Added optional authentication and the ability to call another function to further validate the token
* Optional authentication is useful when you wish to serve both secure and unsecured services via the same server socket * The ability to specify an additional function to be called to further validate the token is useful when you wish to be able to expire tokens for some reason
This commit is contained in:
parent
dbb4e95415
commit
9389672a9d
39
lib/index.js
39
lib/index.js
@ -14,23 +14,40 @@ function noQsMethod(options) {
|
||||
}
|
||||
}
|
||||
|
||||
var auth_timeout = setTimeout(function () {
|
||||
socket.disconnect('unauthorized');
|
||||
}, options.timeout || 5000);
|
||||
if(options.required){
|
||||
var auth_timeout = setTimeout(function () {
|
||||
socket.disconnect('unauthorized');
|
||||
}, options.timeout || 5000);
|
||||
}
|
||||
|
||||
socket.on('authenticate', function (data) {
|
||||
clearTimeout(auth_timeout);
|
||||
if(options.required){
|
||||
clearTimeout(auth_timeout);
|
||||
}
|
||||
|
||||
jwt.verify(data.token, options.secret, options, function(err, decoded) {
|
||||
if (err) {
|
||||
var onError = function(){
|
||||
return socket.disconnect('unauthorized');
|
||||
};
|
||||
|
||||
if (err) {
|
||||
onError();
|
||||
}
|
||||
|
||||
socket.decoded_token = decoded;
|
||||
socket.emit('authenticated');
|
||||
if (server.$emit) {
|
||||
server.$emit('authenticated', socket);
|
||||
} else {
|
||||
server.server.sockets.emit('authenticated', socket);
|
||||
var onSuccess = function(){
|
||||
socket.decoded_token = decoded;
|
||||
socket.emit('authenticated');
|
||||
if (server.$emit) {
|
||||
server.$emit('authenticated', socket);
|
||||
} else {
|
||||
server.server.sockets.emit('authenticated', socket);
|
||||
}
|
||||
};
|
||||
|
||||
if(options.additional_auth){
|
||||
options.additional_auth(decoded, onSuccess, onError);
|
||||
}else{
|
||||
onSuccess();
|
||||
}
|
||||
});
|
||||
});
|
||||
|
Reference in New Issue
Block a user