From 92663f95b714efce0942d4b2e1a907496ff03a19 Mon Sep 17 00:00:00 2001
From: dbrugne <damien.brugne@gmail.com>
Date: Wed, 6 May 2015 17:52:49 +0200
Subject: [PATCH 1/4] .gitignore

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index dbf0821..a504cda 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
+.idea
 node_modules/*
\ No newline at end of file

From b053356c5eb7f143bdc255ebaca841ed8b3ebb4f Mon Sep 17 00:00:00 2001
From: dbrugne <damien.brugne@gmail.com>
Date: Wed, 6 May 2015 17:56:12 +0200
Subject: [PATCH 2/4] Send 'error' event with error details in case of not
 received or invalid token.

---
 lib/index.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/index.js b/lib/index.js
index bcba250..24bb212 100644
--- a/lib/index.js
+++ b/lib/index.js
@@ -15,6 +15,7 @@ function noQsMethod(options) {
     }
 
     var auth_timeout = setTimeout(function () {
+      socket.emit('error', new UnauthorizedError('request_expiration', 'Token wasn\'t received on time'));
       socket.disconnect('unauthorized');
     }, options.timeout || 5000);
 
@@ -22,6 +23,7 @@ function noQsMethod(options) {
       clearTimeout(auth_timeout);
       jwt.verify(data.token, options.secret, options, function(err, decoded) {
         if (err) {
+          socket.emit('error', new UnauthorizedError('invalid_token', err));
           return socket.disconnect('unauthorized');
         }
 

From 346b4d7aa1eb01e9f247a882ef7c049927373492 Mon Sep 17 00:00:00 2001
From: dbrugne <damien.brugne@gmail.com>
Date: Wed, 6 May 2015 19:11:16 +0200
Subject: [PATCH 3/4] Make .disconnect() call asynchronous to allow client to
 receive error message.

---
 lib/index.js | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/lib/index.js b/lib/index.js
index 24bb212..d3198b7 100644
--- a/lib/index.js
+++ b/lib/index.js
@@ -15,7 +15,6 @@ function noQsMethod(options) {
     }
 
     var auth_timeout = setTimeout(function () {
-      socket.emit('error', new UnauthorizedError('request_expiration', 'Token wasn\'t received on time'));
       socket.disconnect('unauthorized');
     }, options.timeout || 5000);
 
@@ -23,8 +22,10 @@ function noQsMethod(options) {
       clearTimeout(auth_timeout);
       jwt.verify(data.token, options.secret, options, function(err, decoded) {
         if (err) {
-          socket.emit('error', new UnauthorizedError('invalid_token', err));
-          return socket.disconnect('unauthorized');
+          socket.emit('unauthorized', err, function() {
+            socket.disconnect('unauthorized');
+          });
+          return; // stop logic, socket will be close on next tick
         }
 
         socket.decoded_token = decoded;

From f5a84eb9bbe08443d97211943e18ca9662abda74 Mon Sep 17 00:00:00 2001
From: dbrugne <damien.brugne@gmail.com>
Date: Thu, 7 May 2015 11:49:00 +0200
Subject: [PATCH 4/4] Add an "additionnal" option (Function(decoded, onSuccess,
 onError)). When the token is parser and validated the callback is triggered
 and allow addition of extra logic (e.g. validate the user status against
 database).

Improve returned errors.
---
 lib/index.js | 38 +++++++++++++++++++++++++++++---------
 1 file changed, 29 insertions(+), 9 deletions(-)

diff --git a/lib/index.js b/lib/index.js
index d3198b7..8fa505d 100644
--- a/lib/index.js
+++ b/lib/index.js
@@ -21,19 +21,39 @@ function noQsMethod(options) {
     socket.on('authenticate', function (data) {
       clearTimeout(auth_timeout);
       jwt.verify(data.token, options.secret, options, function(err, decoded) {
+        // error handler
+        var onError = function(err, code) {
+          if (err) {
+            code = code || 'unknown';
+            var error = new UnauthorizedError(code, {
+              message: (Object.prototype.toString.call(err) === '[object Object]' && err.message) ? err.message : err
+            });
+            socket.emit('unauthorized', error, function() {
+              socket.disconnect('unauthorized');
+            });
+            return; // stop logic, socket will be close on next tick
+          }
+        };
+
         if (err) {
-          socket.emit('unauthorized', err, function() {
-            socket.disconnect('unauthorized');
-          });
-          return; // stop logic, socket will be close on next tick
+          return onError(err, 'invalid_token');
         }
 
-        socket.decoded_token = decoded;
-        socket.emit('authenticated');
-        if (server.$emit) {
-          server.$emit('authenticated', socket);
+        // success handler
+        var onSuccess = function(){
+          socket.decoded_token = decoded;
+          socket.emit('authenticated');
+          if (server.$emit) {
+            server.$emit('authenticated', socket);
+          } else {
+            server.server.sockets.emit('authenticated', socket);
+          }
+        };
+
+        if(options.additional && typeof options.additional === 'function') {
+          options.additional(decoded, onSuccess, onError);
         } else {
-          server.server.sockets.emit('authenticated', socket);
+          onSuccess();
         }
       });
     });