change the API

This commit is contained in:
José F. Romaniello 2014-01-14 08:30:39 -03:00
parent b0f4354ecb
commit b292ab75af
4 changed files with 47 additions and 43 deletions

View File

@ -8,6 +8,34 @@ npm install socketio-jwt
## Example usage
```javascript
// set authorization for socket.io
io.sockets
.on('connection', socketioJwt.authorize({
secret: 'your secret or public key',
timeout: 15000 // 15 seconds to send the authentication message
}).on('authenticated', function(socket) {
//this socket is authenticated, we are good to handle more events from it.
console.log('hello! ' + socket.decoded_token.name);
}));
```
__Client side__:
```javascript
var socket = io.connect('http://localhost:9000');
socket.on('connect', function (socket) {
socket
.on('authenticated', function () {
//do other things
})
.emit('authenticate', {token: jwt}); //send the jwt
});
```
## One roundtrip
The previous approach uses a second roundtrip to send the jwt, there is a way you can authenticate on the handshake by sending the JWT as a query string, the caveat is that intermediary HTTP servers can log the url.
```javascript
var io = require("socket.io")(server);
@ -15,7 +43,8 @@ var socketioJwt = require("socketio-jwt");
// set authorization for socket.io
io.set('authorization', socketioJwt.authorize({
secret: 'your secret or public key'
secret: 'your secret or public key',
handshake: true
}));
io.on('connection', function (socket) {
@ -35,36 +64,6 @@ var socket = io.connect('http://localhost:9000', {
});
```
## Second method, without querystrings
The previous approach send the token through querystring which could be logged by intermediary HTTP proxies. This second method doesn't but it requires an extra roundtrip. __Take care with this method to filter unauthenticated sockets when broadcasting.__
```javascript
// set authorization for socket.io
io.sockets.on('connection', socketioJwt.authorize({
secret: 'your secret or public key',
timeout: 15000 // 15 seconds to send the authentication message
}, function(socket) {
//this socket is authenticated, we are good to handle more events from it.
console.log('hello! ' + socket.decoded_token.name);
}));
```
__Client side__:
For now the only way to append the jwt token is using query string:
```javascript
var socket = io.connect('http://localhost:9000');
socket.on('connect', function (socket) {
socket
.on('authenticated', function () {
//do other things
})
.emit('authenticate', {token: jwt}); //send the jwt
});
```
## Contribute
You are always welcome to open an issue or provide a pull-request!

View File

@ -2,8 +2,10 @@ var xtend = require('xtend');
var jwt = require('jsonwebtoken');
var UnauthorizedError = require('./UnauthorizedError');
function noQsMethod(options, onConnection) {
function noQsMethod(options) {
return function (socket) {
var server = this;
var auth_timeout = setTimeout(function () {
socket.disconnect('unauthorized');
}, options.timeout || 5000);
@ -17,7 +19,7 @@ function noQsMethod(options, onConnection) {
socket.user = decoded;
socket.emit('authenticated');
onConnection(socket);
server.$emit('authenticated', socket);
});
});
@ -36,8 +38,8 @@ function authorize(options, onConnection) {
var auth = xtend(defaults, options);
if (onConnection) {
return noQsMethod(options, onConnection);
if (!options.handshake) {
return noQsMethod(options);
}
return function(data, accept){

View File

@ -7,7 +7,7 @@ describe('authorizer without querystring', function () {
//start and stop the server
before(function (done) {
fixture.start({
noQS: true
handshake: false
} , done);
});

View File

@ -19,7 +19,8 @@ exports.start = function (options, callback) {
options = xtend({
secret: 'aaafoo super sercret',
timeout: 1000
timeout: 1000,
handshake: true
}, options);
var app = express();
@ -48,22 +49,24 @@ exports.start = function (options, callback) {
var sio = socketIo.listen(server);
sio.configure(function(){
if (!options.noQS) {
if (options.handshake) {
this.set('authorization', socketio_jwt.authorize(options));
}
this.set('log level', 0);
});
if (!options.noQS) {
if (options.handshake) {
sio.sockets.on('echo', function (m) {
sio.sockets.emit('echo-response', m);
});
} else {
sio.sockets.on('connection', socketio_jwt.authorize(options, function (socket) {
sio.sockets
.on('connection', socketio_jwt.authorize(options))
.on('authenticated', function (socket) {
socket.on('echo', function (m) {
socket.emit('echo-response', m);
});
}));
});
}
server.listen(9000, callback);