_authorization_header', {
|
||||||
message: 'Server requires Authorization Header'
|
message: 'Server requires Authorization Header'
|
||||||
}), data, accept);
|
}), socket, accept);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get the token from handshake or query string
|
// Get the token from handshake or query string
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
var Q = require('q');
|
const Q = require('q');
|
||||||
var fixture = require('./fixture');
|
const fixture = require('./fixture');
|
||||||
var request = require('request');
|
const request = require('request');
|
||||||
var io = require('socket.io-client');
|
const io = require('socket.io-client');
|
||||||
|
|
||||||
describe('authorizer', function() {
|
describe('authorizer', function() {
|
||||||
//start and stop the server
|
//start and stop the server
|
||||||
@ -9,19 +9,18 @@ describe('authorizer', function() {
|
|||||||
after(fixture.stop);
|
after(fixture.stop);
|
||||||
|
|
||||||
describe('when the user is not logged in', function () {
|
describe('when the user is not logged in', function () {
|
||||||
it('should emit error with unauthorized handshake', function (done){
|
it('should emit error with unauthorized handshake', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000?token=boooooo', {
|
const socket = io.connect('http://localhost:9000?token=boooooo', {
|
||||||
'forceNew': true
|
forceNew: true
|
||||||
});
|
});
|
||||||
|
|
||||||
socket.on('error', function(err){
|
socket.on('error', function(err) {
|
||||||
err.message.should.eql("jwt malformed");
|
err.message.should.eql("jwt malformed");
|
||||||
err.code.should.eql("invalid_token");
|
err.code.should.eql("invalid_token");
|
||||||
socket.close();
|
socket.close();
|
||||||
done();
|
done();
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('when the user is logged in', function() {
|
describe('when the user is logged in', function() {
|
||||||
@ -41,30 +40,35 @@ describe('authorizer', function() {
|
|||||||
Q.ninvoke(fixture, 'stop')
|
Q.ninvoke(fixture, 'stop')
|
||||||
.then(function() { return Q.ninvoke(fixture, 'start', { auth_header_required: true })})
|
.then(function() { return Q.ninvoke(fixture, 'start', { auth_header_required: true })})
|
||||||
.done(done);
|
.done(done);
|
||||||
})
|
});
|
||||||
|
|
||||||
after(function(done) {
|
after(function(done) {
|
||||||
Q.ninvoke(fixture, 'stop')
|
Q.ninvoke(fixture, 'stop')
|
||||||
.then(function() { return Q.ninvoke(fixture, 'start', { })})
|
.then(function() { return Q.ninvoke(fixture, 'start', { })})
|
||||||
.done(done);
|
.done(done);
|
||||||
})
|
|
||||||
|
|
||||||
it('auth headers are supported', function (done){
|
|
||||||
var socket = io.connect('http://localhost:9000', {
|
|
||||||
'forceNew':true,
|
|
||||||
'extraHeaders': {'Authorization': 'Bearer ' + this.token}
|
|
||||||
});
|
});
|
||||||
socket.on('connect', function(){
|
|
||||||
|
it('auth headers are supported', function (done) {
|
||||||
|
const socket = io.connect('http://localhost:9000', {
|
||||||
|
forceNew: true,
|
||||||
|
extraHeaders: { Authorization: 'Bearer ' + this.token}
|
||||||
|
});
|
||||||
|
|
||||||
|
socket
|
||||||
|
.on('connect', function() {
|
||||||
socket.close();
|
socket.close();
|
||||||
done();
|
done();
|
||||||
}).on('error', done);
|
})
|
||||||
|
.on('error', done);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('auth token in query string is disallowed', function (done){
|
it('auth token in query string is disallowed', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'forceNew':true,
|
forceNew: true,
|
||||||
'query': 'token=' + this.token
|
query: 'token=' + this.token
|
||||||
});
|
});
|
||||||
socket.on('error', function(err){
|
|
||||||
|
socket.on('error', function(err) {
|
||||||
err.message.should.eql("Server requires Authorization Header");
|
err.message.should.eql("Server requires Authorization Header");
|
||||||
err.code.should.eql("missing_authorization_header");
|
err.code.should.eql("missing_authorization_header");
|
||||||
socket.close();
|
socket.close();
|
||||||
@ -80,44 +84,54 @@ describe('authorizer', function() {
|
|||||||
.done(done);
|
.done(done);
|
||||||
})
|
})
|
||||||
|
|
||||||
it('auth headers are supported', function (done){
|
it('auth headers are supported', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'forceNew':true,
|
forceNew: true,
|
||||||
'extraHeaders': {'Authorization': 'Bearer ' + this.token}
|
extraHeaders: { Authorization: 'Bearer ' + this.token }
|
||||||
});
|
|
||||||
socket.on('connect', function(){
|
|
||||||
socket.close();
|
|
||||||
done();
|
|
||||||
}).on('error', done);
|
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', function (done){
|
socket
|
||||||
var socket = io.connect('http://localhost:9000', {
|
.on('connect', function() {
|
||||||
'forceNew':true,
|
|
||||||
'query': 'token=' + this.token
|
|
||||||
});
|
|
||||||
socket.on('connect', function(){
|
|
||||||
socket.close();
|
socket.close();
|
||||||
done();
|
done();
|
||||||
}).on('error', done);
|
})
|
||||||
|
.on('error', done);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('should do the handshake and connect', function (done) {
|
||||||
|
const socket = io.connect('http://localhost:9000', {
|
||||||
|
forceNew: true,
|
||||||
|
query: 'token=' + this.token
|
||||||
|
});
|
||||||
|
|
||||||
|
socket
|
||||||
|
.on('connect', function() {
|
||||||
|
socket.close();
|
||||||
|
done();
|
||||||
|
})
|
||||||
|
.on('error', done);
|
||||||
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('unsgined token', function() {
|
describe('unsigned token', function() {
|
||||||
beforeEach(function () {
|
beforeEach(function () {
|
||||||
this.token = 'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.';
|
this.token = 'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.';
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should not do the handshake and connect', function (done){
|
it('should not do the handshake and connect', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'forceNew':true,
|
forceNew: true,
|
||||||
'query': 'token=' + this.token
|
query: 'token=' + this.token
|
||||||
});
|
});
|
||||||
socket.on('connect', function () {
|
|
||||||
|
socket
|
||||||
|
.on('connect', function () {
|
||||||
socket.close();
|
socket.close();
|
||||||
done(new Error('this shouldnt happen'));
|
done(new Error('this shouldnt happen'));
|
||||||
}).on('error', function (err) {
|
})
|
||||||
|
.on('error', function (err) {
|
||||||
socket.close();
|
socket.close();
|
||||||
err.message.should.eql("jwt signature is required");
|
err.message.should.eql("jwt signature is required");
|
||||||
done();
|
done();
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
var fixture = require('./fixture/namespace');
|
const fixture = require('./fixture/namespace');
|
||||||
var request = require('request');
|
const request = require('request');
|
||||||
var io = require('socket.io-client');
|
const io = require('socket.io-client');
|
||||||
|
|
||||||
describe('authorizer with namespaces', function () {
|
describe('authorizer with namespaces', function () {
|
||||||
|
|
||||||
@ -11,15 +11,16 @@ describe('authorizer with namespaces', function () {
|
|||||||
|
|
||||||
describe('when the user is not logged in', function () {
|
describe('when the user is not logged in', function () {
|
||||||
|
|
||||||
it('should be able to connect to the default namespace', function (done){
|
it('should be able to connect to the default namespace', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000');
|
io.connect('http://localhost:9000')
|
||||||
socket.once('hi', done);
|
.once('hi', done);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should not be able to connect to the admin namespace', function (done){
|
it('should not be able to connect to the admin namespace', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000/admin');
|
io.connect('http://localhost:9000/admin')
|
||||||
socket.once('disconnect', function () {
|
.once('disconnect', function() { done(); })
|
||||||
done();
|
.once('hi admin', function() {
|
||||||
|
done(new Error('unauthenticated client was able to connect to the admin namespace'));
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -38,16 +39,10 @@ describe('authorizer with namespaces', function () {
|
|||||||
}.bind(this));
|
}.bind(this));
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', function (done){
|
it('should do the handshake and connect', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000/admin', {
|
io.connect('http://localhost:9000/admin', { forceNew: true })
|
||||||
'forceNew': true,
|
.on('authenticated', done)
|
||||||
});
|
.emit('authenticate', { token: this.token });
|
||||||
var token = this.token;
|
|
||||||
socket.on('connect', function(){
|
|
||||||
socket.on('authenticated', function () {
|
|
||||||
done();
|
|
||||||
}).emit('authenticate', { token: token });
|
|
||||||
});
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
var fixture = require('./fixture');
|
const fixture = require('./fixture');
|
||||||
var request = require('request');
|
const request = require('request');
|
||||||
var io = require('socket.io-client');
|
const io = require('socket.io-client');
|
||||||
|
|
||||||
describe('authorizer without querystring', function () {
|
describe('authorizer without querystring', function () {
|
||||||
|
|
||||||
@ -15,23 +15,17 @@ describe('authorizer without querystring', function () {
|
|||||||
|
|
||||||
describe('when the user is not logged in', function () {
|
describe('when the user is not logged in', function () {
|
||||||
|
|
||||||
it('should close the connection after a timeout if no auth message is received', function (done){
|
it('should close the connection after a timeout if no auth message is received', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
io.connect('http://localhost:9000', { forceNew: true })
|
||||||
forceNew: true
|
.once('disconnect', function () { done(); });
|
||||||
});
|
|
||||||
socket.once('disconnect', function () {
|
|
||||||
done();
|
|
||||||
});
|
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should not respond echo', function (done){
|
it('should not respond echo', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
io.connect('http://localhost:9000', { forceNew: true })
|
||||||
'forceNew':true,
|
.on('echo-response', function () {
|
||||||
});
|
|
||||||
|
|
||||||
socket.on('echo-response', function () {
|
|
||||||
done(new Error('this should not happen'));
|
done(new Error('this should not happen'));
|
||||||
}).emit('echo', { hi: 123 });
|
})
|
||||||
|
.emit('echo', { hi: 123 });
|
||||||
|
|
||||||
setTimeout(done, 1200);
|
setTimeout(done, 1200);
|
||||||
});
|
});
|
||||||
@ -51,19 +45,18 @@ describe('authorizer without querystring', function () {
|
|||||||
}.bind(this));
|
}.bind(this));
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', function (done){
|
it('should do the handshake and connect', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', { forceNew: true });
|
||||||
'forceNew':true,
|
|
||||||
});
|
socket
|
||||||
var token = this.token;
|
.on('echo-response', function () {
|
||||||
socket.on('connect', function(){
|
|
||||||
socket.on('echo-response', function () {
|
|
||||||
socket.close();
|
socket.close();
|
||||||
done();
|
done();
|
||||||
}).on('authenticated', function () {
|
})
|
||||||
|
.on('authenticated', function () {
|
||||||
socket.emit('echo');
|
socket.emit('echo');
|
||||||
}).emit('authenticate', { token: token });
|
})
|
||||||
});
|
.emit('authenticate', { token: this.token });
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
var fixture = require('./fixture/secret_function');
|
const fixture = require('./fixture/secret_function');
|
||||||
var request = require('request');
|
const request = require('request');
|
||||||
var io = require('socket.io-client');
|
const io = require('socket.io-client');
|
||||||
|
|
||||||
describe('authorizer with secret function', function () {
|
describe('authorizer with secret function', function () {
|
||||||
|
|
||||||
@ -8,7 +8,7 @@ describe('authorizer with secret function', function () {
|
|||||||
before(function (done) {
|
before(function (done) {
|
||||||
fixture.start({
|
fixture.start({
|
||||||
handshake: false
|
handshake: false
|
||||||
} , done);
|
}, done);
|
||||||
});
|
});
|
||||||
|
|
||||||
after(fixture.stop);
|
after(fixture.stop);
|
||||||
@ -26,20 +26,10 @@ describe('authorizer with secret function', function () {
|
|||||||
}.bind(this));
|
}.bind(this));
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should emit unauthorized', function (done){
|
it('should emit unauthorized', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
io.connect('http://localhost:9000', { forceNew: true })
|
||||||
'forceNew':true,
|
.on('unauthorized', function() { done(); })
|
||||||
});
|
.emit('authenticate', { token: this.invalidToken + 'ass' })
|
||||||
|
|
||||||
var invalidToken = this.invalidToken;
|
|
||||||
socket.on('unauthorized', function() {
|
|
||||||
done();
|
|
||||||
});
|
|
||||||
|
|
||||||
socket.on('connect', function(){
|
|
||||||
socket
|
|
||||||
.emit('authenticate', { token: invalidToken + 'ass' })
|
|
||||||
});
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -57,20 +47,18 @@ describe('authorizer with secret function', function () {
|
|||||||
}.bind(this));
|
}.bind(this));
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', function (done){
|
it('should do the handshake and connect', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', { forceNew: true });
|
||||||
'forceNew':true,
|
|
||||||
});
|
socket
|
||||||
var token = this.token;
|
.on('echo-response', function () {
|
||||||
socket.on('connect', function(){
|
|
||||||
socket.on('echo-response', function () {
|
|
||||||
socket.close();
|
socket.close();
|
||||||
done();
|
done();
|
||||||
}).on('authenticated', function () {
|
})
|
||||||
|
.on('authenticated', function () {
|
||||||
socket.emit('echo');
|
socket.emit('echo');
|
||||||
})
|
})
|
||||||
.emit('authenticate', { token: token })
|
.emit('authenticate', { token: this.token });
|
||||||
});
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
var fixture = require('./fixture/secret_function');
|
const fixture = require('./fixture/secret_function');
|
||||||
var request = require('request');
|
const request = require('request');
|
||||||
var io = require('socket.io-client');
|
const io = require('socket.io-client');
|
||||||
|
|
||||||
describe('authorizer with secret function', function () {
|
describe('authorizer with secret function', function () {
|
||||||
|
|
||||||
@ -10,12 +10,10 @@ describe('authorizer with secret function', function () {
|
|||||||
|
|
||||||
describe('when the user is not logged in', function () {
|
describe('when the user is not logged in', function () {
|
||||||
|
|
||||||
it('should emit error with unauthorized handshake', function (done){
|
it('should emit error with unauthorized handshake', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000?token=boooooo', {
|
const socket = io.connect('http://localhost:9000?token=boooooo', { forceNew: true });
|
||||||
'forceNew': true
|
|
||||||
});
|
|
||||||
|
|
||||||
socket.on('error', function(err){
|
socket.on('error', function(err) {
|
||||||
err.message.should.eql("jwt malformed");
|
err.message.should.eql("jwt malformed");
|
||||||
err.code.should.eql("invalid_token");
|
err.code.should.eql("invalid_token");
|
||||||
socket.close();
|
socket.close();
|
||||||
@ -37,15 +35,18 @@ describe('authorizer with secret function', function () {
|
|||||||
}.bind(this));
|
}.bind(this));
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', function (done){
|
it('should do the handshake and connect', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'forceNew':true,
|
forceNew: true,
|
||||||
'query': 'token=' + this.token
|
query: 'token=' + this.token
|
||||||
});
|
});
|
||||||
socket.on('connect', function(){
|
|
||||||
|
socket
|
||||||
|
.on('connect', function() {
|
||||||
socket.close();
|
socket.close();
|
||||||
done();
|
done();
|
||||||
}).on('error', done);
|
})
|
||||||
|
.on('error', done);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -54,15 +55,18 @@ describe('authorizer with secret function', function () {
|
|||||||
this.token = 'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.';
|
this.token = 'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.';
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should not do the handshake and connect', function (done){
|
it('should not do the handshake and connect', function (done) {
|
||||||
var socket = io.connect('http://localhost:9000', {
|
const socket = io.connect('http://localhost:9000', {
|
||||||
'forceNew':true,
|
forceNew: true,
|
||||||
'query': 'token=' + this.token
|
query: 'token=' + this.token
|
||||||
});
|
});
|
||||||
socket.on('connect', function () {
|
|
||||||
|
socket
|
||||||
|
.on('connect', function () {
|
||||||
socket.close();
|
socket.close();
|
||||||
done(new Error('this shouldnt happen'));
|
done(new Error('this shouldnt happen'));
|
||||||
}).on('error', function (err) {
|
})
|
||||||
|
.on('error', function (err) {
|
||||||
socket.close();
|
socket.close();
|
||||||
err.message.should.eql("jwt signature is required");
|
err.message.should.eql("jwt signature is required");
|
||||||
done();
|
done();
|
||||||
|
@ -1,16 +1,15 @@
|
|||||||
var express = require('express');
|
const express = require('express');
|
||||||
var http = require('http');
|
const http = require('http');
|
||||||
|
|
||||||
var socketIo = require('socket.io');
|
const socketIo = require('socket.io');
|
||||||
var socketio_jwt = require('../../lib');
|
const socketio_jwt = require('../../lib');
|
||||||
|
|
||||||
var jwt = require('jsonwebtoken');
|
const jwt = require('jsonwebtoken');
|
||||||
|
const xtend = require('xtend');
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const enableDestroy = require('server-destroy');
|
||||||
|
|
||||||
var xtend = require('xtend');
|
let sio;
|
||||||
var bodyParser = require('body-parser');
|
|
||||||
|
|
||||||
var server, sio;
|
|
||||||
var enableDestroy = require('server-destroy');
|
|
||||||
|
|
||||||
exports.start = function (options, callback) {
|
exports.start = function (options, callback) {
|
||||||
|
|
||||||
@ -25,12 +24,13 @@ exports.start = function (options, callback) {
|
|||||||
handshake: true
|
handshake: true
|
||||||
}, options);
|
}, options);
|
||||||
|
|
||||||
var app = express();
|
const app = express();
|
||||||
|
const server = http.createServer(app);
|
||||||
|
sio = socketIo.listen(server);
|
||||||
|
|
||||||
app.use(bodyParser.json());
|
app.use(bodyParser.json());
|
||||||
|
|
||||||
app.post('/login', function (req, res) {
|
app.post('/login', function (req, res) {
|
||||||
var profile = {
|
const profile = {
|
||||||
first_name: 'John',
|
first_name: 'John',
|
||||||
last_name: 'Doe',
|
last_name: 'Doe',
|
||||||
email: 'john@doe.com',
|
email: 'john@doe.com',
|
||||||
@ -38,14 +38,10 @@ exports.start = function (options, callback) {
|
|||||||
};
|
};
|
||||||
|
|
||||||
// We are sending the profile inside the token
|
// We are sending the profile inside the token
|
||||||
var token = jwt.sign(profile, options.secret, { expiresIn: 60*60*5 });
|
const token = jwt.sign(profile, options.secret, { expiresIn: 60*60*5 });
|
||||||
|
|
||||||
res.json({token: token});
|
res.json({token: token});
|
||||||
});
|
});
|
||||||
|
|
||||||
server = http.createServer(app);
|
|
||||||
|
|
||||||
sio = socketIo.listen(server);
|
|
||||||
|
|
||||||
if (options.handshake) {
|
if (options.handshake) {
|
||||||
sio.use(socketio_jwt.authorize(options));
|
sio.use(socketio_jwt.authorize(options));
|
||||||
|
@ -1,16 +1,14 @@
|
|||||||
var express = require('express');
|
const express = require('express');
|
||||||
var http = require('http');
|
const http = require('http');
|
||||||
|
|
||||||
var socketIo = require('socket.io');
|
const socketIo = require('socket.io');
|
||||||
var socketio_jwt = require('../../lib');
|
const socketio_jwt = require('../../lib');
|
||||||
|
|
||||||
var jwt = require('jsonwebtoken');
|
const jwt = require('jsonwebtoken');
|
||||||
|
const enableDestroy = require('server-destroy');
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
|
||||||
var xtend = require('xtend');
|
let sio;
|
||||||
var bodyParser = require('body-parser');
|
|
||||||
|
|
||||||
var server, sio;
|
|
||||||
var enableDestroy = require('server-destroy');
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This is an example server that shows how to do namespace authentication.
|
* This is an example server that shows how to do namespace authentication.
|
||||||
@ -19,18 +17,19 @@ var enableDestroy = require('server-destroy');
|
|||||||
*/
|
*/
|
||||||
exports.start = function (callback) {
|
exports.start = function (callback) {
|
||||||
|
|
||||||
options = {
|
const options = {
|
||||||
secret: 'aaafoo super sercret',
|
secret: 'aaafoo super sercret',
|
||||||
timeout: 1000,
|
timeout: 1000,
|
||||||
handshake: false
|
handshake: false
|
||||||
};
|
};
|
||||||
|
|
||||||
var app = express();
|
const app = express();
|
||||||
|
const server = http.createServer(app);
|
||||||
|
sio = socketIo.listen(server);
|
||||||
|
|
||||||
app.use(bodyParser.json());
|
app.use(bodyParser.json());
|
||||||
|
|
||||||
app.post('/login', function (req, res) {
|
app.post('/login', function (req, res) {
|
||||||
var profile = {
|
const profile = {
|
||||||
first_name: 'John',
|
first_name: 'John',
|
||||||
last_name: 'Doe',
|
last_name: 'Doe',
|
||||||
email: 'john@doe.com',
|
email: 'john@doe.com',
|
||||||
@ -38,20 +37,17 @@ exports.start = function (callback) {
|
|||||||
};
|
};
|
||||||
|
|
||||||
// We are sending the profile inside the token
|
// We are sending the profile inside the token
|
||||||
var token = jwt.sign(profile, options.secret, { expiresIn: 60*60*5 });
|
const token = jwt.sign(profile, options.secret, { expiresIn: 60*60*5 });
|
||||||
|
res.json({ token: token });
|
||||||
res.json({token: token});
|
|
||||||
});
|
});
|
||||||
|
|
||||||
server = http.createServer(app);
|
|
||||||
|
|
||||||
sio = socketIo.listen(server);
|
|
||||||
|
|
||||||
sio.on('connection', function (socket) {
|
sio.on('connection', function (socket) {
|
||||||
socket.emit('hi');
|
socket.emit('hi');
|
||||||
});
|
});
|
||||||
|
|
||||||
var admin_nsp = sio.of('/admin');
|
const admin_nsp = sio.of('/admin');
|
||||||
|
|
||||||
admin_nsp.on('connection', socketio_jwt.authorize(options))
|
admin_nsp.on('connection', socketio_jwt.authorize(options))
|
||||||
.on('authenticated', function (socket) {
|
.on('authenticated', function (socket) {
|
||||||
|
@ -1,19 +1,18 @@
|
|||||||
var express = require('express');
|
const express = require('express');
|
||||||
var http = require('http');
|
const http = require('http');
|
||||||
|
|
||||||
var socketIo = require('socket.io');
|
const socketIo = require('socket.io');
|
||||||
var socketio_jwt = require('../../lib');
|
const socketio_jwt = require('../../lib');
|
||||||
|
|
||||||
var jwt = require('jsonwebtoken');
|
const jwt = require('jsonwebtoken');
|
||||||
|
const xtend = require('xtend');
|
||||||
|
const bodyParser = require('body-parser');
|
||||||
|
const enableDestroy = require('server-destroy');
|
||||||
|
|
||||||
var xtend = require('xtend');
|
let sio;
|
||||||
var bodyParser = require('body-parser');
|
|
||||||
|
|
||||||
var server, sio;
|
|
||||||
var enableDestroy = require('server-destroy');
|
|
||||||
|
|
||||||
exports.start = function (options, callback) {
|
exports.start = function (options, callback) {
|
||||||
var SECRETS = {
|
const SECRETS = {
|
||||||
123: 'aaafoo super sercret',
|
123: 'aaafoo super sercret',
|
||||||
555: 'other'
|
555: 'other'
|
||||||
};
|
};
|
||||||
@ -31,12 +30,13 @@ exports.start = function (options, callback) {
|
|||||||
handshake: true
|
handshake: true
|
||||||
}, options);
|
}, options);
|
||||||
|
|
||||||
var app = express();
|
const app = express();
|
||||||
|
const server = http.createServer(app);
|
||||||
|
sio = socketIo.listen(server);
|
||||||
|
|
||||||
app.use(bodyParser.json());
|
app.use(bodyParser.json());
|
||||||
|
|
||||||
app.post('/login', function (req, res) {
|
app.post('/login', function (req, res) {
|
||||||
var profile = {
|
const profile = {
|
||||||
first_name: 'John',
|
first_name: 'John',
|
||||||
last_name: 'Doe',
|
last_name: 'Doe',
|
||||||
email: 'john@doe.com',
|
email: 'john@doe.com',
|
||||||
@ -44,15 +44,10 @@ exports.start = function (options, callback) {
|
|||||||
};
|
};
|
||||||
|
|
||||||
// We are sending the profile inside the token
|
// We are sending the profile inside the token
|
||||||
var token = jwt.sign(profile, SECRETS[123], { expiresIn: 60*60*5 });
|
const token = jwt.sign(profile, SECRETS[123], { expiresIn: 60*60*5 });
|
||||||
|
|
||||||
res.json({token: token});
|
res.json({token: token});
|
||||||
});
|
});
|
||||||
|
|
||||||
server = http.createServer(app);
|
|
||||||
|
|
||||||
sio = socketIo.listen(server);
|
|
||||||
|
|
||||||
if (options.handshake) {
|
if (options.handshake) {
|
||||||
sio.use(socketio_jwt.authorize(options));
|
sio.use(socketio_jwt.authorize(options));
|
||||||
|
|
||||||
@ -86,4 +81,3 @@ exports.stop = function (callback) {
|
|||||||
|
|
||||||
callback();
|
callback();
|
||||||
};
|
};
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user