From 92663f95b714efce0942d4b2e1a907496ff03a19 Mon Sep 17 00:00:00 2001 From: dbrugne Date: Wed, 6 May 2015 17:52:49 +0200 Subject: [PATCH 1/4] .gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index dbf0821..a504cda 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ +.idea node_modules/* \ No newline at end of file From b053356c5eb7f143bdc255ebaca841ed8b3ebb4f Mon Sep 17 00:00:00 2001 From: dbrugne Date: Wed, 6 May 2015 17:56:12 +0200 Subject: [PATCH 2/4] Send 'error' event with error details in case of not received or invalid token. --- lib/index.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/index.js b/lib/index.js index bcba250..24bb212 100644 --- a/lib/index.js +++ b/lib/index.js @@ -15,6 +15,7 @@ function noQsMethod(options) { } var auth_timeout = setTimeout(function () { + socket.emit('error', new UnauthorizedError('request_expiration', 'Token wasn\'t received on time')); socket.disconnect('unauthorized'); }, options.timeout || 5000); @@ -22,6 +23,7 @@ function noQsMethod(options) { clearTimeout(auth_timeout); jwt.verify(data.token, options.secret, options, function(err, decoded) { if (err) { + socket.emit('error', new UnauthorizedError('invalid_token', err)); return socket.disconnect('unauthorized'); } From 346b4d7aa1eb01e9f247a882ef7c049927373492 Mon Sep 17 00:00:00 2001 From: dbrugne Date: Wed, 6 May 2015 19:11:16 +0200 Subject: [PATCH 3/4] Make .disconnect() call asynchronous to allow client to receive error message. --- lib/index.js | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/index.js b/lib/index.js index 24bb212..d3198b7 100644 --- a/lib/index.js +++ b/lib/index.js @@ -15,7 +15,6 @@ function noQsMethod(options) { } var auth_timeout = setTimeout(function () { - socket.emit('error', new UnauthorizedError('request_expiration', 'Token wasn\'t received on time')); socket.disconnect('unauthorized'); }, options.timeout || 5000); @@ -23,8 +22,10 @@ function noQsMethod(options) { clearTimeout(auth_timeout); jwt.verify(data.token, options.secret, options, function(err, decoded) { if (err) { - socket.emit('error', new UnauthorizedError('invalid_token', err)); - return socket.disconnect('unauthorized'); + socket.emit('unauthorized', err, function() { + socket.disconnect('unauthorized'); + }); + return; // stop logic, socket will be close on next tick } socket.decoded_token = decoded; From f5a84eb9bbe08443d97211943e18ca9662abda74 Mon Sep 17 00:00:00 2001 From: dbrugne Date: Thu, 7 May 2015 11:49:00 +0200 Subject: [PATCH 4/4] Add an "additionnal" option (Function(decoded, onSuccess, onError)). When the token is parser and validated the callback is triggered and allow addition of extra logic (e.g. validate the user status against database). Improve returned errors. --- lib/index.js | 38 +++++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/lib/index.js b/lib/index.js index d3198b7..8fa505d 100644 --- a/lib/index.js +++ b/lib/index.js @@ -21,19 +21,39 @@ function noQsMethod(options) { socket.on('authenticate', function (data) { clearTimeout(auth_timeout); jwt.verify(data.token, options.secret, options, function(err, decoded) { + // error handler + var onError = function(err, code) { + if (err) { + code = code || 'unknown'; + var error = new UnauthorizedError(code, { + message: (Object.prototype.toString.call(err) === '[object Object]' && err.message) ? err.message : err + }); + socket.emit('unauthorized', error, function() { + socket.disconnect('unauthorized'); + }); + return; // stop logic, socket will be close on next tick + } + }; + if (err) { - socket.emit('unauthorized', err, function() { - socket.disconnect('unauthorized'); - }); - return; // stop logic, socket will be close on next tick + return onError(err, 'invalid_token'); } - socket.decoded_token = decoded; - socket.emit('authenticated'); - if (server.$emit) { - server.$emit('authenticated', socket); + // success handler + var onSuccess = function(){ + socket.decoded_token = decoded; + socket.emit('authenticated'); + if (server.$emit) { + server.$emit('authenticated', socket); + } else { + server.server.sockets.emit('authenticated', socket); + } + }; + + if(options.additional && typeof options.additional === 'function') { + options.additional(decoded, onSuccess, onError); } else { - server.server.sockets.emit('authenticated', socket); + onSuccess(); } }); });