feat: lookup auth header if token is not present in handshake
If a middleware sets the token for the request, its not present in the handshake and therefore not authorized. This supports also a auth header.
This commit is contained in:
parent
03e8d51f9a
commit
8d96ef8892
@ -42,6 +42,9 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
|
|||||||
return async (socket, next) => {
|
return async (socket, next) => {
|
||||||
let encodedToken: string | null = null
|
let encodedToken: string | null = null
|
||||||
const { token } = socket.handshake.auth
|
const { token } = socket.handshake.auth
|
||||||
|
if (token == null) {
|
||||||
|
token = socket.handshake.headers.authorization
|
||||||
|
}
|
||||||
if (token != null) {
|
if (token != null) {
|
||||||
const tokenSplitted = token.split(' ')
|
const tokenSplitted = token.split(' ')
|
||||||
if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {
|
if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {
|
||||||
|
Reference in New Issue
Block a user