Thream/socketio-jwt
Archived
2
1
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: Thream:develop
Branches Tags
Thream:develop
Thream:master
Thream:v3.1.3
Thream:v3.1.2
Thream:v3.1.1
Thream:v3.1.0
Thream:v3.0.4
Thream:v3.0.3
Thream:v3.0.2
Thream:v3.0.1
Thream:v3.0.0
Thream:v2.2.1
Thream:v2.2.0
Thream:v2.1.1
Thream:v2.1.0
Thream:v2.0.0
Thream:v1.1.1
Thream:v1.1.0
Thream:v1.0.1
Thream:v1.0.0
..
compare: Thream:v1.0.0
Branches Tags
Thream:develop
Thream:master
Thream:v3.1.3
Thream:v3.1.2
Thream:v3.1.1
Thream:v3.1.0
Thream:v3.0.4
Thream:v3.0.3
Thream:v3.0.2
Thream:v3.0.1
Thream:v3.0.0
Thream:v2.2.1
Thream:v2.2.0
Thream:v2.1.1
Thream:v2.1.0
Thream:v2.0.0
Thream:v1.1.1
Thream:v1.1.0
Thream:v1.0.1
Thream:v1.0.0

No commits in common. "develop" and "v1.0.0" have entirely different histories.
develop ... v1.0.0

45 changed files with 536 additions and 15264 deletions
Show Stats Expand all files Collapse all files

1
.commitlintrc.json
View File

@ -1 +0,0 @@
{ "extends": ["@commitlint/config-conventional"] }

16
.eslintrc.json
View File

@ -1,16 +0,0 @@
{
"extends": ["conventions", "prettier"],
"plugins": ["prettier", "import", "unicorn"],
"parser": "@typescript-eslint/parser",
"parserOptions": {
"project": "./tsconfig.json"
},
"env": {
"node": true
},
"rules": {
"prettier/prettier": "error",
"import/extensions": ["error", "always"],
"unicorn/prefer-node-protocol": "error"
}
}

1
.gitattributes vendored
View File

@ -1 +0,0 @@
* text=auto eol=lf

2
CODE_OF_CONDUCT.md → .github/CODE_OF_CONDUCT.md vendored
View File

@ -60,7 +60,7 @@ representative at an online or offline event.
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported to the community leaders responsible for enforcement at
<contact@theoludwig.fr>.
contact@divlo.fr.
All complaints will be reviewed and investigated promptly and fairly.
All community leaders are obligated to respect the privacy and security of the

54
.github/CONTRIBUTING.md vendored Normal file
View File

@ -0,0 +1,54 @@
# 💡 Contributing
Thanks a lot for your interest in contributing to **Thream/socketio-jwt**! 🎉
## Code of Conduct
**Thream** has adopted the [Contributor Covenant](https://www.contributor-covenant.org/) as its Code of Conduct, and we expect project participants to adhere to it. Please read [the full text](./CODE_OF_CONDUCT.md) so that you can understand what actions will and will not be tolerated.
## Open Development
All work on **Thream** happens directly on [GitHub](https://github.com/Thream). Both core team members and external contributors send pull requests which go through the same review process.
## Types of contributions
- Reporting a bug.
- Suggest a new feature idea.
- Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...).
- Improve structure/format/performance/refactor/tests of the code.
## Pull Requests
- **Please first discuss** the change you wish to make via [issue](https://github.com/Thream/socketio-jwt/issues) before making a change. It might avoid a waste of your time.
- Ensure your code respect [Typescript Standard Style](https://www.npmjs.com/package/ts-standard).
- Make sure your **code passes the tests**.
If you're adding new features to **Thream/socketio-jwt**, please include tests.
## Commits
The commit message guidelines respect [@commitlint/config-conventional](https://github.com/conventional-changelog/commitlint/tree/master/%40commitlint/config-conventional) and [Semantic Versioning](https://semver.org/) for releases.
### Types
Types define which kind of changes you made to the project.
| Types | Description |
| -------- | ------------------------------------------------------------------------------------------------------------ |
| feat | A new feature. |
| fix | A bug fix. |
| docs | Documentation only changes. |
| style | Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc). |
| refactor | A code change that neither fixes a bug nor adds a feature. |
| perf | A code change that improves performance. |
| test | Adding missing tests or correcting existing tests. |
| build | Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm). |
| ci | Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs). |
| chore | Other changes that don't modify src or test files. |
| revert | Reverts a previous commit. |
### Scopes
Scopes define what part of the code changed.

7
.github/ISSUE_TEMPLATE/BUG.md vendored
View File

@ -1,8 +1,7 @@
---
name: "🐛 Bug Report"
about: "Report an unexpected problem or unintended behavior."
title: "[Bug]"
labels: "bug"
name: '🐛 Bug Report'
about: 'Report an unexpected problem or unintended behavior.'
labels: 'bug'
---
<!--

24
.github/ISSUE_TEMPLATE/DOCUMENTATION.md vendored
View File

@ -1,18 +1,20 @@
---
name: "📜 Documentation"
about: "Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...)."
title: "[Documentation]"
labels: "documentation"
name: '📜 Documentation'
about: 'Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...).'
labels: 'documentation'
---
<!-- Please make sure your issue has not already been fixed. -->
<!--
Please make sure your issue has not already been fixed.
## Documentation
Please place an x (no spaces - [x]) in all [ ] that apply.
-->
<!-- Please uncomment the type of documentation problem this issue address -->
### Documentation :
<!-- Documentation is Missing -->
<!-- Documentation is Confusing -->
<!-- Documentation has Typo errors -->
- [ ] Is Missing
- [ ] Is Confusing
- [ ] Has Typo errors
- [ ] Not Sure?
## Proposal
### Proposal

13
.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md vendored
View File

@ -1,20 +1,19 @@
---
name: "✨ Feature Request"
about: "Suggest a new feature idea."
title: "[Feature]"
labels: "feature request"
name: '✨ Feature Request'
about: 'Suggest a new feature idea.'
labels: 'feature request'
---
<!-- Please make sure your issue has not already been fixed. -->
## Description
### Description
<!-- A clear and concise description of the problem or missing capability... -->
## Describe the solution you'd like
### Describe the solution you'd like
<!-- If you have a solution in mind, please describe it. -->
## Describe alternatives you've considered
### Describe alternatives you've considered
<!-- Have you considered any alternative solutions or workarounds? -->

27
.github/ISSUE_TEMPLATE/IMPROVEMENT.md vendored
View File

@ -1,20 +1,21 @@
---
name: "🔧 Improvement"
about: "Improve structure/format/performance/refactor/tests of the code."
title: "[Improvement]"
labels: "improvement"
name: '🔧 Improvement'
about: 'Improve structure/format/performance/refactor/tests of the code.'
labels: 'improvement'
---
<!-- Please make sure your issue has not already been fixed. -->
<!--
Please make sure your issue has not already been fixed.
## Type of Improvement
Please place an x (no spaces - [x]) in all [ ] that apply.
-->
<!-- Please uncomment the type of improvements this issue address -->
### Type of Improvement :
<!-- Files and Folders Structure -->
<!-- Performance -->
<!-- Refactoring code -->
<!-- Tests -->
<!-- Not Sure? -->
- [ ] Files and Folders Structure
- [ ] Performance
- [ ] Refactoring code
- [ ] Tests
- [ ] Not Sure?
## Proposal
### Proposal

7
.github/ISSUE_TEMPLATE/QUESTION.md vendored
View File

@ -1,8 +1,7 @@
---
name: "🙋 Question"
about: "Further information is requested."
title: "[Question]"
labels: "question"
name: '🙋 Question'
about: 'Further information is requested.'
labels: 'question'
---
### Question

28
.github/PULL_REQUEST_TEMPLATE.md vendored
View File

@ -1,7 +1,27 @@
<!-- Please first discuss the change you wish to make via issue before making a change. It might avoid a waste of your time. -->
<!--
# What changes this PR introduce?
Please first discuss the change you wish to make via issue before making a change. It might avoid a waste of your time.
## List any relevant issue numbers
Before submitting your contribution, please take a moment to review this document:
https://github.com/Thream/socketio-jwt/blob/master/.github/CONTRIBUTING.md
## Is there anything you'd like reviewers to focus on?
Please place an x (no spaces - [x]) in all [ ] that apply.
-->
### What type of change does this PR introduce?
- [ ] Bugfix
- [ ] Feature
- [ ] Refactor
- [ ] Documentation
- [ ] Not Sure?
### Does this PR introduce breaking changes?
- [ ] Yes
- [ ] No
### List any relevant issue numbers:
### Description:

13
.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,13 @@
# For more information see: https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates
version: 2
updates:
- package-ecosystem: 'github-actions'
directory: '/'
schedule:
interval: 'daily'
- package-ecosystem: 'npm'
directory: '/'
schedule:
interval: 'daily'

27
.github/workflows/build.yml vendored
View File

@ -1,27 +0,0 @@
name: "Build"
on:
push:
branches: [develop]
pull_request:
branches: [master, develop]
jobs:
build:
runs-on: "ubuntu-latest"
steps:
- uses: "actions/checkout@v4.0.0"
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
with:
node-version: "20.x"
cache: "npm"
- name: "Install dependencies"
run: "npm clean-install"
- name: "Build"
run: "npm run build"
- run: "npm run build:typescript"

41
.github/workflows/codeql-analysis.yml vendored Normal file
View File

@ -0,0 +1,41 @@
# For more information see: https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code
name: 'CodeQL'
on:
push:
branches: [master, develop]
pull_request_review:
branches: [master, develop]
types: [submitted]
jobs:
analyze:
if: ${{ (github.event_name == 'push') || (github.event_name == 'pull_request_review' && github.event.review.state == 'approved' && (github.event.review.author_association == 'COLLABORATOR' || github.event.review.author_association == 'MEMBER' || github.event.review.author_association == 'OWNER') && !github.event.pull_request.draft && github.event.pull_request.state == 'open') }}
name: 'Analyze'
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
language: ['javascript']
steps:
- name: 'Checkout repository'
uses: actions/checkout@v2
with:
fetch-depth: 2
- run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }}
- name: 'Initialize CodeQL'
uses: github/codeql-action/init@v1
with:
languages: ${{ matrix.language }}
- name: 'Autobuild'
uses: github/codeql-action/autobuild@v1
- name: 'Perform CodeQL Analysis'
uses: github/codeql-action/analyze@v1

20
.github/workflows/commitlint.yml vendored Normal file
View File

@ -0,0 +1,20 @@
# For more information see: https://github.com/marketplace/actions/commit-linter
name: 'Lint Commit Messages'
on:
push:
branches: [master, develop]
pull_request_review:
branches: [master, develop]
types: [submitted]
jobs:
commitlint:
if: ${{ (github.event_name == 'push') || (github.event_name == 'pull_request_review' && github.event.review.state == 'approved' && (github.event.review.author_association == 'COLLABORATOR' || github.event.review.author_association == 'MEMBER' || github.event.review.author_association == 'OWNER') && !github.event.pull_request.draft && github.event.pull_request.state == 'open') }}
runs-on: ubuntu-latest
steps:
- uses: 'actions/checkout@v2'
with:
fetch-depth: 0
- uses: 'wagoid/commitlint-github-action@v2'

28
.github/workflows/lint.yml vendored
View File

@ -1,28 +0,0 @@
name: "Lint"
on:
push:
branches: [develop]
pull_request:
branches: [master, develop]
jobs:
lint:
runs-on: "ubuntu-latest"
steps:
- uses: "actions/checkout@v4.0.0"
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
with:
node-version: "20.x"
cache: "npm"
- name: "Install dependencies"
run: "npm clean-install"
- run: 'npm run lint:commit -- --to "${{ github.sha }}"'
- run: "npm run lint:editorconfig"
- run: "npm run lint:markdown"
- run: "npm run lint:eslint"
- run: "npm run lint:prettier"

47
.github/workflows/nodejs.yml vendored Normal file
View File

@ -0,0 +1,47 @@
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
name: 'Node.js CI'
on:
push:
branches: [master, develop]
pull_request_review:
branches: [master, develop]
types: [submitted]
jobs:
ci_app:
if: ${{ (github.event_name == 'push') || (github.event_name == 'pull_request_review' && github.event.review.state == 'approved' && (github.event.review.author_association == 'COLLABORATOR' || github.event.review.author_association == 'MEMBER' || github.event.review.author_association == 'OWNER') && !github.event.pull_request.draft && github.event.pull_request.state == 'open') }}
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [14.x]
steps:
- uses: 'actions/checkout@v2'
- name: Use Node.js ${{ matrix.node-version }}
uses: 'actions/setup-node@v2.1.4'
with:
node-version: ${{ matrix.node-version }}
- name: 'Cache dependencies'
uses: 'actions/cache@v2'
with:
path: |
**/node_modules
key: ${{ runner.os }}-${{ hashFiles('**/package.json') }}
- name: 'Install dependencies'
run: 'npm install'
- name: 'Lint'
run: 'npm run lint'
- name: 'Build'
run: 'npm run build'
- name: 'Run the tests and generate coverage report'
run: 'npm test'
- name: 'Upload coverage to Codecov'
uses: 'codecov/codecov-action@v1'

30
.github/workflows/npm-publish.yml vendored Normal file
View File

@ -0,0 +1,30 @@
# For more information see: https://help.github.com/actions/language-and-framework-guides/publishing-nodejs-packages
name: 'Node.js Package'
on:
release:
types: [created]
jobs:
publish-npm:
runs-on: 'ubuntu-latest'
steps:
- uses: 'actions/checkout@v2'
- name: 'Cache dependencies'
uses: 'actions/cache@v2'
with:
path: '**/node_modules'
key: ${{ runner.os }}-${{ hashFiles('**/package.json') }}
- uses: 'actions/setup-node@v2.1.2'
with:
node-version: 14
registry-url: 'https://registry.npmjs.org/'
- run: 'npm install'
- run: 'npm run build'
- run: 'npm publish --access public'
env:
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}

39
.github/workflows/release.yml vendored
View File

@ -1,39 +0,0 @@
name: "Release"
on:
push:
branches: [master]
jobs:
release:
runs-on: "ubuntu-latest"
permissions:
contents: "write"
issues: "write"
pull-requests: "write"
id-token: "write"
steps:
- uses: "actions/checkout@v4.0.0"
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
with:
node-version: "20.x"
cache: "npm"
- name: "Install dependencies"
run: "npm clean-install"
- name: "Build Package"
run: "npm run build"
- run: "npm run build:typescript"
- name: "Verify the integrity of provenance attestations and registry signatures for installed dependencies"
run: "npm audit signatures"
- name: "Release"
run: "npm run release"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

28
.github/workflows/test.yml vendored
View File

@ -1,28 +0,0 @@
name: "Test"
on:
push:
branches: [develop]
pull_request:
branches: [master, develop]
jobs:
test:
runs-on: "ubuntu-latest"
steps:
- uses: "actions/checkout@v4.0.0"
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
with:
node-version: "20.x"
cache: "npm"
- name: "Install dependencies"
run: "npm clean-install"
- name: "Build"
run: "npm run build"
- name: "Test"
run: "npm run test"

34
.gitignore vendored
View File

@ -2,34 +2,34 @@
# dependencies
node_modules
.npm
.pnp
.pnp.js
.yarn
# production
build
.swc
# testing
coverage
.nyc_output
# envs
.env
.env.production
# debug
npm-debug.log*
yarn-debug.log*
yarn-error.log*
# IDEs and editors
/.idea
.project
.classpath
.c9/
*.launch
.settings/
*.sublime-workspace
# lockfiles
package-lock.json
yarn.lock
pnpm-lock.yaml
# IDE - VSCode
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
# editors
.vscode
.theia
.idea
# misc
.DS_Store

4
.husky/commit-msg
View File

@ -1,4 +0,0 @@
#!/bin/sh
. "$(dirname "$0")/_/husky.sh"
npm run lint:commit -- --edit

6
.husky/pre-commit
View File

@ -1,6 +0,0 @@
#!/bin/sh
. "$(dirname "$0")/_/husky.sh"
npm run lint:staged
npm run build
npm run build:typescript

6
.lintstagedrc.json
View File

@ -1,6 +0,0 @@
{
"*": ["editorconfig-checker"],
"*.{js,jsx,ts,tsx}": ["prettier --write", "eslint --fix"],
"*.{json,jsonc,yml,yaml}": ["prettier --write"],
"*.{md,mdx}": ["prettier --write", "markdownlint-cli2 --fix"]
}

11
.markdownlint-cli2.jsonc
View File

@ -1,11 +0,0 @@
{
"config": {
"extends": "markdownlint/style/prettier",
"relative-links": true,
"default": true,
"MD033": false
},
"globs": ["**/*.{md,mdx}"],
"ignores": ["**/node_modules"],
"customRules": ["markdownlint-rule-relative-links"]
}

2
.npmrc
View File

@ -1,2 +1,2 @@
package-lock=false
save-exact=true
provenance=true

3
.prettierrc.json
View File

@ -1,3 +0,0 @@
{
"semi": false
}

19
.releaserc.json
View File

@ -1,19 +0,0 @@
{
"branches": ["master"],
"plugins": [
[
"@semantic-release/commit-analyzer",
{
"preset": "conventionalcommits"
}
],
[
"@semantic-release/release-notes-generator",
{
"preset": "conventionalcommits"
}
],
"@semantic-release/npm",
"@semantic-release/github"
]
}

13
.swcrc
View File

@ -1,13 +0,0 @@
{
"sourceMaps": true,
"jsc": {
"parser": {
"syntax": "typescript",
"dynamicImport": true
},
"target": "esnext"
},
"module": {
"type": "es6"
}
}

8
.vscode/extensions.json vendored
View File

@ -1,8 +0,0 @@
{
"recommendations": [
"editorconfig.editorconfig",
"esbenp.prettier-vscode",
"dbaeumer.vscode-eslint",
"davidanson.vscode-markdownlint"
]
}

11
.vscode/settings.json vendored
View File

@ -1,11 +0,0 @@
{
"typescript.tsdk": "node_modules/typescript/lib",
"typescript.preferences.importModuleSpecifierEnding": "js",
"editor.defaultFormatter": "esbenp.prettier-vscode",
"prettier.configPath": ".prettierrc.json",
"editor.formatOnSave": true,
"editor.codeActionsOnSave": {
"source.fixAll": true
},
"eslint.options": { "ignorePath": ".gitignore" }
}

2
.yarnrc Normal file
View File

@ -0,0 +1,2 @@
install.no-lockfile true
save-exact true

3
CHANGELOG.md Normal file
View File

@ -0,0 +1,3 @@
# [1.0.0](https://github.com/Thream/socketio-jwt/compare/v4.6.2...v1.0.0) (2020-12-29)
Initial release.

32
CONTRIBUTING.md
View File

@ -1,32 +0,0 @@
# 💡 Contributing
Thanks a lot for your interest in contributing to **Thream/socketio-jwt**! 🎉
## Code of Conduct
**Thream** has adopted the [Contributor Covenant](https://www.contributor-covenant.org/) as its Code of Conduct, and we expect project participants to adhere to it. Please read [the full text](./CODE_OF_CONDUCT.md) so that you can understand what actions will and will not be tolerated.
## Open Development
All work on **Thream** happens directly on [GitHub](https://github.com/Thream). Both core team members and external contributors send pull requests which go through the same review process.
## Types of contributions
- Reporting a bug.
- Suggest a new feature idea.
- Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...).
- Improve structure/format/performance/refactor/tests of the code.
## Pull Requests
- **Please first discuss** the change you wish to make via [issue](https://github.com/Thream/socketio-jwt/issues) before making a change. It might avoid a waste of your time.
- Ensure your code respect linting.
- Make sure your **code passes the tests**.
If you're adding new features to **Thream/socketio-jwt**, please include tests.
## Commits
The commit message guidelines adheres to [Conventional Commits](https://www.conventionalcommits.org/) and [Semantic Versioning](https://semver.org/) for releases.

2
LICENSE
View File

@ -1,6 +1,6 @@
MIT License
Copyright (c) Auth0, Inc. <support@auth0.com> (<https://auth0.com/>) and Thream contributors
Copyright (c) Auth0, Inc. <support@auth0.com> (http://auth0.com) and Thream contributors
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal

128
README.md
View File

@ -5,38 +5,25 @@
</p>
<p align="center">
<strong>⚠️ This project is not maintained anymore, you can still use the code as you wish and fork it to maintain it yourself.</strong>
</p>
<p align="center">
<a href="./CONTRIBUTING.md"><img src="https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat" /></a>
<a href="https://github.com/Thream/socketio-jwt/actions?query=workflow%3A%22Node.js+CI%22"><img src="https://github.com/Thream/socketio-jwt/workflows/Node.js%20CI/badge.svg" alt="Node.js CI" /></a>
<a href="https://codecov.io/gh/Thream/socketio-jwt"><img src="https://codecov.io/gh/Thream/socketio-jwt/branch/develop/graph/badge.svg" alt="codecov" /></a>
<a href="https://dependabot.com/"><img src="https://badgen.net/github/dependabot/Thream/socketio-jwt?icon=dependabot" alt="Dependabot badge" /></a>
<a href="https://www.npmjs.com/package/ts-standard"><img alt="TypeScript Standard Style" src="https://camo.githubusercontent.com/f87caadb70f384c0361ec72ccf07714ef69a5c0a/68747470733a2f2f62616467656e2e6e65742f62616467652f636f64652532307374796c652f74732d7374616e646172642f626c75653f69636f6e3d74797065736372697074"/></a>
<a href="./LICENSE"><img src="https://img.shields.io/badge/licence-MIT-blue.svg" alt="Licence MIT"/></a>
<a href="./CODE_OF_CONDUCT.md"><img src="https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg" alt="Contributor Covenant" /></a>
<br/>
<a href="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml/badge.svg?branch=develop" /></a>
<a href="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml/badge.svg?branch=develop" /></a>
<a href="https://github.com/Thream/socketio-jwt/actions/workflows/test.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/test.yml/badge.svg?branch=develop" /></a>
<br />
<a href="https://conventionalcommits.org"><img src="https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg" alt="Conventional Commits" /></a>
<a href="https://github.com/semantic-release/semantic-release"><img src="https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg" alt="semantic-release" /></a>
<a href="https://www.npmjs.com/package/@thream/socketio-jwt"><img src="https://img.shields.io/npm/v/@thream/socketio-jwt.svg" alt="npm version"></a>
<a href="./.github/CODE_OF_CONDUCT.md"><img src="https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg" alt="Contributor Covenant" /></a>
</p>
## 📜 About
Authenticate socket.io incoming connections with JWTs.
This repository was originally forked from [auth0-socketio-jwt](https://github.com/auth0-community/auth0-socketio-jwt) and it is not intended to take any credit but to improve the code from now on.
Compatible with `socket.io >= 3.0`.
## Prerequisites
- [Node.js](https://nodejs.org/) >= 16.0.0
- [Socket.IO](https://socket.io/) >= 3.0.0
This repository was originally forked from [auth0-socketio-jwt](https://github.com/auth0-community/auth0-socketio-jwt) & it is not intended to take any credit but to improve the code from now on.
## 💾 Install
**Note:** It is a package that is recommended to use/install on both the client and server sides.
```sh
npm install --save @thream/socketio-jwt
```
@ -46,111 +33,44 @@ npm install --save @thream/socketio-jwt
### Server side
```ts
import { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
import { Server } from 'socket.io'
import socketioJWT from '@thream/socketio-jwt'
const io = new Server(9000)
io.use(
authorize({
secret: "your secret or public key",
}),
secret: 'your secret or public key'
})
)
io.on("connection", async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
io.on('connection', async () => {
const clients = await io.sockets.allSockets()
if (clients != null) {
for (const clientId of clients) {
const client = io.sockets.sockets.get(clientId)
client?.emit("messages", { message: "Success!" })
// we can access the jwt payload of each connected client
console.log(client?.decodedToken)
}
for (const clientId of clients) {
const client = io.sockets.sockets.get(clientId)
console.log(client.decodedToken) // we can access the jwt payload of each connected client
}
})
```
### Server side with `jwks-rsa` (example)
```ts
import jwksClient from "jwks-rsa"
import { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
const client = jwksClient({
jwksUri: "https://sandrino.auth0.com/.well-known/jwks.json",
})
const io = new Server(9000)
io.use(
authorize({
secret: async (decodedToken) => {
const key = await client.getSigningKeyAsync(decodedToken.header.kid)
return key.getPublicKey()
},
}),
)
io.on("connection", async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
// You can do the same things of the previous example there...
})
```
### Server side with `onAuthentication` (example)
```ts
import { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
const io = new Server(9000)
io.use(
authorize({
secret: "your secret or public key",
onAuthentication: async (decodedToken) => {
// return the object that you want to add to the user property
// or throw an error if the token is unauthorized
},
}),
)
io.on("connection", async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
// You can do the same things of the previous example there...
// user object returned in onAuthentication
console.log(socket.user)
})
```
### `authorize` options
- `secret` is a string containing the secret for HMAC algorithms, or a function that should fetch the secret or public key as shown in the example with `jwks-rsa`.
- `algorithms` (default: `HS256`)
- `onAuthentication` is a function that will be called with the `decodedToken` as a parameter after the token is authenticated. Return a value to add to the `user` property in the socket object.
### Client side
```ts
import { io } from "socket.io-client"
import { isUnauthorizedError } from "@thream/socketio-jwt/build/UnauthorizedError.js"
import { io } from 'socket.io-client'
// Require Bearer Token
const socket = io("http://localhost:9000", {
auth: { token: `Bearer ${yourJWT}` },
// Require Bearer Tokens to be passed in as an Authorization Header
const socket = io('http://localhost:9000', {
extraHeaders: { Authorization: `Bearer ${yourJWT}` }
})
// Handling token expiration
socket.on("connect_error", (error) => {
if (isUnauthorizedError(error)) {
console.log("User token has expired")
socket.on('connect_error', (error) => {
if (error.data.type === 'UnauthorizedError') {
console.log('User token has expired')
}
})
// Listening to events
socket.on("messages", (data) => {
socket.on('messages', (data) => {
console.log(data)
})
```
@ -159,7 +79,7 @@ socket.on("messages", (data) => {
Anyone can help to improve the project, submit a Feature Request, a bug report or even correct a simple spelling mistake.
The steps to contribute can be found in the [CONTRIBUTING.md](./CONTRIBUTING.md) file.
The steps to contribute can be found in the [CONTRIBUTING.md](./.github/CONTRIBUTING.md) file.
## 📄 License

1
commitlint.config.js Normal file
View File

@ -0,0 +1 @@
module.exports = { extends: ['@commitlint/config-conventional'] }

14300
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

142
package.json
View File

@ -1,93 +1,111 @@
{
"name": "@thream/socketio-jwt",
"version": "0.0.0-development",
"type": "module",
"public": true,
"version": "1.0.0",
"description": "Authenticate socket.io incoming connections with JWTs.",
"license": "MIT",
"main": "build/index.js",
"types": "build/index.d.ts",
"files": [
"build",
"!**/*.test.js",
"!**/*.test.d.ts",
"!**/*.map"
"build"
],
"engines": {
"node": ">=16.0.0",
"npm": ">=9.0.0"
},
"publishConfig": {
"access": "public",
"provenance": true
"node": ">=12"
},
"keywords": [
"socket",
"socket.io",
"jwt"
],
"author": "Théo LUDWIG <contact@theoludwig.fr>",
"author": "Divlo <contact@divlo.fr>",
"repository": {
"type": "git",
"url": "https://github.com/Thream/socketio-jwt"
"url": "git+https://github.com/Thream/socketio-jwt"
},
"bugs": {
"url": "https://github.com/Thream/socketio-jwt/issues"
},
"homepage": "https://github.com/Thream/socketio-jwt#readme",
"husky": {
"hooks": {
"commit-msg": "commitlint -E HUSKY_GIT_PARAMS",
"pre-commit": "npm run lint"
}
},
"release-it": {
"git": {
"commitMessage": "chore(release): v${version}"
},
"github": {
"release": false
},
"npm": {
"publish": false
},
"hooks": {
"before:init": [
"npm run lint",
"npm run test"
]
},
"plugins": {
"@release-it/conventional-changelog": {
"preset": "angular",
"infile": "CHANGELOG.md"
}
}
},
"jest": {
"preset": "ts-jest",
"testEnvironment": "node",
"rootDir": "./src",
"collectCoverage": true,
"coverageDirectory": "../coverage/"
},
"ts-standard": {
"files": [
"./src/**/*.ts"
],
"envs": [
"node",
"jest"
]
},
"scripts": {
"build": "rimraf ./build && swc ./src --out-dir ./build",
"build:dev": "swc ./src --out-dir ./build --watch",
"build:typescript": "tsc",
"lint:commit": "commitlint",
"lint:editorconfig": "editorconfig-checker",
"lint:markdown": "markdownlint-cli2",
"lint:eslint": "eslint . --max-warnings 0 --report-unused-disable-directives --ignore-path .gitignore",
"lint:prettier": "prettier . --check",
"lint:staged": "lint-staged",
"test": "cross-env NODE_ENV=test node --enable-source-maps --test build/",
"release": "semantic-release",
"postinstall": "husky install",
"prepublishOnly": "pinst --disable",
"postpublish": "pinst --enable"
"build": "rimraf ./build && tsc",
"lint": "exit 0",
"format": "ts-standard --fix | snazzy",
"release": "release-it",
"test": "jest",
"test:watchAll": "jest --watchAll",
"test:clearCache": "jest --clearCache"
},
"peerDependencies": {
"socket.io": ">=3.0.0"
"socket.io": "*"
},
"dependencies": {
"jsonwebtoken": "9.0.2"
"jsonwebtoken": "8.5.1"
},
"devDependencies": {
"@commitlint/cli": "18.0.0",
"@commitlint/config-conventional": "18.0.0",
"@swc/cli": "0.1.62",
"@swc/core": "1.3.94",
"@tsconfig/strictest": "2.0.2",
"@types/jsonwebtoken": "9.0.4",
"@types/node": "20.8.7",
"@typescript-eslint/eslint-plugin": "6.9.0",
"@typescript-eslint/parser": "6.9.0",
"axios": "1.5.1",
"cross-env": "7.0.3",
"editorconfig-checker": "5.1.1",
"eslint": "8.52.0",
"eslint-config-conventions": "12.0.0",
"eslint-config-prettier": "9.0.0",
"eslint-plugin-import": "2.29.0",
"eslint-plugin-prettier": "5.0.1",
"eslint-plugin-promise": "6.1.1",
"eslint-plugin-unicorn": "48.0.1",
"fastify": "4.24.3",
"husky": "8.0.3",
"lint-staged": "15.0.2",
"markdownlint-cli2": "0.10.0",
"markdownlint-rule-relative-links": "2.1.0",
"pinst": "3.0.0",
"prettier": "3.0.3",
"rimraf": "5.0.5",
"semantic-release": "22.0.5",
"socket.io": "4.7.2",
"socket.io-client": "4.7.2",
"typescript": "5.2.2"
"@commitlint/cli": "11.0.0",
"@commitlint/config-conventional": "11.0.0",
"@release-it/conventional-changelog": "2.0.0",
"@types/express": "4.17.9",
"@types/jest": "26.0.19",
"@types/jsonwebtoken": "8.5.0",
"@types/node": "14.14.16",
"@types/server-destroy": "1.0.1",
"axios": "0.21.1",
"express": "4.17.1",
"husky": "4.3.6",
"jest": "26.6.3",
"release-it": "14.2.2",
"rimraf": "3.0.2",
"server-destroy": "1.0.1",
"snazzy": "9.0.0",
"socket.io": "3.0.4",
"socket.io-client": "3.0.4",
"ts-jest": "26.4.4",
"ts-standard": "10.0.0",
"typescript": "4.1.3"
}
}

22
src/UnauthorizedError.ts
View File

@ -1,30 +1,16 @@
export class UnauthorizedError extends Error {
public inner: { message: string }
public data: { message: string; code: string; type: "UnauthorizedError" }
public data: { message: string, code: string, type: 'UnauthorizedError' }
constructor(code: string, error: { message: string }) {
constructor (code: string, error: { message: string }) {
super(error.message)
this.name = "UnauthorizedError"
this.message = error.message
this.inner = error
this.data = {
message: this.message,
code,
type: "UnauthorizedError",
type: 'UnauthorizedError'
}
Object.setPrototypeOf(this, UnauthorizedError.prototype)
}
}
export const isUnauthorizedError = (
error: unknown,
): error is UnauthorizedError => {
return (
typeof error === "object" &&
error != null &&
"data" in error &&
typeof error.data === "object" &&
error.data != null &&
"type" in error.data &&
error.data.type === "UnauthorizedError"
)
}

367
src/__test__/authorize.test.ts
View File

@ -1,340 +1,69 @@
import test from "node:test"
import assert from "node:assert/strict"
import axios from 'axios'
import { io } from 'socket.io-client'
import axios from "axios"
import type { Socket } from "socket.io-client"
import { io } from "socket.io-client"
import { fixtureStart, fixtureStop } from './fixture'
import { isUnauthorizedError } from "../UnauthorizedError.js"
import type { Profile } from "./fixture/index.js"
import {
API_URL,
fixtureStart,
fixtureStop,
getSocket,
basicProfile,
} from "./fixture/index.js"
describe('authorize', () => {
let token: string = ''
export const api = axios.create({
baseURL: API_URL,
headers: {
"Content-Type": "application/json",
},
})
const secretCallback = async (): Promise<string> => {
return "somesecret"
}
await test("authorize", async (t) => {
await t.test("with secret as string in options", async (t) => {
let token = ""
let socket: Socket | null = null
t.beforeEach(async () => {
await fixtureStart()
const response = await api.post("/login", {})
beforeEach((done) => {
jest.setTimeout(15_000)
fixtureStart(async () => {
const response = await axios.post('http://localhost:9000/login')
token = response.data.token
})
t.afterEach(async () => {
socket?.disconnect()
await fixtureStop()
})
await t.test("should emit error with no token provided", () => {
socket = io(API_URL)
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(error.data.message, "no token provided")
assert.strictEqual(error.data.code, "credentials_required")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should emit error with bad token format", () => {
socket = io(API_URL, {
auth: { token: "testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Format is Authorization: Bearer [token]",
)
assert.strictEqual(error.data.code, "credentials_bad_format")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should emit error with unauthorized handshake", () => {
socket = io(API_URL, {
auth: { token: "Bearer testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Unauthorized: Token is missing or invalid Bearer",
)
assert.strictEqual(error.data.code, "invalid_token")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should connect the user", () => {
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
})
socket.on("connect", async () => {
assert.ok(true)
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
})
done()
})
})
await t.test("with secret as callback in options", async (t) => {
let token = ""
let socket: Socket | null = null
afterEach((done) => {
fixtureStop(done)
})
t.beforeEach(async () => {
await fixtureStart({ secret: secretCallback })
const response = await api.post("/login", {})
token = response.data.token
})
t.afterEach(async () => {
socket?.disconnect()
await fixtureStop()
})
await t.test("should emit error with no token provided", () => {
socket = io(API_URL)
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(error.data.message, "no token provided")
assert.strictEqual(error.data.code, "credentials_required")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should emit error with bad token format", () => {
socket = io(API_URL, {
auth: { token: "testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Format is Authorization: Bearer [token]",
)
assert.strictEqual(error.data.code, "credentials_bad_format")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should emit error with unauthorized handshake", () => {
socket = io(API_URL, {
auth: { token: "Bearer testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Unauthorized: Token is missing or invalid Bearer",
)
assert.strictEqual(error.data.code, "invalid_token")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should connect the user", () => {
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
})
socket.on("connect", async () => {
assert.ok(true)
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
})
it('should emit error with no token provided', (done) => {
const socket = io('http://localhost:9000')
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual('no token provided')
expect(err.data.code).toEqual('credentials_required')
socket.close()
done()
})
})
await t.test("with onAuthentication callback in options", async (t) => {
let token = ""
let wrongToken = ""
let socket: Socket | null = null
t.beforeEach(async () => {
await fixtureStart({
secret: secretCallback,
onAuthentication: (decodedToken: Profile) => {
if (!decodedToken.checkField) {
throw new Error("Check Field validation failed")
}
return {
email: decodedToken.email,
}
},
})
const response = await api.post("/login", {})
token = response.data.token
const responseWrong = await api.post("/login-wrong", {})
wrongToken = responseWrong.data.token
it('should emit error with bad token format', (done) => {
const socket = io('http://localhost:9000', {
extraHeaders: { Authorization: 'testing' }
})
t.afterEach(async () => {
socket?.disconnect()
await fixtureStop()
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(err.data.code).toEqual('credentials_bad_format')
socket.close()
done()
})
})
await t.test("should emit error with no token provided", () => {
socket = io(API_URL)
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(error.data.message, "no token provided")
assert.strictEqual(error.data.code, "credentials_required")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
it('should emit error with unauthorized handshake', (done) => {
const socket = io('http://localhost:9000', {
extraHeaders: { Authorization: 'Bearer testing' }
})
await t.test("should emit error with bad token format", () => {
socket = io(API_URL, {
auth: { token: "testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Format is Authorization: Bearer [token]",
)
assert.strictEqual(error.data.code, "credentials_bad_format")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(err.data.code).toEqual('invalid_token')
socket.close()
done()
})
})
await t.test("should emit error with unauthorized handshake", () => {
socket = io(API_URL, {
auth: { token: "Bearer testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Unauthorized: Token is missing or invalid Bearer",
)
assert.strictEqual(error.data.code, "invalid_token")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
it('should connect the user', (done) => {
const socket = io('http://localhost:9000', {
extraHeaders: { Authorization: `Bearer ${token}` }
})
await t.test("should connect the user", () => {
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
})
socket.on("connect", async () => {
assert.ok(true)
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
})
})
await t.test("should contains user properties", () => {
const socketServer = getSocket()
socketServer?.on("connection", (client: any) => {
assert.strictEqual(client.user.email, basicProfile.email)
assert.ok(true)
})
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
})
})
await t.test("should emit error when user validation fails", () => {
socket = io(API_URL, {
auth: { token: `Bearer ${wrongToken}` },
})
socket.on("connect_error", async (error) => {
try {
assert.strictEqual(error.message, "Check Field validation failed")
assert.ok(true)
} catch {
assert.fail(error.message)
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
socket.on('connect', () => {
socket.close()
done()
})
})
})

107
src/__test__/fixture/index.ts
View File

@ -1,83 +1,48 @@
import jwt from "jsonwebtoken"
import { Server as SocketIoServer } from "socket.io"
import type { FastifyInstance } from "fastify"
import fastify from "fastify"
import express from 'express'
import jwt from 'jsonwebtoken'
import { Server as HttpServer } from 'http'
import { Server as HttpsServer } from 'https'
import { Server as SocketIoServer } from 'socket.io'
import enableDestroy from 'server-destroy'
import type { AuthorizeOptions } from "../../index.js"
import { authorize } from "../../index.js"
import { authorize } from '../../index'
interface FastifyIo {
instance: SocketIoServer
interface Socket {
io: null | SocketIoServer
init: (httpServer: HttpServer | HttpsServer) => void
}
declare module "fastify" {
export interface FastifyInstance {
io: FastifyIo
const socket: Socket = {
io: null,
init (httpServer) {
socket.io = new SocketIoServer(httpServer)
}
}
export interface BasicProfile {
email: string
id: number
}
let server: HttpServer | null = null
export interface Profile extends BasicProfile {
checkField: boolean
}
export const PORT = 9000
export const API_URL = `http://localhost:${PORT}`
export const basicProfile: BasicProfile = {
email: "john@doe.com",
id: 123,
}
let application: FastifyInstance | null = null
export const fixtureStart = async (
options: AuthorizeOptions = { secret: "super secret" },
): Promise<void> => {
const profile: Profile = { ...basicProfile, checkField: true }
let keySecret = ""
if (typeof options.secret === "string") {
keySecret = options.secret
} else {
keySecret = await options.secret({
header: { alg: "HS256" },
payload: profile,
})
}
application = fastify()
application.post("/login", async (_request, reply) => {
const token = jwt.sign(profile, keySecret, {
expiresIn: 60 * 60 * 5,
})
reply.statusCode = 201
return { token }
})
application.post("/login-wrong", async (_request, reply) => {
profile.checkField = false
const token = jwt.sign(profile, keySecret, {
expiresIn: 60 * 60 * 5,
})
reply.statusCode = 201
return { token }
})
const instance = new SocketIoServer(application.server)
instance.use(authorize(options))
application.decorate("io", { instance })
application.addHook("onClose", (fastify) => {
fastify.io.instance.close()
})
await application.listen({
port: PORT,
export const fixtureStart = (done: any): void => {
const options = { secret: 'aaafoo super sercret' }
const app = express()
app.use(express.json())
app.post('/login', (_req, res) => {
const profile = {
email: 'john@doe.com',
id: 123
}
const token = jwt.sign(profile, options.secret, { expiresIn: 60 * 60 * 5 })
return res.json({ token })
})
server = app.listen(9000, done)
socket.init(server)
socket.io?.use(authorize(options))
enableDestroy(server)
}
export const fixtureStop = async (): Promise<void> => {
await application?.close()
}
export const getSocket = (): SocketIoServer | undefined => {
return application?.io.instance
export const fixtureStop = (callback: Function): void => {
socket.io?.close()
try {
server?.destroy()
} catch (err) {}
callback()
}

97
src/authorize.ts
View File

@ -1,91 +1,58 @@
import type { Algorithm } from "jsonwebtoken"
import jwt from "jsonwebtoken"
import type { Socket } from "socket.io"
import jwt from 'jsonwebtoken'
import { Socket } from 'socket.io'
import { UnauthorizedError } from "./UnauthorizedError.js"
import { UnauthorizedError } from './UnauthorizedError'
declare module "socket.io" {
interface Socket extends ExtendedSocket {}
}
interface ExtendedSocket {
encodedToken?: string
decodedToken?: any
user?: any
interface ExtendedError extends Error {
data?: any
}
type SocketIOMiddleware = (
socket: Socket,
next: (error?: UnauthorizedError) => void,
next: (err?: ExtendedError) => void
) => void
interface CompleteDecodedToken {
header: {
alg: Algorithm
[key: string]: any
}
payload: any
}
type SecretCallback = (
decodedToken: CompleteDecodedToken,
) => Promise<string> | string
export interface AuthorizeOptions {
secret: string | SecretCallback
algorithms?: Algorithm[]
onAuthentication?: (decodedToken: any) => Promise<any> | any
interface AuthorizeOptions {
secret: string
}
export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
const { secret, algorithms = ["HS256"], onAuthentication } = options
return async (socket, next) => {
let encodedToken: string | null = null
const { token } = socket.handshake.auth
if (token != null) {
const tokenSplitted = token.split(" ")
if (tokenSplitted.length !== 2 || tokenSplitted[0] !== "Bearer") {
const { secret } = options
return (socket, next) => {
let token: string | null = null
const authorizationHeader = socket.request.headers.authorization
if (authorizationHeader != null) {
const tokenSplitted = authorizationHeader.split(' ')
if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {
return next(
new UnauthorizedError("credentials_bad_format", {
message: "Format is Authorization: Bearer [token]",
}),
new UnauthorizedError('credentials_bad_format', {
message: 'Format is Authorization: Bearer [token]'
})
)
}
encodedToken = tokenSplitted[1]
token = tokenSplitted[1]
}
if (encodedToken == null) {
if (token == null) {
return next(
new UnauthorizedError("credentials_required", {
message: "no token provided",
}),
new UnauthorizedError('credentials_required', {
message: 'no token provided'
})
)
}
socket.encodedToken = encodedToken
let keySecret: string | null = null
let decodedToken: any = null
if (typeof secret === "string") {
keySecret = secret
} else {
const completeDecodedToken = jwt.decode(encodedToken, { complete: true })
keySecret = await secret(completeDecodedToken as CompleteDecodedToken)
}
// Store encoded JWT
socket = Object.assign(socket, { encodedToken: token })
let payload: any
try {
decodedToken = jwt.verify(encodedToken, keySecret, { algorithms })
payload = jwt.verify(token, secret)
} catch {
return next(
new UnauthorizedError("invalid_token", {
message: "Unauthorized: Token is missing or invalid Bearer",
}),
new UnauthorizedError('invalid_token', {
message: 'Unauthorized: Token is missing or invalid Bearer'
})
)
}
socket.decodedToken = decodedToken
if (onAuthentication != null) {
try {
socket.user = await onAuthentication(decodedToken)
} catch (error: any) {
return next(error)
}
}
// Store decoded JWT
socket = Object.assign(socket, { decodedToken: payload })
return next()
}
}

3
src/index.ts
View File

@ -1,2 +1 @@
export * from "./authorize.js"
export * from "./UnauthorizedError.js"
export * from './authorize'

24
tsconfig.json
View File

@ -1,13 +1,23 @@
{
"extends": "@tsconfig/strictest/tsconfig.json",
"compilerOptions": {
"target": "ESNext",
"lib": ["ESNext"],
"module": "NodeNext",
"moduleResolution": "NodeNext",
"target": "ES2019",
"module": "commonjs",
"lib": ["ES2019"],
"moduleResolution": "node",
"allowJs": false,
"checkJs": false,
"declaration": true,
"sourceMap": false,
"outDir": "./build",
"rootDir": "./src",
"emitDeclarationOnly": true,
"declaration": true
"removeComments": false,
"noEmitOnError": true,
"importHelpers": false,
"strict": true,
"esModuleInterop": true,
"experimentalDecorators": true,
"emitDecoratorMetadata": true,
"forceConsistentCasingInFileNames": true,
"incremental": false
}
}