Add a check to make sure provided secret is a string.
``` const JWTOptions: JwtAuthOptions = { secret: process.env.JWT_SECRET as string, timeout: 5_000, decodedPropertyName: 'decodedToken', }; ``` Without the change I made and the options snipped above where the secret is actualy "undefined" because the .env file wasn't loaded yet you get a really weird situation that's very hard to debug. With "undefined" used as secret the client will successfully connect and send its "authenticate" event without a problem. But the server will not do anything. No errors, no timeouts, nothing.
This commit is contained in:
parent
4482bdd1c1
commit
67cc0fb846
@ -112,6 +112,10 @@ function noQsMethod(options) {
|
|||||||
function authorize(options, onConnection) {
|
function authorize(options, onConnection) {
|
||||||
options = xtend({ decodedPropertyName: 'decoded_token', encodedPropertyName: 'encoded_token' }, options);
|
options = xtend({ decodedPropertyName: 'decoded_token', encodedPropertyName: 'encoded_token' }, options);
|
||||||
|
|
||||||
|
if (typeof options.secret !== 'string') {
|
||||||
|
throw new Error(`Provided secret "${options.secret}" is invalid, must be of type string.`)
|
||||||
|
}
|
||||||
|
|
||||||
if (!options.handshake) {
|
if (!options.handshake) {
|
||||||
return noQsMethod(options);
|
return noQsMethod(options);
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user