feat: lookup auth header if token is not present in handshake

If a middleware sets the token for the request, its not present in the handshake and therefore not authorized. This supports also a auth header.
This commit is contained in:
Deniz 2023-03-23 16:48:42 +01:00 committed by GitHub
parent 03e8d51f9a
commit 8d96ef8892
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -42,6 +42,9 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
return async (socket, next) => { return async (socket, next) => {
let encodedToken: string | null = null let encodedToken: string | null = null
const { token } = socket.handshake.auth const { token } = socket.handshake.auth
if (token == null) {
token = socket.handshake.headers.authorization
}
if (token != null) { if (token != null) {
const tokenSplitted = token.split(' ') const tokenSplitted = token.split(' ')
if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') { if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {