2
1
mirror of https://github.com/Thream/socketio-jwt.git synced 2024-07-21 09:38:31 +02:00
Commit Graph

20 Commits

Author SHA1 Message Date
Screeny
95fb0fba7c emit error on store-error
this could've saved me some work.
next time i'll better check if redis is online.
2013-12-03 15:20:14 +01:00
José F. Romaniello
bd0980e3ab Merge pull request #36 from TeamSynergy/cors_workaround
Cors workaround
2013-11-21 03:21:46 -08:00
Screeny
f31dc4a93e step 1 2013-11-19 10:45:09 +01:00
Amir
599a614b4c fixed a security issue 2013-11-18 18:06:52 +03:30
Screeny
3c9f23e31e a little simpler 2013-11-15 10:47:51 +01:00
Screeny
fd4214eac9 close socket.io by default 2013-11-15 10:41:53 +01:00
Screeny
2a3cfdb8ff thanks to @chill117
we can't check undefined for undefined
2013-11-14 21:48:01 +01:00
Screeny
928cd508ff major changes
passport.socketio now lets the user decide whether to accept a
connection or not. to do so, you have tu provide your own 'fail'-method.
this will be called unless the user is successfuly authenticated (still
uses the 'success'-method). The method will be called with four
parameters:
- data: <Object> Handshake Data
- message <String> Error-Message
- critical <Bool> True if the User is and will be unable to use
socket.io because of errors in the authorization-system or somewhere
else. False if the user would still be able to use the system (indicates
that he's just not logged-in)
- accept: <function> plain old accept function.
If there's no fail-method given, passport.socketio allows every
not-critical-failed connection.
Also there is now a 'logged_in' <Bool>-Property inside your User-Key.
2013-11-06 18:19:00 +01:00
José F. Romaniello
4b999812f1 fix missing { 2013-06-30 16:44:46 -03:00
Richard Assar
efef45309f Allow 0 value for serialized user (id) 2013-06-30 20:06:21 +01:00
José F. Romaniello
04ea36fdd3 remove connect and cookie dependency 2013-06-05 08:38:33 -03:00
Michael Robinson
012bdbeb8c Update lib/index.js
Change default cookie key.
2013-02-15 23:49:56 +13:00
Jose F. Romaniello
66dd460070 fix #6 use same parameters than express.session 2013-02-05 19:15:04 -03:00
Jose F. Romaniello
a1e46b1fbd fix bug calling both success and accept 2013-01-07 11:30:15 -03:00
Jose F. Romaniello
79878b036c refactorize to use xtend 2013-01-07 10:40:52 -03:00
Jose F. Romaniello
3dc3096b15 add basic integration tests 2012-11-16 12:43:12 -03:00
Kevin Caffrey
d8c7c0ed7d Don't pass error message on failed accepts due to not being logged in, or the client gets 500s when they should get 403s 2012-11-16 03:58:33 -05:00
Bradley Olson
f62a93c9d2 added option of success or fail callbacks. Needed to still allow users access to sockets even if they weren't logged in, but needed specific data if they were. 2012-10-26 11:13:28 -05:00
elisee
a9ea73390d Use sessionKey over hard-coded "express.sid"
The sessionKey argument was ignored and "express.sid" was always used
instead.
2012-09-09 20:31:05 +03:00
Jose F. Romaniello
678d4ccd6c initial 2012-09-05 15:14:36 -03:00