change the API
This commit is contained in:
parent
b0f4354ecb
commit
b292ab75af
61
README.md
61
README.md
@ -8,6 +8,34 @@ npm install socketio-jwt
|
|||||||
|
|
||||||
## Example usage
|
## Example usage
|
||||||
|
|
||||||
|
```javascript
|
||||||
|
// set authorization for socket.io
|
||||||
|
io.sockets
|
||||||
|
.on('connection', socketioJwt.authorize({
|
||||||
|
secret: 'your secret or public key',
|
||||||
|
timeout: 15000 // 15 seconds to send the authentication message
|
||||||
|
}).on('authenticated', function(socket) {
|
||||||
|
//this socket is authenticated, we are good to handle more events from it.
|
||||||
|
console.log('hello! ' + socket.decoded_token.name);
|
||||||
|
}));
|
||||||
|
```
|
||||||
|
|
||||||
|
__Client side__:
|
||||||
|
|
||||||
|
```javascript
|
||||||
|
var socket = io.connect('http://localhost:9000');
|
||||||
|
socket.on('connect', function (socket) {
|
||||||
|
socket
|
||||||
|
.on('authenticated', function () {
|
||||||
|
//do other things
|
||||||
|
})
|
||||||
|
.emit('authenticate', {token: jwt}); //send the jwt
|
||||||
|
});
|
||||||
|
```
|
||||||
|
|
||||||
|
## One roundtrip
|
||||||
|
|
||||||
|
The previous approach uses a second roundtrip to send the jwt, there is a way you can authenticate on the handshake by sending the JWT as a query string, the caveat is that intermediary HTTP servers can log the url.
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var io = require("socket.io")(server);
|
var io = require("socket.io")(server);
|
||||||
@ -15,7 +43,8 @@ var socketioJwt = require("socketio-jwt");
|
|||||||
|
|
||||||
// set authorization for socket.io
|
// set authorization for socket.io
|
||||||
io.set('authorization', socketioJwt.authorize({
|
io.set('authorization', socketioJwt.authorize({
|
||||||
secret: 'your secret or public key'
|
secret: 'your secret or public key',
|
||||||
|
handshake: true
|
||||||
}));
|
}));
|
||||||
|
|
||||||
io.on('connection', function (socket) {
|
io.on('connection', function (socket) {
|
||||||
@ -35,36 +64,6 @@ var socket = io.connect('http://localhost:9000', {
|
|||||||
});
|
});
|
||||||
```
|
```
|
||||||
|
|
||||||
## Second method, without querystrings
|
|
||||||
|
|
||||||
The previous approach send the token through querystring which could be logged by intermediary HTTP proxies. This second method doesn't but it requires an extra roundtrip. __Take care with this method to filter unauthenticated sockets when broadcasting.__
|
|
||||||
|
|
||||||
```javascript
|
|
||||||
// set authorization for socket.io
|
|
||||||
io.sockets.on('connection', socketioJwt.authorize({
|
|
||||||
secret: 'your secret or public key',
|
|
||||||
timeout: 15000 // 15 seconds to send the authentication message
|
|
||||||
}, function(socket) {
|
|
||||||
//this socket is authenticated, we are good to handle more events from it.
|
|
||||||
console.log('hello! ' + socket.decoded_token.name);
|
|
||||||
}));
|
|
||||||
```
|
|
||||||
|
|
||||||
__Client side__:
|
|
||||||
|
|
||||||
For now the only way to append the jwt token is using query string:
|
|
||||||
|
|
||||||
```javascript
|
|
||||||
var socket = io.connect('http://localhost:9000');
|
|
||||||
socket.on('connect', function (socket) {
|
|
||||||
socket
|
|
||||||
.on('authenticated', function () {
|
|
||||||
//do other things
|
|
||||||
})
|
|
||||||
.emit('authenticate', {token: jwt}); //send the jwt
|
|
||||||
});
|
|
||||||
```
|
|
||||||
|
|
||||||
## Contribute
|
## Contribute
|
||||||
|
|
||||||
You are always welcome to open an issue or provide a pull-request!
|
You are always welcome to open an issue or provide a pull-request!
|
||||||
|
10
lib/index.js
10
lib/index.js
@ -2,8 +2,10 @@ var xtend = require('xtend');
|
|||||||
var jwt = require('jsonwebtoken');
|
var jwt = require('jsonwebtoken');
|
||||||
var UnauthorizedError = require('./UnauthorizedError');
|
var UnauthorizedError = require('./UnauthorizedError');
|
||||||
|
|
||||||
function noQsMethod(options, onConnection) {
|
function noQsMethod(options) {
|
||||||
return function (socket) {
|
return function (socket) {
|
||||||
|
var server = this;
|
||||||
|
|
||||||
var auth_timeout = setTimeout(function () {
|
var auth_timeout = setTimeout(function () {
|
||||||
socket.disconnect('unauthorized');
|
socket.disconnect('unauthorized');
|
||||||
}, options.timeout || 5000);
|
}, options.timeout || 5000);
|
||||||
@ -17,7 +19,7 @@ function noQsMethod(options, onConnection) {
|
|||||||
|
|
||||||
socket.user = decoded;
|
socket.user = decoded;
|
||||||
socket.emit('authenticated');
|
socket.emit('authenticated');
|
||||||
onConnection(socket);
|
server.$emit('authenticated', socket);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -36,8 +38,8 @@ function authorize(options, onConnection) {
|
|||||||
|
|
||||||
var auth = xtend(defaults, options);
|
var auth = xtend(defaults, options);
|
||||||
|
|
||||||
if (onConnection) {
|
if (!options.handshake) {
|
||||||
return noQsMethod(options, onConnection);
|
return noQsMethod(options);
|
||||||
}
|
}
|
||||||
|
|
||||||
return function(data, accept){
|
return function(data, accept){
|
||||||
|
@ -7,7 +7,7 @@ describe('authorizer without querystring', function () {
|
|||||||
//start and stop the server
|
//start and stop the server
|
||||||
before(function (done) {
|
before(function (done) {
|
||||||
fixture.start({
|
fixture.start({
|
||||||
noQS: true
|
handshake: false
|
||||||
} , done);
|
} , done);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -19,7 +19,8 @@ exports.start = function (options, callback) {
|
|||||||
|
|
||||||
options = xtend({
|
options = xtend({
|
||||||
secret: 'aaafoo super sercret',
|
secret: 'aaafoo super sercret',
|
||||||
timeout: 1000
|
timeout: 1000,
|
||||||
|
handshake: true
|
||||||
}, options);
|
}, options);
|
||||||
|
|
||||||
var app = express();
|
var app = express();
|
||||||
@ -48,22 +49,24 @@ exports.start = function (options, callback) {
|
|||||||
var sio = socketIo.listen(server);
|
var sio = socketIo.listen(server);
|
||||||
|
|
||||||
sio.configure(function(){
|
sio.configure(function(){
|
||||||
if (!options.noQS) {
|
if (options.handshake) {
|
||||||
this.set('authorization', socketio_jwt.authorize(options));
|
this.set('authorization', socketio_jwt.authorize(options));
|
||||||
}
|
}
|
||||||
this.set('log level', 0);
|
this.set('log level', 0);
|
||||||
});
|
});
|
||||||
|
|
||||||
if (!options.noQS) {
|
if (options.handshake) {
|
||||||
sio.sockets.on('echo', function (m) {
|
sio.sockets.on('echo', function (m) {
|
||||||
sio.sockets.emit('echo-response', m);
|
sio.sockets.emit('echo-response', m);
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
sio.sockets.on('connection', socketio_jwt.authorize(options, function (socket) {
|
sio.sockets
|
||||||
socket.on('echo', function (m) {
|
.on('connection', socketio_jwt.authorize(options))
|
||||||
socket.emit('echo-response', m);
|
.on('authenticated', function (socket) {
|
||||||
|
socket.on('echo', function (m) {
|
||||||
|
socket.emit('echo-response', m);
|
||||||
|
});
|
||||||
});
|
});
|
||||||
}));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
server.listen(9000, callback);
|
server.listen(9000, callback);
|
||||||
|
Reference in New Issue
Block a user