Add a check to make sure provided secret is a string.
``` const JWTOptions: JwtAuthOptions = { secret: process.env.JWT_SECRET as string, timeout: 5_000, decodedPropertyName: 'decodedToken', }; ``` Without the change I made and the options snipped above where the secret is actualy "undefined" because the .env file wasn't loaded yet you get a really weird situation that's very hard to debug. With "undefined" used as secret the client will successfully connect and send its "authenticate" event without a problem. But the server will not do anything. No errors, no timeouts, nothing.
This commit is contained in:
parent
4482bdd1c1
commit
67cc0fb846
@ -112,6 +112,10 @@ function noQsMethod(options) {
|
||||
function authorize(options, onConnection) {
|
||||
options = xtend({ decodedPropertyName: 'decoded_token', encodedPropertyName: 'encoded_token' }, options);
|
||||
|
||||
if (typeof options.secret !== 'string') {
|
||||
throw new Error(`Provided secret "${options.secret}" is invalid, must be of type string.`)
|
||||
}
|
||||
|
||||
if (!options.handshake) {
|
||||
return noQsMethod(options);
|
||||
}
|
||||
|
Reference in New Issue
Block a user