commit
beff8d38da
@ -114,7 +114,7 @@ function noQsMethod (options) {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
function authorize (options, onConnection) {
|
function authorize (options) {
|
||||||
options = xtend({ decodedPropertyName: 'decoded_token', encodedPropertyName: 'encoded_token' }, options);
|
options = xtend({ decodedPropertyName: 'decoded_token', encodedPropertyName: 'encoded_token' }, options);
|
||||||
|
|
||||||
if (typeof options.secret !== 'string' && typeof options.secret !== 'function') {
|
if (typeof options.secret !== 'string' && typeof options.secret !== 'function') {
|
||||||
|
@ -12,7 +12,8 @@ describe('authorizer with namespaces', () => {
|
|||||||
|
|
||||||
it('should be able to connect to the default namespace', (done) => {
|
it('should be able to connect to the default namespace', (done) => {
|
||||||
io.connect('http://localhost:9000')
|
io.connect('http://localhost:9000')
|
||||||
.once('hi', () => done());
|
.once('hi', () => done())
|
||||||
|
.on('error', done);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should not be able to connect to the admin namespace', (done) => {
|
it('should not be able to connect to the admin namespace', (done) => {
|
||||||
@ -21,6 +22,20 @@ describe('authorizer with namespaces', () => {
|
|||||||
.once('hi admin', () => done(new Error('unauthenticated client was able to connect to the admin namespace')));
|
.once('hi admin', () => done(new Error('unauthenticated client was able to connect to the admin namespace')));
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('should not be able to connect to the admin_hs namespace', (done) => {
|
||||||
|
io.connect('http://localhost:9000/admin_hs')
|
||||||
|
.once('hi admin', () => done(new Error('unauthenticated client was able to connect to the admin_hs namespace')))
|
||||||
|
.on('error', (err) => {
|
||||||
|
if (err === 'Invalid namespace') { // SocketIO throws this error, if auth failed
|
||||||
|
return;
|
||||||
|
} else if (err && err.type == 'UnauthorizedError') {
|
||||||
|
done();
|
||||||
|
} else {
|
||||||
|
done(err);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('when the user is logged in', () => {
|
describe('when the user is logged in', () => {
|
||||||
@ -36,11 +51,41 @@ describe('authorizer with namespaces', () => {
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', (done) => {
|
it('should do the authentication and connect', (done) => {
|
||||||
io.connect('http://localhost:9000/admin', { forceNew: true })
|
io.connect('http://localhost:9000/admin', { forceNew: true })
|
||||||
.on('authenticated', () => done())
|
.on('hi admin', () => done())
|
||||||
|
.emit('authenticate', { token: this.token });
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should do the authentication and connect without "forceNew"', (done) => {
|
||||||
|
io.connect('http://localhost:9000/admin', { forceNew: false })
|
||||||
|
.on('hi admin', () => done())
|
||||||
.emit('authenticate', { token: this.token });
|
.emit('authenticate', { token: this.token });
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
describe('when the user is logged in via handshake', () => {
|
||||||
|
|
||||||
|
beforeEach((done) => {
|
||||||
|
request.post({
|
||||||
|
url: 'http://localhost:9000/login',
|
||||||
|
form: { username: 'jose', password: 'Pa123' },
|
||||||
|
json: true
|
||||||
|
}, (err, resp, body) => {
|
||||||
|
this.token = body.token;
|
||||||
|
done();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should do the handshake and connect', (done) => {
|
||||||
|
io.connect('http://localhost:9000/admin_hs', { forceNew: true, query: 'token=' + this.token })
|
||||||
|
.once('hi admin', () => done());
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should do the handshake and connect without "forceNew"', (done) => {
|
||||||
|
io.connect('http://localhost:9000/admin_hs', { forceNew: false, query: 'token=' + this.token })
|
||||||
|
.once('hi admin', () => done());
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
});
|
});
|
@ -41,7 +41,7 @@ describe('authorizer without querystring', () => {
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', (done) => {
|
it('should do the authentication and connect', (done) => {
|
||||||
const socket = io.connect('http://localhost:9000', { forceNew: true });
|
const socket = io.connect('http://localhost:9000', { forceNew: true });
|
||||||
|
|
||||||
socket
|
socket
|
||||||
|
@ -47,7 +47,7 @@ describe('authorizer with secret function', () => {
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should do the handshake and connect', (done) => {
|
it('should do the authentication and connect', (done) => {
|
||||||
const socket = io.connect('http://localhost:9000', { forceNew: true });
|
const socket = io.connect('http://localhost:9000', { forceNew: true });
|
||||||
|
|
||||||
socket
|
socket
|
||||||
|
@ -7,6 +7,7 @@ const socketIo = require('socket.io');
|
|||||||
const socketio_jwt = require('../../lib');
|
const socketio_jwt = require('../../lib');
|
||||||
|
|
||||||
const jwt = require('jsonwebtoken');
|
const jwt = require('jsonwebtoken');
|
||||||
|
const xtend = require('xtend');
|
||||||
const enableDestroy = require('server-destroy');
|
const enableDestroy = require('server-destroy');
|
||||||
const bodyParser = require('body-parser');
|
const bodyParser = require('body-parser');
|
||||||
|
|
||||||
@ -44,17 +45,26 @@ exports.start = (callback) => {
|
|||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
|
// Global namespace (public)
|
||||||
sio.on('connection', (socket) => {
|
sio.on('connection', (socket) => {
|
||||||
socket.emit('hi');
|
socket.emit('hi');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// Second roundtrip
|
||||||
const admin_nsp = sio.of('/admin');
|
const admin_nsp = sio.of('/admin');
|
||||||
|
|
||||||
admin_nsp.on('connection', socketio_jwt.authorize(options))
|
admin_nsp.on('connection', socketio_jwt.authorize(options))
|
||||||
.on('authenticated', (socket) => {
|
.on('authenticated', (socket) => {
|
||||||
socket.emit('hi admin');
|
socket.emit('hi admin');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// One roundtrip
|
||||||
|
const admin_nsp_hs = sio.of('/admin_hs');
|
||||||
|
|
||||||
|
admin_nsp_hs.use(socketio_jwt.authorize(xtend(options, { handshake: true })));
|
||||||
|
admin_nsp_hs.on('connection', (socket) => {
|
||||||
|
socket.emit('hi admin');
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
server.listen(9000, callback);
|
server.listen(9000, callback);
|
||||||
|
Reference in New Issue
Block a user