From 928cd508ffe40c9ed7726a38131d917c6075cdc9 Mon Sep 17 00:00:00 2001
From: Screeny <screeny05@gmail.com>
Date: Wed, 6 Nov 2013 18:19:00 +0100
Subject: [PATCH] major changes

passport.socketio now lets the user decide whether to accept a
connection or not. to do so, you have tu provide your own 'fail'-method.
this will be called unless the user is successfuly authenticated (still
uses the 'success'-method). The method will be called with four
parameters:
- data: <Object> Handshake Data
- message <String> Error-Message
- critical <Bool> True if the User is and will be unable to use
socket.io because of errors in the authorization-system or somewhere
else. False if the user would still be able to use the system (indicates
that he's just not logged-in)
- accept: <function> plain old accept function.
If there's no fail-method given, passport.socketio allows every
not-critical-failed connection.
Also there is now a 'logged_in' <Bool>-Property inside your User-Key.
---
 lib/index.js | 52 ++++++++++++++++++++++------------------------------
 1 file changed, 22 insertions(+), 30 deletions(-)

diff --git a/lib/index.js b/lib/index.js
index ad94a9b..31ba3f3 100644
--- a/lib/index.js
+++ b/lib/index.js
@@ -21,8 +21,8 @@ function authorize(options) {
     key:          'connect.sid',
     secret:       null,
     store:        null,
-    success:      null,
-    fail:         null
+    success:      function(data, accept){accept(null, true)},
+    fail:         function(data, message, critical, accept){accept(null, !critical)}
   };
 
   var auth = xtend({}, defaults, options );
@@ -34,40 +34,32 @@ function authorize(options) {
   }
 
   return function(data, accept){
-    if (!data.headers.cookie) {
-      return accept(null, false);
-    }
+    data.cookie = parseCookie(auth, data.headers.cookie || '');
+    data.sessionID = data.cookie[auth.key] || '';
+    data[auth.userProperty] = {
+      logged_in: false
+    };
 
-    data.cookie =  parseCookie(auth, data.headers.cookie);
-
-    data.sessionID = data.cookie[ auth.key ];
+    if(data.xdomain)
+      return auth.fail(data, 'Can not read cookies from CORS-Requests.', false, accept);
 
     auth.store.get(data.sessionID, function(err, session){
-      if (err) {
-        return accept('Error in session store.', false);
-      } else if (!session) {
-        return accept(null, false);
-      }
+      if(err)
+        return auth.fail(data, 'Error in session store.', true, accept);
+      if(!session[auth.passport._key])
+        return auth.fail(data, 'Passport was not initialized', true, accept);
+      if(!session)
+        return auth.fail(data, 'No session found', false, accept);
+      
+      var userKey = session[auth.passport._key][auth.userProperty];
 
-      if( !session[ auth.passport._key ] ){
-        return accept('passport was not initialized', false);
-      }
-
-      var userKey = session[ auth.passport._key ][ auth.userProperty ];
-
-      if(userKey === undefined) {
-        if(auth.fail)
-          return auth.fail( data, accept );
-        else
-          return accept(null, false);
-      }
+      if(!userKey)
+        return auth.fail(data, 'User not authorized through passport. (User Property not found)', false, accept);
 
       auth.passport.deserializeUser(userKey, function(err, user) {
-        data[ auth.userProperty ] = user;
-        if( auth.success ) {
-          return auth.success( data, accept );
-        }
-        accept(null, true);
+        data[auth.userProperty] = user;
+        data[auth.userProperty].logged_in = true;
+        auth.success(data, accept);
       });
 
     });