commit
7902478c82
69
README.md
69
README.md
@ -27,13 +27,9 @@ Authenticate socket.io incoming connections with JWTs. This is useful if you are
|
|||||||
|
|
||||||
This repo is supported and maintained by Community Developers, not Auth0. For more information about different support levels check https://auth0.com/docs/support/matrix .
|
This repo is supported and maintained by Community Developers, not Auth0. For more information about different support levels check https://auth0.com/docs/support/matrix .
|
||||||
|
|
||||||
## Getting started
|
## Installation
|
||||||
|
|
||||||
Chrome extensions are packaged as `.crx` files for distribution but may be loaded "unpacked" for development. For more information on how to load an unpacked extension, see the [Chrome extension docs](https://developer.chrome.com/extensions/getstarted#unpacked).
|
```bash
|
||||||
|
|
||||||
### Installation
|
|
||||||
|
|
||||||
```
|
|
||||||
npm install socketio-jwt
|
npm install socketio-jwt
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -75,28 +71,34 @@ socket.on('connect', function () {
|
|||||||
The previous approach uses a second roundtrip to send the jwt. There is a way you can authenticate on the handshake by sending the JWT as a query string, the caveat is that intermediary HTTP servers can log the url.
|
The previous approach uses a second roundtrip to send the jwt. There is a way you can authenticate on the handshake by sending the JWT as a query string, the caveat is that intermediary HTTP servers can log the url.
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var io = require("socket.io")(server);
|
var io = require('socket.io')(server);
|
||||||
var socketioJwt = require("socketio-jwt");
|
var socketioJwt = require('socketio-jwt');
|
||||||
|
```
|
||||||
|
|
||||||
//// With socket.io < 1.0 ////
|
With socket.io < 1.0:
|
||||||
|
|
||||||
|
```javascript
|
||||||
io.set('authorization', socketioJwt.authorize({
|
io.set('authorization', socketioJwt.authorize({
|
||||||
secret: 'your secret or public key',
|
secret: 'your secret or public key',
|
||||||
handshake: true
|
handshake: true
|
||||||
}));
|
}));
|
||||||
|
|
||||||
//// With socket.io >= 1.0 ////
|
io.on('connection', function (socket) {
|
||||||
|
console.log('hello!', socket.handshake.decoded_token.name);
|
||||||
|
});
|
||||||
|
```
|
||||||
|
|
||||||
|
With socket.io >= 1.0:
|
||||||
|
|
||||||
|
```javascript
|
||||||
io.use(socketioJwt.authorize({
|
io.use(socketioJwt.authorize({
|
||||||
secret: 'your secret or public key',
|
secret: 'your secret or public key',
|
||||||
handshake: true
|
handshake: true
|
||||||
}));
|
}));
|
||||||
|
|
||||||
io.on('connection', function (socket) {
|
io.on('connection', function (socket) {
|
||||||
// in socket.io < 1.0
|
|
||||||
console.log('hello!', socket.handshake.decoded_token.name);
|
|
||||||
|
|
||||||
// in socket.io 1.0
|
|
||||||
console.log('hello!', socket.decoded_token.name);
|
console.log('hello!', socket.decoded_token.name);
|
||||||
})
|
});
|
||||||
```
|
```
|
||||||
|
|
||||||
For more validation options see [auth0/jsonwebtoken](https://github.com/auth0/node-jsonwebtoken).
|
For more validation options see [auth0/jsonwebtoken](https://github.com/auth0/node-jsonwebtoken).
|
||||||
@ -111,14 +113,24 @@ var socket = io.connect('http://localhost:9000', {
|
|||||||
});
|
});
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Append the jwt token using 'Authorization Header' (Bearer Token):
|
||||||
|
|
||||||
|
```javascript
|
||||||
|
var socket = io.connect('http://localhost:9000', {
|
||||||
|
'extraHeaders': { Authorization: `Bearer ${your_jwt}` }
|
||||||
|
});
|
||||||
|
```
|
||||||
|
|
||||||
|
Both options can be combined or used optionally.
|
||||||
|
|
||||||
### Handling token expiration
|
### Handling token expiration
|
||||||
|
|
||||||
**Server side**
|
**Server side**
|
||||||
|
|
||||||
When you sign the token with an expiration time:
|
When you sign the token with an expiration time (example: 60 minutes):
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var token = jwt.sign(user_profile, jwt_secret, {expiresInMinutes: 60});
|
var token = jwt.sign(user_profile, jwt_secret, {expiresIn: 60*60});
|
||||||
```
|
```
|
||||||
|
|
||||||
Your client-side code should handle it as below:
|
Your client-side code should handle it as below:
|
||||||
@ -126,10 +138,10 @@ Your client-side code should handle it as below:
|
|||||||
**Client side**
|
**Client side**
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
socket.on("unauthorized", function(error) {
|
socket.on('unauthorized', function(error) {
|
||||||
if (error.data.type == "UnauthorizedError" || error.data.code == "invalid_token") {
|
if (error.data.type == 'UnauthorizedError' || error.data.code == 'invalid_token') {
|
||||||
// redirect user to login page perhaps?
|
// redirect user to login page perhaps?
|
||||||
console.log("User's token has expired");
|
console.log('User token has expired');
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
```
|
```
|
||||||
@ -147,11 +159,11 @@ No further configuration needed.
|
|||||||
Add a callback client-side to execute socket disconnect server-side.
|
Add a callback client-side to execute socket disconnect server-side.
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
socket.on("unauthorized", function(error, callback) {
|
socket.on('unauthorized', function(error, callback) {
|
||||||
if (error.data.type == "UnauthorizedError" || error.data.code == "invalid_token") {
|
if (error.data.type == 'UnauthorizedError' || error.data.code == 'invalid_token') {
|
||||||
// redirect user to login page perhaps or execute callback:
|
// redirect user to login page perhaps or execute callback:
|
||||||
callback();
|
callback();
|
||||||
console.log("User's token has expired");
|
console.log('User token has expired');
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
```
|
```
|
||||||
@ -189,11 +201,11 @@ Your client-side code should handle it as below:
|
|||||||
**Client side**
|
**Client side**
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
socket.on("unauthorized", function(error, callback) {
|
socket.on('unauthorized', function(error, callback) {
|
||||||
if (error.data.type == "UnauthorizedError" || error.data.code == "invalid_token") {
|
if (error.data.type == 'UnauthorizedError' || error.data.code == 'invalid_token') {
|
||||||
// redirect user to login page perhaps or execute callback:
|
// redirect user to login page perhaps or execute callback:
|
||||||
callback();
|
callback();
|
||||||
console.log("User's token has expired");
|
console.log('User token has expired');
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
```
|
```
|
||||||
@ -230,6 +242,11 @@ Feel like contributing to this repo? We're glad to hear that! Before you start c
|
|||||||
|
|
||||||
Here you can also find the [PR template](https://github.com/auth0-community/socketio-jwt/blob/master/PULL_REQUEST_TEMPLATE.md) to fill once creating a PR. It will automatically appear once you open a pull request.
|
Here you can also find the [PR template](https://github.com/auth0-community/socketio-jwt/blob/master/PULL_REQUEST_TEMPLATE.md) to fill once creating a PR. It will automatically appear once you open a pull request.
|
||||||
|
|
||||||
|
You might run the unit tests, before creating a PR:
|
||||||
|
```bash
|
||||||
|
npm test
|
||||||
|
```
|
||||||
|
|
||||||
## Issues Reporting
|
## Issues Reporting
|
||||||
|
|
||||||
Spotted a bug or any other kind of issue? We're just humans and we're always waiting for constructive feedback! Check our section on how to [report issues](https://github.com/auth0-community/getting-started/blob/master/CONTRIBUTION.md#issues)!
|
Spotted a bug or any other kind of issue? We're just humans and we're always waiting for constructive feedback! Check our section on how to [report issues](https://github.com/auth0-community/getting-started/blob/master/CONTRIBUTION.md#issues)!
|
||||||
|
Reference in New Issue
Block a user