Added optional authentication and the ability to call another function to further validate the token

* Optional authentication is useful when you wish to serve both secure and unsecured services via the same server socket
* The ability to specify an additional function to be called to further validate the token is useful when you wish to be able to expire tokens for some reason
This commit is contained in:
David Damerell 2014-10-24 17:01:53 +01:00
parent dbb4e95415
commit 9389672a9d

View File

@ -13,24 +13,41 @@ function noQsMethod(options) {
Namespace.events.push('authenticated');
}
}
var auth_timeout = setTimeout(function () {
socket.disconnect('unauthorized');
}, options.timeout || 5000);
if(options.required){
var auth_timeout = setTimeout(function () {
socket.disconnect('unauthorized');
}, options.timeout || 5000);
}
socket.on('authenticate', function (data) {
clearTimeout(auth_timeout);
if(options.required){
clearTimeout(auth_timeout);
}
jwt.verify(data.token, options.secret, options, function(err, decoded) {
if (err) {
var onError = function(){
return socket.disconnect('unauthorized');
};
if (err) {
onError();
}
socket.decoded_token = decoded;
socket.emit('authenticated');
if (server.$emit) {
server.$emit('authenticated', socket);
} else {
server.server.sockets.emit('authenticated', socket);
var onSuccess = function(){
socket.decoded_token = decoded;
socket.emit('authenticated');
if (server.$emit) {
server.$emit('authenticated', socket);
} else {
server.server.sockets.emit('authenticated', socket);
}
};
if(options.additional_auth){
options.additional_auth(decoded, onSuccess, onError);
}else{
onSuccess();
}
});
});