chore: better Prettier config for easier reviews
This commit is contained in:
parent
2d84d11034
commit
5f2742be0b
8
.github/ISSUE_TEMPLATE/BUG.md
vendored
8
.github/ISSUE_TEMPLATE/BUG.md
vendored
@ -1,8 +1,8 @@
|
||||
---
|
||||
name: '🐛 Bug Report'
|
||||
about: 'Report an unexpected problem or unintended behavior.'
|
||||
title: '[Bug]'
|
||||
labels: 'bug'
|
||||
name: "🐛 Bug Report"
|
||||
about: "Report an unexpected problem or unintended behavior."
|
||||
title: "[Bug]"
|
||||
labels: "bug"
|
||||
---
|
||||
|
||||
<!--
|
||||
|
8
.github/ISSUE_TEMPLATE/DOCUMENTATION.md
vendored
8
.github/ISSUE_TEMPLATE/DOCUMENTATION.md
vendored
@ -1,8 +1,8 @@
|
||||
---
|
||||
name: '📜 Documentation'
|
||||
about: 'Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...).'
|
||||
title: '[Documentation]'
|
||||
labels: 'documentation'
|
||||
name: "📜 Documentation"
|
||||
about: "Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...)."
|
||||
title: "[Documentation]"
|
||||
labels: "documentation"
|
||||
---
|
||||
|
||||
<!-- Please make sure your issue has not already been fixed. -->
|
||||
|
8
.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md
vendored
8
.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md
vendored
@ -1,8 +1,8 @@
|
||||
---
|
||||
name: '✨ Feature Request'
|
||||
about: 'Suggest a new feature idea.'
|
||||
title: '[Feature]'
|
||||
labels: 'feature request'
|
||||
name: "✨ Feature Request"
|
||||
about: "Suggest a new feature idea."
|
||||
title: "[Feature]"
|
||||
labels: "feature request"
|
||||
---
|
||||
|
||||
<!-- Please make sure your issue has not already been fixed. -->
|
||||
|
8
.github/ISSUE_TEMPLATE/IMPROVEMENT.md
vendored
8
.github/ISSUE_TEMPLATE/IMPROVEMENT.md
vendored
@ -1,8 +1,8 @@
|
||||
---
|
||||
name: '🔧 Improvement'
|
||||
about: 'Improve structure/format/performance/refactor/tests of the code.'
|
||||
title: '[Improvement]'
|
||||
labels: 'improvement'
|
||||
name: "🔧 Improvement"
|
||||
about: "Improve structure/format/performance/refactor/tests of the code."
|
||||
title: "[Improvement]"
|
||||
labels: "improvement"
|
||||
---
|
||||
|
||||
<!-- Please make sure your issue has not already been fixed. -->
|
||||
|
8
.github/ISSUE_TEMPLATE/QUESTION.md
vendored
8
.github/ISSUE_TEMPLATE/QUESTION.md
vendored
@ -1,8 +1,8 @@
|
||||
---
|
||||
name: '🙋 Question'
|
||||
about: 'Further information is requested.'
|
||||
title: '[Question]'
|
||||
labels: 'question'
|
||||
name: "🙋 Question"
|
||||
about: "Further information is requested."
|
||||
title: "[Question]"
|
||||
labels: "question"
|
||||
---
|
||||
|
||||
### Question
|
||||
|
24
.github/workflows/build.yml
vendored
24
.github/workflows/build.yml
vendored
@ -1,4 +1,4 @@
|
||||
name: 'Build'
|
||||
name: "Build"
|
||||
|
||||
on:
|
||||
push:
|
||||
@ -8,20 +8,20 @@ on:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: 'ubuntu-latest'
|
||||
runs-on: "ubuntu-latest"
|
||||
steps:
|
||||
- uses: 'actions/checkout@v4.0.0'
|
||||
- uses: "actions/checkout@v4.0.0"
|
||||
|
||||
- name: 'Setup Node.js'
|
||||
uses: 'actions/setup-node@v3.8.1'
|
||||
- name: "Setup Node.js"
|
||||
uses: "actions/setup-node@v3.8.1"
|
||||
with:
|
||||
node-version: '20.x'
|
||||
cache: 'npm'
|
||||
node-version: "20.x"
|
||||
cache: "npm"
|
||||
|
||||
- name: 'Install dependencies'
|
||||
run: 'npm clean-install'
|
||||
- name: "Install dependencies"
|
||||
run: "npm clean-install"
|
||||
|
||||
- name: 'Build'
|
||||
run: 'npm run build'
|
||||
- name: "Build"
|
||||
run: "npm run build"
|
||||
|
||||
- run: 'npm run build:typescript'
|
||||
- run: "npm run build:typescript"
|
||||
|
26
.github/workflows/lint.yml
vendored
26
.github/workflows/lint.yml
vendored
@ -1,4 +1,4 @@
|
||||
name: 'Lint'
|
||||
name: "Lint"
|
||||
|
||||
on:
|
||||
push:
|
||||
@ -8,21 +8,21 @@ on:
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
runs-on: 'ubuntu-latest'
|
||||
runs-on: "ubuntu-latest"
|
||||
steps:
|
||||
- uses: 'actions/checkout@v4.0.0'
|
||||
- uses: "actions/checkout@v4.0.0"
|
||||
|
||||
- name: 'Setup Node.js'
|
||||
uses: 'actions/setup-node@v3.8.1'
|
||||
- name: "Setup Node.js"
|
||||
uses: "actions/setup-node@v3.8.1"
|
||||
with:
|
||||
node-version: '20.x'
|
||||
cache: 'npm'
|
||||
node-version: "20.x"
|
||||
cache: "npm"
|
||||
|
||||
- name: 'Install dependencies'
|
||||
run: 'npm clean-install'
|
||||
- name: "Install dependencies"
|
||||
run: "npm clean-install"
|
||||
|
||||
- run: 'npm run lint:commit -- --to "${{ github.sha }}"'
|
||||
- run: 'npm run lint:editorconfig'
|
||||
- run: 'npm run lint:markdown'
|
||||
- run: 'npm run lint:eslint'
|
||||
- run: 'npm run lint:prettier'
|
||||
- run: "npm run lint:editorconfig"
|
||||
- run: "npm run lint:markdown"
|
||||
- run: "npm run lint:eslint"
|
||||
- run: "npm run lint:prettier"
|
||||
|
40
.github/workflows/release.yml
vendored
40
.github/workflows/release.yml
vendored
@ -1,4 +1,4 @@
|
||||
name: 'Release'
|
||||
name: "Release"
|
||||
|
||||
on:
|
||||
push:
|
||||
@ -6,34 +6,34 @@ on:
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: 'ubuntu-latest'
|
||||
runs-on: "ubuntu-latest"
|
||||
permissions:
|
||||
contents: 'write'
|
||||
issues: 'write'
|
||||
pull-requests: 'write'
|
||||
id-token: 'write'
|
||||
contents: "write"
|
||||
issues: "write"
|
||||
pull-requests: "write"
|
||||
id-token: "write"
|
||||
steps:
|
||||
- uses: 'actions/checkout@v4.0.0'
|
||||
- uses: "actions/checkout@v4.0.0"
|
||||
|
||||
- name: 'Setup Node.js'
|
||||
uses: 'actions/setup-node@v3.8.1'
|
||||
- name: "Setup Node.js"
|
||||
uses: "actions/setup-node@v3.8.1"
|
||||
with:
|
||||
node-version: '20.x'
|
||||
cache: 'npm'
|
||||
node-version: "20.x"
|
||||
cache: "npm"
|
||||
|
||||
- name: 'Install dependencies'
|
||||
run: 'npm clean-install'
|
||||
- name: "Install dependencies"
|
||||
run: "npm clean-install"
|
||||
|
||||
- name: 'Build Package'
|
||||
run: 'npm run build'
|
||||
- name: "Build Package"
|
||||
run: "npm run build"
|
||||
|
||||
- run: 'npm run build:typescript'
|
||||
- run: "npm run build:typescript"
|
||||
|
||||
- name: 'Verify the integrity of provenance attestations and registry signatures for installed dependencies'
|
||||
run: 'npm audit signatures'
|
||||
- name: "Verify the integrity of provenance attestations and registry signatures for installed dependencies"
|
||||
run: "npm audit signatures"
|
||||
|
||||
- name: 'Release'
|
||||
run: 'npm run release'
|
||||
- name: "Release"
|
||||
run: "npm run release"
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
|
||||
|
26
.github/workflows/test.yml
vendored
26
.github/workflows/test.yml
vendored
@ -1,4 +1,4 @@
|
||||
name: 'Test'
|
||||
name: "Test"
|
||||
|
||||
on:
|
||||
push:
|
||||
@ -8,21 +8,21 @@ on:
|
||||
|
||||
jobs:
|
||||
test:
|
||||
runs-on: 'ubuntu-latest'
|
||||
runs-on: "ubuntu-latest"
|
||||
steps:
|
||||
- uses: 'actions/checkout@v4.0.0'
|
||||
- uses: "actions/checkout@v4.0.0"
|
||||
|
||||
- name: 'Setup Node.js'
|
||||
uses: 'actions/setup-node@v3.8.1'
|
||||
- name: "Setup Node.js"
|
||||
uses: "actions/setup-node@v3.8.1"
|
||||
with:
|
||||
node-version: '20.x'
|
||||
cache: 'npm'
|
||||
node-version: "20.x"
|
||||
cache: "npm"
|
||||
|
||||
- name: 'Install dependencies'
|
||||
run: 'npm clean-install'
|
||||
- name: "Install dependencies"
|
||||
run: "npm clean-install"
|
||||
|
||||
- name: 'Build'
|
||||
run: 'npm run build'
|
||||
- name: "Build"
|
||||
run: "npm run build"
|
||||
|
||||
- name: 'Test'
|
||||
run: 'npm run test'
|
||||
- name: "Test"
|
||||
run: "npm run test"
|
||||
|
@ -1,6 +1,3 @@
|
||||
{
|
||||
"singleQuote": true,
|
||||
"jsxSingleQuote": true,
|
||||
"semi": false,
|
||||
"trailingComma": "none"
|
||||
"semi": false
|
||||
}
|
||||
|
52
README.md
52
README.md
@ -42,24 +42,24 @@ npm install --save @thream/socketio-jwt
|
||||
### Server side
|
||||
|
||||
```ts
|
||||
import { Server } from 'socket.io'
|
||||
import { authorize } from '@thream/socketio-jwt'
|
||||
import { Server } from "socket.io"
|
||||
import { authorize } from "@thream/socketio-jwt"
|
||||
|
||||
const io = new Server(9000)
|
||||
io.use(
|
||||
authorize({
|
||||
secret: 'your secret or public key'
|
||||
})
|
||||
secret: "your secret or public key",
|
||||
}),
|
||||
)
|
||||
|
||||
io.on('connection', async (socket) => {
|
||||
io.on("connection", async (socket) => {
|
||||
// jwt payload of the connected client
|
||||
console.log(socket.decodedToken)
|
||||
const clients = await io.sockets.allSockets()
|
||||
if (clients != null) {
|
||||
for (const clientId of clients) {
|
||||
const client = io.sockets.sockets.get(clientId)
|
||||
client?.emit('messages', { message: 'Success!' })
|
||||
client?.emit("messages", { message: "Success!" })
|
||||
// we can access the jwt payload of each connected client
|
||||
console.log(client?.decodedToken)
|
||||
}
|
||||
@ -70,12 +70,12 @@ io.on('connection', async (socket) => {
|
||||
### Server side with `jwks-rsa` (example)
|
||||
|
||||
```ts
|
||||
import jwksClient from 'jwks-rsa'
|
||||
import { Server } from 'socket.io'
|
||||
import { authorize } from '@thream/socketio-jwt'
|
||||
import jwksClient from "jwks-rsa"
|
||||
import { Server } from "socket.io"
|
||||
import { authorize } from "@thream/socketio-jwt"
|
||||
|
||||
const client = jwksClient({
|
||||
jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json'
|
||||
jwksUri: "https://sandrino.auth0.com/.well-known/jwks.json",
|
||||
})
|
||||
|
||||
const io = new Server(9000)
|
||||
@ -84,11 +84,11 @@ io.use(
|
||||
secret: async (decodedToken) => {
|
||||
const key = await client.getSigningKeyAsync(decodedToken.header.kid)
|
||||
return key.getPublicKey()
|
||||
}
|
||||
})
|
||||
},
|
||||
}),
|
||||
)
|
||||
|
||||
io.on('connection', async (socket) => {
|
||||
io.on("connection", async (socket) => {
|
||||
// jwt payload of the connected client
|
||||
console.log(socket.decodedToken)
|
||||
// You can do the same things of the previous example there...
|
||||
@ -98,21 +98,21 @@ io.on('connection', async (socket) => {
|
||||
### Server side with `onAuthentication` (example)
|
||||
|
||||
```ts
|
||||
import { Server } from 'socket.io'
|
||||
import { authorize } from '@thream/socketio-jwt'
|
||||
import { Server } from "socket.io"
|
||||
import { authorize } from "@thream/socketio-jwt"
|
||||
|
||||
const io = new Server(9000)
|
||||
io.use(
|
||||
authorize({
|
||||
secret: 'your secret or public key',
|
||||
secret: "your secret or public key",
|
||||
onAuthentication: async (decodedToken) => {
|
||||
// return the object that you want to add to the user property
|
||||
// or throw an error if the token is unauthorized
|
||||
}
|
||||
})
|
||||
},
|
||||
}),
|
||||
)
|
||||
|
||||
io.on('connection', async (socket) => {
|
||||
io.on("connection", async (socket) => {
|
||||
// jwt payload of the connected client
|
||||
console.log(socket.decodedToken)
|
||||
// You can do the same things of the previous example there...
|
||||
@ -130,23 +130,23 @@ io.on('connection', async (socket) => {
|
||||
### Client side
|
||||
|
||||
```ts
|
||||
import { io } from 'socket.io-client'
|
||||
import { isUnauthorizedError } from '@thream/socketio-jwt/build/UnauthorizedError.js'
|
||||
import { io } from "socket.io-client"
|
||||
import { isUnauthorizedError } from "@thream/socketio-jwt/build/UnauthorizedError.js"
|
||||
|
||||
// Require Bearer Token
|
||||
const socket = io('http://localhost:9000', {
|
||||
auth: { token: `Bearer ${yourJWT}` }
|
||||
const socket = io("http://localhost:9000", {
|
||||
auth: { token: `Bearer ${yourJWT}` },
|
||||
})
|
||||
|
||||
// Handling token expiration
|
||||
socket.on('connect_error', (error) => {
|
||||
socket.on("connect_error", (error) => {
|
||||
if (isUnauthorizedError(error)) {
|
||||
console.log('User token has expired')
|
||||
console.log("User token has expired")
|
||||
}
|
||||
})
|
||||
|
||||
// Listening to events
|
||||
socket.on('messages', (data) => {
|
||||
socket.on("messages", (data) => {
|
||||
console.log(data)
|
||||
})
|
||||
```
|
||||
|
1927
package-lock.json
generated
1927
package-lock.json
generated
File diff suppressed because it is too large
Load Diff
32
package.json
32
package.json
@ -58,34 +58,34 @@
|
||||
"jsonwebtoken": "9.0.2"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@commitlint/cli": "17.7.1",
|
||||
"@commitlint/config-conventional": "17.7.0",
|
||||
"@commitlint/cli": "18.0.0",
|
||||
"@commitlint/config-conventional": "18.0.0",
|
||||
"@swc/cli": "0.1.62",
|
||||
"@swc/core": "1.3.85",
|
||||
"@swc/core": "1.3.94",
|
||||
"@tsconfig/strictest": "2.0.2",
|
||||
"@types/jsonwebtoken": "9.0.3",
|
||||
"@types/node": "20.6.2",
|
||||
"@typescript-eslint/eslint-plugin": "6.7.2",
|
||||
"@typescript-eslint/parser": "6.7.2",
|
||||
"axios": "1.5.0",
|
||||
"@types/jsonwebtoken": "9.0.4",
|
||||
"@types/node": "20.8.7",
|
||||
"@typescript-eslint/eslint-plugin": "6.9.0",
|
||||
"@typescript-eslint/parser": "6.9.0",
|
||||
"axios": "1.5.1",
|
||||
"cross-env": "7.0.3",
|
||||
"editorconfig-checker": "5.1.1",
|
||||
"eslint": "8.49.0",
|
||||
"eslint-config-conventions": "11.0.1",
|
||||
"eslint": "8.52.0",
|
||||
"eslint-config-conventions": "12.0.0",
|
||||
"eslint-config-prettier": "9.0.0",
|
||||
"eslint-plugin-import": "2.28.1",
|
||||
"eslint-plugin-prettier": "5.0.0",
|
||||
"eslint-plugin-import": "2.29.0",
|
||||
"eslint-plugin-prettier": "5.0.1",
|
||||
"eslint-plugin-promise": "6.1.1",
|
||||
"eslint-plugin-unicorn": "48.0.1",
|
||||
"fastify": "4.23.2",
|
||||
"fastify": "4.24.3",
|
||||
"husky": "8.0.3",
|
||||
"lint-staged": "14.0.1",
|
||||
"lint-staged": "15.0.2",
|
||||
"markdownlint-cli2": "0.10.0",
|
||||
"markdownlint-rule-relative-links": "2.1.0",
|
||||
"pinst": "3.0.0",
|
||||
"prettier": "3.0.3",
|
||||
"rimraf": "5.0.1",
|
||||
"semantic-release": "22.0.0",
|
||||
"rimraf": "5.0.5",
|
||||
"semantic-release": "22.0.5",
|
||||
"socket.io": "4.7.2",
|
||||
"socket.io-client": "4.7.2",
|
||||
"typescript": "5.2.2"
|
||||
|
@ -1,30 +1,30 @@
|
||||
export class UnauthorizedError extends Error {
|
||||
public inner: { message: string }
|
||||
public data: { message: string; code: string; type: 'UnauthorizedError' }
|
||||
public data: { message: string; code: string; type: "UnauthorizedError" }
|
||||
|
||||
constructor(code: string, error: { message: string }) {
|
||||
super(error.message)
|
||||
this.name = 'UnauthorizedError'
|
||||
this.name = "UnauthorizedError"
|
||||
this.inner = error
|
||||
this.data = {
|
||||
message: this.message,
|
||||
code,
|
||||
type: 'UnauthorizedError'
|
||||
type: "UnauthorizedError",
|
||||
}
|
||||
Object.setPrototypeOf(this, UnauthorizedError.prototype)
|
||||
}
|
||||
}
|
||||
|
||||
export const isUnauthorizedError = (
|
||||
error: unknown
|
||||
error: unknown,
|
||||
): error is UnauthorizedError => {
|
||||
return (
|
||||
typeof error === 'object' &&
|
||||
typeof error === "object" &&
|
||||
error != null &&
|
||||
'data' in error &&
|
||||
typeof error.data === 'object' &&
|
||||
"data" in error &&
|
||||
typeof error.data === "object" &&
|
||||
error.data != null &&
|
||||
'type' in error.data &&
|
||||
error.data.type === 'UnauthorizedError'
|
||||
"type" in error.data &&
|
||||
error.data.type === "UnauthorizedError"
|
||||
)
|
||||
}
|
||||
|
@ -1,39 +1,39 @@
|
||||
import test from 'node:test'
|
||||
import assert from 'node:assert/strict'
|
||||
import test from "node:test"
|
||||
import assert from "node:assert/strict"
|
||||
|
||||
import axios from 'axios'
|
||||
import type { Socket } from 'socket.io-client'
|
||||
import { io } from 'socket.io-client'
|
||||
import axios from "axios"
|
||||
import type { Socket } from "socket.io-client"
|
||||
import { io } from "socket.io-client"
|
||||
|
||||
import { isUnauthorizedError } from '../UnauthorizedError.js'
|
||||
import type { Profile } from './fixture/index.js'
|
||||
import { isUnauthorizedError } from "../UnauthorizedError.js"
|
||||
import type { Profile } from "./fixture/index.js"
|
||||
import {
|
||||
API_URL,
|
||||
fixtureStart,
|
||||
fixtureStop,
|
||||
getSocket,
|
||||
basicProfile
|
||||
} from './fixture/index.js'
|
||||
basicProfile,
|
||||
} from "./fixture/index.js"
|
||||
|
||||
export const api = axios.create({
|
||||
baseURL: API_URL,
|
||||
headers: {
|
||||
'Content-Type': 'application/json'
|
||||
}
|
||||
"Content-Type": "application/json",
|
||||
},
|
||||
})
|
||||
|
||||
const secretCallback = async (): Promise<string> => {
|
||||
return 'somesecret'
|
||||
return "somesecret"
|
||||
}
|
||||
|
||||
await test('authorize', async (t) => {
|
||||
await t.test('with secret as string in options', async (t) => {
|
||||
let token = ''
|
||||
await test("authorize", async (t) => {
|
||||
await t.test("with secret as string in options", async (t) => {
|
||||
let token = ""
|
||||
let socket: Socket | null = null
|
||||
|
||||
t.beforeEach(async () => {
|
||||
await fixtureStart()
|
||||
const response = await api.post('/login', {})
|
||||
const response = await api.post("/login", {})
|
||||
token = response.data.token
|
||||
})
|
||||
|
||||
@ -42,87 +42,87 @@ await test('authorize', async (t) => {
|
||||
await fixtureStop()
|
||||
})
|
||||
|
||||
await t.test('should emit error with no token provided', () => {
|
||||
await t.test("should emit error with no token provided", () => {
|
||||
socket = io(API_URL)
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.strictEqual(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
assert.strictEqual(error.data.message, 'no token provided')
|
||||
assert.strictEqual(error.data.code, 'credentials_required')
|
||||
assert.strictEqual(error.data.message, "no token provided")
|
||||
assert.strictEqual(error.data.code, "credentials_required")
|
||||
assert.ok(true)
|
||||
} else {
|
||||
assert.fail('should be unauthorized error')
|
||||
assert.fail("should be unauthorized error")
|
||||
}
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
assert.fail('should not connect')
|
||||
socket.on("connect", async () => {
|
||||
assert.fail("should not connect")
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should emit error with bad token format', () => {
|
||||
await t.test("should emit error with bad token format", () => {
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'testing' }
|
||||
auth: { token: "testing" },
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.strictEqual(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
assert.strictEqual(
|
||||
error.data.message,
|
||||
'Format is Authorization: Bearer [token]'
|
||||
"Format is Authorization: Bearer [token]",
|
||||
)
|
||||
assert.strictEqual(error.data.code, 'credentials_bad_format')
|
||||
assert.strictEqual(error.data.code, "credentials_bad_format")
|
||||
assert.ok(true)
|
||||
} else {
|
||||
assert.fail('should be unauthorized error')
|
||||
assert.fail("should be unauthorized error")
|
||||
}
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
assert.fail('should not connect')
|
||||
socket.on("connect", async () => {
|
||||
assert.fail("should not connect")
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should emit error with unauthorized handshake', () => {
|
||||
await t.test("should emit error with unauthorized handshake", () => {
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'Bearer testing' }
|
||||
auth: { token: "Bearer testing" },
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.strictEqual(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
assert.strictEqual(
|
||||
error.data.message,
|
||||
'Unauthorized: Token is missing or invalid Bearer'
|
||||
"Unauthorized: Token is missing or invalid Bearer",
|
||||
)
|
||||
assert.strictEqual(error.data.code, 'invalid_token')
|
||||
assert.strictEqual(error.data.code, "invalid_token")
|
||||
assert.ok(true)
|
||||
} else {
|
||||
assert.fail('should be unauthorized error')
|
||||
assert.fail("should be unauthorized error")
|
||||
}
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
assert.fail('should not connect')
|
||||
socket.on("connect", async () => {
|
||||
assert.fail("should not connect")
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should connect the user', () => {
|
||||
await t.test("should connect the user", () => {
|
||||
socket = io(API_URL, {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
auth: { token: `Bearer ${token}` },
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
socket.on("connect", async () => {
|
||||
assert.ok(true)
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.fail(error.message)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('with secret as callback in options', async (t) => {
|
||||
let token = ''
|
||||
await t.test("with secret as callback in options", async (t) => {
|
||||
let token = ""
|
||||
let socket: Socket | null = null
|
||||
|
||||
t.beforeEach(async () => {
|
||||
await fixtureStart({ secret: secretCallback })
|
||||
const response = await api.post('/login', {})
|
||||
const response = await api.post("/login", {})
|
||||
token = response.data.token
|
||||
})
|
||||
|
||||
@ -131,83 +131,83 @@ await test('authorize', async (t) => {
|
||||
await fixtureStop()
|
||||
})
|
||||
|
||||
await t.test('should emit error with no token provided', () => {
|
||||
await t.test("should emit error with no token provided", () => {
|
||||
socket = io(API_URL)
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.strictEqual(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
assert.strictEqual(error.data.message, 'no token provided')
|
||||
assert.strictEqual(error.data.code, 'credentials_required')
|
||||
assert.strictEqual(error.data.message, "no token provided")
|
||||
assert.strictEqual(error.data.code, "credentials_required")
|
||||
assert.ok(true)
|
||||
} else {
|
||||
assert.fail('should be unauthorized error')
|
||||
assert.fail("should be unauthorized error")
|
||||
}
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
assert.fail('should not connect')
|
||||
socket.on("connect", async () => {
|
||||
assert.fail("should not connect")
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should emit error with bad token format', () => {
|
||||
await t.test("should emit error with bad token format", () => {
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'testing' }
|
||||
auth: { token: "testing" },
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.strictEqual(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
assert.strictEqual(
|
||||
error.data.message,
|
||||
'Format is Authorization: Bearer [token]'
|
||||
"Format is Authorization: Bearer [token]",
|
||||
)
|
||||
assert.strictEqual(error.data.code, 'credentials_bad_format')
|
||||
assert.strictEqual(error.data.code, "credentials_bad_format")
|
||||
assert.ok(true)
|
||||
} else {
|
||||
assert.fail('should be unauthorized error')
|
||||
assert.fail("should be unauthorized error")
|
||||
}
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
assert.fail('should not connect')
|
||||
socket.on("connect", async () => {
|
||||
assert.fail("should not connect")
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should emit error with unauthorized handshake', () => {
|
||||
await t.test("should emit error with unauthorized handshake", () => {
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'Bearer testing' }
|
||||
auth: { token: "Bearer testing" },
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.strictEqual(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
assert.strictEqual(
|
||||
error.data.message,
|
||||
'Unauthorized: Token is missing or invalid Bearer'
|
||||
"Unauthorized: Token is missing or invalid Bearer",
|
||||
)
|
||||
assert.strictEqual(error.data.code, 'invalid_token')
|
||||
assert.strictEqual(error.data.code, "invalid_token")
|
||||
assert.ok(true)
|
||||
} else {
|
||||
assert.fail('should be unauthorized error')
|
||||
assert.fail("should be unauthorized error")
|
||||
}
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
assert.fail('should not connect')
|
||||
socket.on("connect", async () => {
|
||||
assert.fail("should not connect")
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should connect the user', () => {
|
||||
await t.test("should connect the user", () => {
|
||||
socket = io(API_URL, {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
auth: { token: `Bearer ${token}` },
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
socket.on("connect", async () => {
|
||||
assert.ok(true)
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.fail(error.message)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('with onAuthentication callback in options', async (t) => {
|
||||
let token = ''
|
||||
let wrongToken = ''
|
||||
await t.test("with onAuthentication callback in options", async (t) => {
|
||||
let token = ""
|
||||
let wrongToken = ""
|
||||
let socket: Socket | null = null
|
||||
|
||||
t.beforeEach(async () => {
|
||||
@ -215,16 +215,16 @@ await test('authorize', async (t) => {
|
||||
secret: secretCallback,
|
||||
onAuthentication: (decodedToken: Profile) => {
|
||||
if (!decodedToken.checkField) {
|
||||
throw new Error('Check Field validation failed')
|
||||
throw new Error("Check Field validation failed")
|
||||
}
|
||||
return {
|
||||
email: decodedToken.email
|
||||
email: decodedToken.email,
|
||||
}
|
||||
}
|
||||
},
|
||||
})
|
||||
const response = await api.post('/login', {})
|
||||
const response = await api.post("/login", {})
|
||||
token = response.data.token
|
||||
const responseWrong = await api.post('/login-wrong', {})
|
||||
const responseWrong = await api.post("/login-wrong", {})
|
||||
wrongToken = responseWrong.data.token
|
||||
})
|
||||
|
||||
@ -233,107 +233,107 @@ await test('authorize', async (t) => {
|
||||
await fixtureStop()
|
||||
})
|
||||
|
||||
await t.test('should emit error with no token provided', () => {
|
||||
await t.test("should emit error with no token provided", () => {
|
||||
socket = io(API_URL)
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.strictEqual(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
assert.strictEqual(error.data.message, 'no token provided')
|
||||
assert.strictEqual(error.data.code, 'credentials_required')
|
||||
assert.strictEqual(error.data.message, "no token provided")
|
||||
assert.strictEqual(error.data.code, "credentials_required")
|
||||
assert.ok(true)
|
||||
} else {
|
||||
assert.fail('should be unauthorized error')
|
||||
assert.fail("should be unauthorized error")
|
||||
}
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
assert.fail('should not connect')
|
||||
socket.on("connect", async () => {
|
||||
assert.fail("should not connect")
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should emit error with bad token format', () => {
|
||||
await t.test("should emit error with bad token format", () => {
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'testing' }
|
||||
auth: { token: "testing" },
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.strictEqual(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
assert.strictEqual(
|
||||
error.data.message,
|
||||
'Format is Authorization: Bearer [token]'
|
||||
"Format is Authorization: Bearer [token]",
|
||||
)
|
||||
assert.strictEqual(error.data.code, 'credentials_bad_format')
|
||||
assert.strictEqual(error.data.code, "credentials_bad_format")
|
||||
assert.ok(true)
|
||||
} else {
|
||||
assert.fail('should be unauthorized error')
|
||||
assert.fail("should be unauthorized error")
|
||||
}
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
assert.fail('should not connect')
|
||||
socket.on("connect", async () => {
|
||||
assert.fail("should not connect")
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should emit error with unauthorized handshake', () => {
|
||||
await t.test("should emit error with unauthorized handshake", () => {
|
||||
socket = io(API_URL, {
|
||||
auth: { token: 'Bearer testing' }
|
||||
auth: { token: "Bearer testing" },
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.strictEqual(isUnauthorizedError(error), true)
|
||||
if (isUnauthorizedError(error)) {
|
||||
assert.strictEqual(
|
||||
error.data.message,
|
||||
'Unauthorized: Token is missing or invalid Bearer'
|
||||
"Unauthorized: Token is missing or invalid Bearer",
|
||||
)
|
||||
assert.strictEqual(error.data.code, 'invalid_token')
|
||||
assert.strictEqual(error.data.code, "invalid_token")
|
||||
assert.ok(true)
|
||||
} else {
|
||||
assert.fail('should be unauthorized error')
|
||||
assert.fail("should be unauthorized error")
|
||||
}
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
assert.fail('should not connect')
|
||||
socket.on("connect", async () => {
|
||||
assert.fail("should not connect")
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should connect the user', () => {
|
||||
await t.test("should connect the user", () => {
|
||||
socket = io(API_URL, {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
auth: { token: `Bearer ${token}` },
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
socket.on("connect", async () => {
|
||||
assert.ok(true)
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.fail(error.message)
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should contains user properties', () => {
|
||||
await t.test("should contains user properties", () => {
|
||||
const socketServer = getSocket()
|
||||
socketServer?.on('connection', (client: any) => {
|
||||
socketServer?.on("connection", (client: any) => {
|
||||
assert.strictEqual(client.user.email, basicProfile.email)
|
||||
assert.ok(true)
|
||||
})
|
||||
socket = io(API_URL, {
|
||||
auth: { token: `Bearer ${token}` }
|
||||
auth: { token: `Bearer ${token}` },
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
assert.fail(error.message)
|
||||
})
|
||||
})
|
||||
|
||||
await t.test('should emit error when user validation fails', () => {
|
||||
await t.test("should emit error when user validation fails", () => {
|
||||
socket = io(API_URL, {
|
||||
auth: { token: `Bearer ${wrongToken}` }
|
||||
auth: { token: `Bearer ${wrongToken}` },
|
||||
})
|
||||
socket.on('connect_error', async (error) => {
|
||||
socket.on("connect_error", async (error) => {
|
||||
try {
|
||||
assert.strictEqual(error.message, 'Check Field validation failed')
|
||||
assert.strictEqual(error.message, "Check Field validation failed")
|
||||
assert.ok(true)
|
||||
} catch {
|
||||
assert.fail(error.message)
|
||||
}
|
||||
})
|
||||
socket.on('connect', async () => {
|
||||
assert.fail('should not connect')
|
||||
socket.on("connect", async () => {
|
||||
assert.fail("should not connect")
|
||||
})
|
||||
})
|
||||
})
|
||||
|
@ -1,16 +1,16 @@
|
||||
import jwt from 'jsonwebtoken'
|
||||
import { Server as SocketIoServer } from 'socket.io'
|
||||
import type { FastifyInstance } from 'fastify'
|
||||
import fastify from 'fastify'
|
||||
import jwt from "jsonwebtoken"
|
||||
import { Server as SocketIoServer } from "socket.io"
|
||||
import type { FastifyInstance } from "fastify"
|
||||
import fastify from "fastify"
|
||||
|
||||
import type { AuthorizeOptions } from '../../index.js'
|
||||
import { authorize } from '../../index.js'
|
||||
import type { AuthorizeOptions } from "../../index.js"
|
||||
import { authorize } from "../../index.js"
|
||||
|
||||
interface FastifyIo {
|
||||
instance: SocketIoServer
|
||||
}
|
||||
|
||||
declare module 'fastify' {
|
||||
declare module "fastify" {
|
||||
export interface FastifyInstance {
|
||||
io: FastifyIo
|
||||
}
|
||||
@ -28,49 +28,49 @@ export interface Profile extends BasicProfile {
|
||||
export const PORT = 9000
|
||||
export const API_URL = `http://localhost:${PORT}`
|
||||
export const basicProfile: BasicProfile = {
|
||||
email: 'john@doe.com',
|
||||
id: 123
|
||||
email: "john@doe.com",
|
||||
id: 123,
|
||||
}
|
||||
|
||||
let application: FastifyInstance | null = null
|
||||
|
||||
export const fixtureStart = async (
|
||||
options: AuthorizeOptions = { secret: 'super secret' }
|
||||
options: AuthorizeOptions = { secret: "super secret" },
|
||||
): Promise<void> => {
|
||||
const profile: Profile = { ...basicProfile, checkField: true }
|
||||
let keySecret = ''
|
||||
if (typeof options.secret === 'string') {
|
||||
let keySecret = ""
|
||||
if (typeof options.secret === "string") {
|
||||
keySecret = options.secret
|
||||
} else {
|
||||
keySecret = await options.secret({
|
||||
header: { alg: 'HS256' },
|
||||
payload: profile
|
||||
header: { alg: "HS256" },
|
||||
payload: profile,
|
||||
})
|
||||
}
|
||||
application = fastify()
|
||||
application.post('/login', async (_request, reply) => {
|
||||
application.post("/login", async (_request, reply) => {
|
||||
const token = jwt.sign(profile, keySecret, {
|
||||
expiresIn: 60 * 60 * 5
|
||||
expiresIn: 60 * 60 * 5,
|
||||
})
|
||||
reply.statusCode = 201
|
||||
return { token }
|
||||
})
|
||||
application.post('/login-wrong', async (_request, reply) => {
|
||||
application.post("/login-wrong", async (_request, reply) => {
|
||||
profile.checkField = false
|
||||
const token = jwt.sign(profile, keySecret, {
|
||||
expiresIn: 60 * 60 * 5
|
||||
expiresIn: 60 * 60 * 5,
|
||||
})
|
||||
reply.statusCode = 201
|
||||
return { token }
|
||||
})
|
||||
const instance = new SocketIoServer(application.server)
|
||||
instance.use(authorize(options))
|
||||
application.decorate('io', { instance })
|
||||
application.addHook('onClose', (fastify) => {
|
||||
application.decorate("io", { instance })
|
||||
application.addHook("onClose", (fastify) => {
|
||||
fastify.io.instance.close()
|
||||
})
|
||||
await application.listen({
|
||||
port: PORT
|
||||
port: PORT,
|
||||
})
|
||||
}
|
||||
|
||||
|
@ -1,10 +1,10 @@
|
||||
import type { Algorithm } from 'jsonwebtoken'
|
||||
import jwt from 'jsonwebtoken'
|
||||
import type { Socket } from 'socket.io'
|
||||
import type { Algorithm } from "jsonwebtoken"
|
||||
import jwt from "jsonwebtoken"
|
||||
import type { Socket } from "socket.io"
|
||||
|
||||
import { UnauthorizedError } from './UnauthorizedError.js'
|
||||
import { UnauthorizedError } from "./UnauthorizedError.js"
|
||||
|
||||
declare module 'socket.io' {
|
||||
declare module "socket.io" {
|
||||
interface Socket extends ExtendedSocket {}
|
||||
}
|
||||
|
||||
@ -16,7 +16,7 @@ interface ExtendedSocket {
|
||||
|
||||
type SocketIOMiddleware = (
|
||||
socket: Socket,
|
||||
next: (error?: UnauthorizedError) => void
|
||||
next: (error?: UnauthorizedError) => void,
|
||||
) => void
|
||||
|
||||
interface CompleteDecodedToken {
|
||||
@ -28,7 +28,7 @@ interface CompleteDecodedToken {
|
||||
}
|
||||
|
||||
type SecretCallback = (
|
||||
decodedToken: CompleteDecodedToken
|
||||
decodedToken: CompleteDecodedToken,
|
||||
) => Promise<string> | string
|
||||
|
||||
export interface AuthorizeOptions {
|
||||
@ -38,32 +38,32 @@ export interface AuthorizeOptions {
|
||||
}
|
||||
|
||||
export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
|
||||
const { secret, algorithms = ['HS256'], onAuthentication } = options
|
||||
const { secret, algorithms = ["HS256"], onAuthentication } = options
|
||||
return async (socket, next) => {
|
||||
let encodedToken: string | null = null
|
||||
const { token } = socket.handshake.auth
|
||||
if (token != null) {
|
||||
const tokenSplitted = token.split(' ')
|
||||
if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {
|
||||
const tokenSplitted = token.split(" ")
|
||||
if (tokenSplitted.length !== 2 || tokenSplitted[0] !== "Bearer") {
|
||||
return next(
|
||||
new UnauthorizedError('credentials_bad_format', {
|
||||
message: 'Format is Authorization: Bearer [token]'
|
||||
})
|
||||
new UnauthorizedError("credentials_bad_format", {
|
||||
message: "Format is Authorization: Bearer [token]",
|
||||
}),
|
||||
)
|
||||
}
|
||||
encodedToken = tokenSplitted[1]
|
||||
}
|
||||
if (encodedToken == null) {
|
||||
return next(
|
||||
new UnauthorizedError('credentials_required', {
|
||||
message: 'no token provided'
|
||||
})
|
||||
new UnauthorizedError("credentials_required", {
|
||||
message: "no token provided",
|
||||
}),
|
||||
)
|
||||
}
|
||||
socket.encodedToken = encodedToken
|
||||
let keySecret: string | null = null
|
||||
let decodedToken: any = null
|
||||
if (typeof secret === 'string') {
|
||||
if (typeof secret === "string") {
|
||||
keySecret = secret
|
||||
} else {
|
||||
const completeDecodedToken = jwt.decode(encodedToken, { complete: true })
|
||||
@ -73,9 +73,9 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
|
||||
decodedToken = jwt.verify(encodedToken, keySecret, { algorithms })
|
||||
} catch {
|
||||
return next(
|
||||
new UnauthorizedError('invalid_token', {
|
||||
message: 'Unauthorized: Token is missing or invalid Bearer'
|
||||
})
|
||||
new UnauthorizedError("invalid_token", {
|
||||
message: "Unauthorized: Token is missing or invalid Bearer",
|
||||
}),
|
||||
)
|
||||
}
|
||||
socket.decodedToken = decodedToken
|
||||
|
@ -1,2 +1,2 @@
|
||||
export * from './authorize.js'
|
||||
export * from './UnauthorizedError.js'
|
||||
export * from "./authorize.js"
|
||||
export * from "./UnauthorizedError.js"
|
||||
|
Reference in New Issue
Block a user