feat: usage of auth option to send credentials

BREAKING CHANGE: extraHeaders with Authorization doesn't work anymore See: https://socket.io/docs/v3/middlewares/#Sending-credentials
2024-07-21 09:38:31 +02:00 · 2021-02-22 13:00:53 +01:00 · 2021-02-22 13:00:53 +01:00 · a14d4e937b
commit a14d4e937b
parent 4ba3e3bccb
3 changed files with 9 additions and 9 deletions
--- a/README.md
+++ b/README.md
@ -97,9 +97,9 @@ io.on('connection', async (socket) => {
 ```ts
 import { io } from 'socket.io-client'

-// Require Bearer Tokens to be passed in as an Authorization Header
+// Require Bearer Token
 const socket = io('http://localhost:9000', {
-  extraHeaders: { Authorization: `Bearer ${yourJWT}` }
+  auth: { token: `Bearer ${yourJWT}` }
 })

 // Handling token expiration
--- a/src/test/authorize.test.ts
+++ b/src/test/authorize.test.ts
@ -31,7 +31,7 @@ describe('authorize - with secret as string in options', () => {

  it('should emit error with bad token format', (done) => {
    const socket = io('http://localhost:9000', {
-      extraHeaders: { Authorization: 'testing' }
+      auth: { token: 'testing' }
    })
    socket.on('connect_error', (err: any) => {
      expect(err.data.message).toEqual(
@ -45,7 +45,7 @@ describe('authorize - with secret as string in options', () => {

  it('should emit error with unauthorized handshake', (done) => {
    const socket = io('http://localhost:9000', {
-      extraHeaders: { Authorization: 'Bearer testing' }
+      auth: { token: 'Bearer testing' }
    })
    socket.on('connect_error', (err: any) => {
      expect(err.data.message).toEqual(
@ -59,7 +59,7 @@ describe('authorize - with secret as string in options', () => {

  it('should connect the user', (done) => {
    const socket = io('http://localhost:9000', {
-      extraHeaders: { Authorization: `Bearer ${token}` }
+      auth: { token: `Bearer ${token}` }
    })
    socket.on('connect', () => {
      socket.close()
@ -93,7 +93,7 @@ describe('authorize - with secret as callback in options', () => {

  it('should connect the user', (done) => {
    const socket = io('http://localhost:9000', {
-      extraHeaders: { Authorization: `Bearer ${token}` }
+      auth: { token: `Bearer ${token}` }
    })
    socket.on('connect', () => {
      socket.close()
--- a/src/authorize.ts
+++ b/src/authorize.ts
@ -40,9 +40,9 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
  const { secret, algorithms = ['HS256'] } = options
  return async (socket, next) => {
    let encodedToken: string | null = null
-    const authorizationHeader = socket.request.headers.authorization
-    if (authorizationHeader != null) {
-      const tokenSplitted = authorizationHeader.split(' ')
+    const { token } = socket.handshake.auth
+    if (token != null) {
+      const tokenSplitted = token.split(' ')
      if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {
        return next(
          new UnauthorizedError('credentials_bad_format', {