major changes
passport.socketio now lets the user decide whether to accept a connection or not. to do so, you have tu provide your own 'fail'-method. this will be called unless the user is successfuly authenticated (still uses the 'success'-method). The method will be called with four parameters: - data: <Object> Handshake Data - message <String> Error-Message - critical <Bool> True if the User is and will be unable to use socket.io because of errors in the authorization-system or somewhere else. False if the user would still be able to use the system (indicates that he's just not logged-in) - accept: <function> plain old accept function. If there's no fail-method given, passport.socketio allows every not-critical-failed connection. Also there is now a 'logged_in' <Bool>-Property inside your User-Key.
This commit is contained in:
parent
b6e7ee635e
commit
928cd508ff
50
lib/index.js
50
lib/index.js
@ -21,8 +21,8 @@ function authorize(options) {
|
|||||||
key: 'connect.sid',
|
key: 'connect.sid',
|
||||||
secret: null,
|
secret: null,
|
||||||
store: null,
|
store: null,
|
||||||
success: null,
|
success: function(data, accept){accept(null, true)},
|
||||||
fail: null
|
fail: function(data, message, critical, accept){accept(null, !critical)}
|
||||||
};
|
};
|
||||||
|
|
||||||
var auth = xtend({}, defaults, options );
|
var auth = xtend({}, defaults, options );
|
||||||
@ -34,40 +34,32 @@ function authorize(options) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
return function(data, accept){
|
return function(data, accept){
|
||||||
if (!data.headers.cookie) {
|
data.cookie = parseCookie(auth, data.headers.cookie || '');
|
||||||
return accept(null, false);
|
data.sessionID = data.cookie[auth.key] || '';
|
||||||
}
|
data[auth.userProperty] = {
|
||||||
|
logged_in: false
|
||||||
|
};
|
||||||
|
|
||||||
data.cookie = parseCookie(auth, data.headers.cookie);
|
if(data.xdomain)
|
||||||
|
return auth.fail(data, 'Can not read cookies from CORS-Requests.', false, accept);
|
||||||
data.sessionID = data.cookie[ auth.key ];
|
|
||||||
|
|
||||||
auth.store.get(data.sessionID, function(err, session){
|
auth.store.get(data.sessionID, function(err, session){
|
||||||
if (err) {
|
if(err)
|
||||||
return accept('Error in session store.', false);
|
return auth.fail(data, 'Error in session store.', true, accept);
|
||||||
} else if (!session) {
|
if(!session[auth.passport._key])
|
||||||
return accept(null, false);
|
return auth.fail(data, 'Passport was not initialized', true, accept);
|
||||||
}
|
if(!session)
|
||||||
|
return auth.fail(data, 'No session found', false, accept);
|
||||||
|
|
||||||
if( !session[ auth.passport._key ] ){
|
var userKey = session[auth.passport._key][auth.userProperty];
|
||||||
return accept('passport was not initialized', false);
|
|
||||||
}
|
|
||||||
|
|
||||||
var userKey = session[ auth.passport._key ][ auth.userProperty ];
|
if(!userKey)
|
||||||
|
return auth.fail(data, 'User not authorized through passport. (User Property not found)', false, accept);
|
||||||
if(userKey === undefined) {
|
|
||||||
if(auth.fail)
|
|
||||||
return auth.fail( data, accept );
|
|
||||||
else
|
|
||||||
return accept(null, false);
|
|
||||||
}
|
|
||||||
|
|
||||||
auth.passport.deserializeUser(userKey, function(err, user) {
|
auth.passport.deserializeUser(userKey, function(err, user) {
|
||||||
data[ auth.userProperty ] = user;
|
data[auth.userProperty] = user;
|
||||||
if( auth.success ) {
|
data[auth.userProperty].logged_in = true;
|
||||||
return auth.success( data, accept );
|
auth.success(data, accept);
|
||||||
}
|
|
||||||
accept(null, true);
|
|
||||||
});
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
|
Reference in New Issue
Block a user