major changes

passport.socketio now lets the user decide whether to accept a
connection or not. to do so, you have tu provide your own 'fail'-method.
this will be called unless the user is successfuly authenticated (still
uses the 'success'-method). The method will be called with four
parameters:
- data: <Object> Handshake Data
- message <String> Error-Message
- critical <Bool> True if the User is and will be unable to use
socket.io because of errors in the authorization-system or somewhere
else. False if the user would still be able to use the system (indicates
that he's just not logged-in)
- accept: <function> plain old accept function.
If there's no fail-method given, passport.socketio allows every
not-critical-failed connection.
Also there is now a 'logged_in' <Bool>-Property inside your User-Key.
This commit is contained in:
Screeny 2013-11-06 18:19:00 +01:00
parent b6e7ee635e
commit 928cd508ff

View File

@ -21,8 +21,8 @@ function authorize(options) {
key: 'connect.sid', key: 'connect.sid',
secret: null, secret: null,
store: null, store: null,
success: null, success: function(data, accept){accept(null, true)},
fail: null fail: function(data, message, critical, accept){accept(null, !critical)}
}; };
var auth = xtend({}, defaults, options ); var auth = xtend({}, defaults, options );
@ -34,40 +34,32 @@ function authorize(options) {
} }
return function(data, accept){ return function(data, accept){
if (!data.headers.cookie) { data.cookie = parseCookie(auth, data.headers.cookie || '');
return accept(null, false); data.sessionID = data.cookie[auth.key] || '';
} data[auth.userProperty] = {
logged_in: false
};
data.cookie = parseCookie(auth, data.headers.cookie); if(data.xdomain)
return auth.fail(data, 'Can not read cookies from CORS-Requests.', false, accept);
data.sessionID = data.cookie[ auth.key ];
auth.store.get(data.sessionID, function(err, session){ auth.store.get(data.sessionID, function(err, session){
if (err) { if(err)
return accept('Error in session store.', false); return auth.fail(data, 'Error in session store.', true, accept);
} else if (!session) { if(!session[auth.passport._key])
return accept(null, false); return auth.fail(data, 'Passport was not initialized', true, accept);
} if(!session)
return auth.fail(data, 'No session found', false, accept);
if( !session[ auth.passport._key ] ){
return accept('passport was not initialized', false);
}
var userKey = session[auth.passport._key][auth.userProperty]; var userKey = session[auth.passport._key][auth.userProperty];
if(userKey === undefined) { if(!userKey)
if(auth.fail) return auth.fail(data, 'User not authorized through passport. (User Property not found)', false, accept);
return auth.fail( data, accept );
else
return accept(null, false);
}
auth.passport.deserializeUser(userKey, function(err, user) { auth.passport.deserializeUser(userKey, function(err, user) {
data[auth.userProperty] = user; data[auth.userProperty] = user;
if( auth.success ) { data[auth.userProperty].logged_in = true;
return auth.success( data, accept ); auth.success(data, accept);
}
accept(null, true);
}); });
}); });