Thream/socketio-jwt
2
1
Fork 0
mirror of https://github.com/Thream/socketio-jwt.git synced 2024-07-21 09:38:31 +02:00
Code Issues Releases Activity

Merge pull request #69 from Daedalus11069/daedalus11069-patch-optional-async

Browse Source 
Make .disconnect() async call optional
This commit is contained in:
José F. Romaniello 2016-06-21 14:46:19 +02:00 committed by GitHub
commit b78156dc91
2 changed files with 81 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
README.md
View File

@ -102,6 +102,71 @@ socket.on("error", function(error) {
} }
}); });
``` ```
## Handling invalid token
Token sent by client is invalid.
__Server side__:
No further configuration needed.
__Client side__:
Add a callback client-side to execute socket disconnect server-side.
```javascript
socket.on("unauthorized", function(error, callback) {
if (error.data.type == "UnauthorizedError" || error.data.code == "invalid_token") {
// redirect user to login page perhaps or execute callback:
callback();
console.log("User's token has expired");
}
});
```
__Server side__:
To disconnect socket server-side without client-side callback:
```javascript
io.sockets.on('connection', socketioJwt.authorize({
secret: 'secret goes here',
// No client-side callback, terminate connection server-side
callback: false
}))
```
__Client side__:
Nothing needs to be changed client-side if callback is false.
__Server side__:
To disconnect socket server-side while giving client-side 15 seconds to execute callback:
```javascript
io.sockets.on('connection', socketioJwt.authorize({
secret: 'secret goes here',
// Delay server-side socket disconnect to wait for client-side callback
callback: 15000
}))
```
Your client-side code should handle it as below.
__Client side__:
```javascript
socket.on("unauthorized", function(error, callback) {
if (error.data.type == "UnauthorizedError" || error.data.code == "invalid_token") {
// redirect user to login page perhaps or execute callback:
callback();
console.log("User's token has expired");
}
});
```
## Getting the secret dynamically ## Getting the secret dynamically
You can pass a function instead of an string when configuring secret. You can pass a function instead of an string when configuring secret.
This function receives the request, the decoded token and a callback. This This function receives the request, the decoded token and a callback. This

16
lib/index.js
View File

@ -34,7 +34,23 @@ function noQsMethod(options) {
var error = new UnauthorizedError(code, { var error = new UnauthorizedError(code, {
message: (Object.prototype.toString.call(err) === '[object Object]' && err.message) ? err.message : err message: (Object.prototype.toString.call(err) === '[object Object]' && err.message) ? err.message : err
}); });
var callback_timeout;
// If callback explicitely set to false, start timeout to disconnect socket
if (options.callback === false || typeof options.callback === "number") {
if (typeof options.callback === "number") {
if (options.callback < 0) {
// If callback is negative(invalid value), make it positive
options.callback = Math.abs(options.callback);
}
}
callback_timeout = setTimeout(function () {
socket.disconnect('unauthorized');
}, (options.callback === false ? 0 : options.callback));
}
socket.emit('unauthorized', error, function() { socket.emit('unauthorized', error, function() {
if (typeof options.callback === "number") {
clearTimeout(callback_timeout);
}
socket.disconnect('unauthorized'); socket.disconnect('unauthorized');
}); });
return; // stop logic, socket will be close on next tick return; // stop logic, socket will be close on next tick