Add ability to generate secret dynamically

This allow you to pass a function instead of an string in order to generate secret based on the new connection features.
2015-11-18 17:36:24 -03:00
parent d06501e315
commit e094d231b2
5 changed files with 321 additions and 9 deletions
--- a/README.md
+++ b/README.md
@@ -101,6 +101,31 @@ socket.on("error", function(error) {
    console.log("User's token has expired");
  }
 });
+```
+## Getting the secret dynamically
+You can pass a function instead of an string when configuring secret.
+This function receives the request, the decoded token and a callback. This
+way, you are allowed to use a different secret based on the request and / or
+the provided token.
+
+__Server side__:
+
+```javascript
+var SECRETS = {
+  'user1': 'secret 1',
+  'user2': 'secret 2'
+}
+
+io.use(socketioJwt.authorize({
+  secret: function(request, decodedToken, callback) {
+    // SECRETS[decodedToken.userId] will be used a a secret or
+    // public key for connection user.
+
+    callback(null, SECRETS[decodedToken.userId]);
+  },
+  handshake: false
+}));
+
 ```

 ## Contribute