commit
beff8d38da
@ -114,7 +114,7 @@ function noQsMethod (options) {
|
||||
};
|
||||
}
|
||||
|
||||
function authorize (options, onConnection) {
|
||||
function authorize (options) {
|
||||
options = xtend({ decodedPropertyName: 'decoded_token', encodedPropertyName: 'encoded_token' }, options);
|
||||
|
||||
if (typeof options.secret !== 'string' && typeof options.secret !== 'function') {
|
||||
|
@ -12,7 +12,8 @@ describe('authorizer with namespaces', () => {
|
||||
|
||||
it('should be able to connect to the default namespace', (done) => {
|
||||
io.connect('http://localhost:9000')
|
||||
.once('hi', () => done());
|
||||
.once('hi', () => done())
|
||||
.on('error', done);
|
||||
});
|
||||
|
||||
it('should not be able to connect to the admin namespace', (done) => {
|
||||
@ -21,6 +22,20 @@ describe('authorizer with namespaces', () => {
|
||||
.once('hi admin', () => done(new Error('unauthenticated client was able to connect to the admin namespace')));
|
||||
});
|
||||
|
||||
it('should not be able to connect to the admin_hs namespace', (done) => {
|
||||
io.connect('http://localhost:9000/admin_hs')
|
||||
.once('hi admin', () => done(new Error('unauthenticated client was able to connect to the admin_hs namespace')))
|
||||
.on('error', (err) => {
|
||||
if (err === 'Invalid namespace') { // SocketIO throws this error, if auth failed
|
||||
return;
|
||||
} else if (err && err.type == 'UnauthorizedError') {
|
||||
done();
|
||||
} else {
|
||||
done(err);
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
});
|
||||
|
||||
describe('when the user is logged in', () => {
|
||||
@ -36,11 +51,41 @@ describe('authorizer with namespaces', () => {
|
||||
});
|
||||
});
|
||||
|
||||
it('should do the handshake and connect', (done) => {
|
||||
it('should do the authentication and connect', (done) => {
|
||||
io.connect('http://localhost:9000/admin', { forceNew: true })
|
||||
.on('authenticated', () => done())
|
||||
.on('hi admin', () => done())
|
||||
.emit('authenticate', { token: this.token });
|
||||
});
|
||||
|
||||
it('should do the authentication and connect without "forceNew"', (done) => {
|
||||
io.connect('http://localhost:9000/admin', { forceNew: false })
|
||||
.on('hi admin', () => done())
|
||||
.emit('authenticate', { token: this.token });
|
||||
});
|
||||
});
|
||||
|
||||
describe('when the user is logged in via handshake', () => {
|
||||
|
||||
beforeEach((done) => {
|
||||
request.post({
|
||||
url: 'http://localhost:9000/login',
|
||||
form: { username: 'jose', password: 'Pa123' },
|
||||
json: true
|
||||
}, (err, resp, body) => {
|
||||
this.token = body.token;
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('should do the handshake and connect', (done) => {
|
||||
io.connect('http://localhost:9000/admin_hs', { forceNew: true, query: 'token=' + this.token })
|
||||
.once('hi admin', () => done());
|
||||
});
|
||||
|
||||
it('should do the handshake and connect without "forceNew"', (done) => {
|
||||
io.connect('http://localhost:9000/admin_hs', { forceNew: false, query: 'token=' + this.token })
|
||||
.once('hi admin', () => done());
|
||||
});
|
||||
});
|
||||
|
||||
});
|
@ -41,7 +41,7 @@ describe('authorizer without querystring', () => {
|
||||
});
|
||||
});
|
||||
|
||||
it('should do the handshake and connect', (done) => {
|
||||
it('should do the authentication and connect', (done) => {
|
||||
const socket = io.connect('http://localhost:9000', { forceNew: true });
|
||||
|
||||
socket
|
||||
|
@ -47,7 +47,7 @@ describe('authorizer with secret function', () => {
|
||||
});
|
||||
});
|
||||
|
||||
it('should do the handshake and connect', (done) => {
|
||||
it('should do the authentication and connect', (done) => {
|
||||
const socket = io.connect('http://localhost:9000', { forceNew: true });
|
||||
|
||||
socket
|
||||
|
@ -7,6 +7,7 @@ const socketIo = require('socket.io');
|
||||
const socketio_jwt = require('../../lib');
|
||||
|
||||
const jwt = require('jsonwebtoken');
|
||||
const xtend = require('xtend');
|
||||
const enableDestroy = require('server-destroy');
|
||||
const bodyParser = require('body-parser');
|
||||
|
||||
@ -44,11 +45,12 @@ exports.start = (callback) => {
|
||||
});
|
||||
|
||||
|
||||
|
||||
// Global namespace (public)
|
||||
sio.on('connection', (socket) => {
|
||||
socket.emit('hi');
|
||||
});
|
||||
|
||||
// Second roundtrip
|
||||
const admin_nsp = sio.of('/admin');
|
||||
|
||||
admin_nsp.on('connection', socketio_jwt.authorize(options))
|
||||
@ -56,6 +58,14 @@ exports.start = (callback) => {
|
||||
socket.emit('hi admin');
|
||||
});
|
||||
|
||||
// One roundtrip
|
||||
const admin_nsp_hs = sio.of('/admin_hs');
|
||||
|
||||
admin_nsp_hs.use(socketio_jwt.authorize(xtend(options, { handshake: true })));
|
||||
admin_nsp_hs.on('connection', (socket) => {
|
||||
socket.emit('hi admin');
|
||||
});
|
||||
|
||||
|
||||
server.listen(9000, callback);
|
||||
enableDestroy(server);
|
||||
|
Reference in New Issue
Block a user