Added optional authentication and the ability to call another function to further validate the token
* Optional authentication is useful when you wish to serve both secure and unsecured services via the same server socket * The ability to specify an additional function to be called to further validate the token is useful when you wish to be able to expire tokens for some reason
This commit is contained in:
parent
dbb4e95415
commit
9389672a9d
29
lib/index.js
29
lib/index.js
@ -14,17 +14,27 @@ function noQsMethod(options) {
|
||||
}
|
||||
}
|
||||
|
||||
if(options.required){
|
||||
var auth_timeout = setTimeout(function () {
|
||||
socket.disconnect('unauthorized');
|
||||
}, options.timeout || 5000);
|
||||
|
||||
socket.on('authenticate', function (data) {
|
||||
clearTimeout(auth_timeout);
|
||||
jwt.verify(data.token, options.secret, options, function(err, decoded) {
|
||||
if (err) {
|
||||
return socket.disconnect('unauthorized');
|
||||
}
|
||||
|
||||
socket.on('authenticate', function (data) {
|
||||
if(options.required){
|
||||
clearTimeout(auth_timeout);
|
||||
}
|
||||
|
||||
jwt.verify(data.token, options.secret, options, function(err, decoded) {
|
||||
var onError = function(){
|
||||
return socket.disconnect('unauthorized');
|
||||
};
|
||||
|
||||
if (err) {
|
||||
onError();
|
||||
}
|
||||
|
||||
var onSuccess = function(){
|
||||
socket.decoded_token = decoded;
|
||||
socket.emit('authenticated');
|
||||
if (server.$emit) {
|
||||
@ -32,6 +42,13 @@ function noQsMethod(options) {
|
||||
} else {
|
||||
server.server.sockets.emit('authenticated', socket);
|
||||
}
|
||||
};
|
||||
|
||||
if(options.additional_auth){
|
||||
options.additional_auth(decoded, onSuccess, onError);
|
||||
}else{
|
||||
onSuccess();
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
|
Reference in New Issue
Block a user