chore(release): v2.0.0

BREAKING CHANGE: extraHeaders with Authorization doesn't work anymore

See: https://socket.io/docs/v3/middlewares/#Sending-credentials

.commitlintrc.json

@@ -0,0 +1 @@
+{ "extends": ["@commitlint/config-conventional"] }

.github/ISSUE_TEMPLATE/BUG.md

@@ -1,6 +1,7 @@
 ---
 name: '🐛 Bug Report'
 about: 'Report an unexpected problem or unintended behavior.'
+title: '[Bug]'
 labels: 'bug'
 ---
 

.github/ISSUE_TEMPLATE/DOCUMENTATION.md

@@ -1,6 +1,7 @@
 ---
 name: '📜 Documentation'
 about: 'Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...).'
+title: '[Documentation]'
 labels: 'documentation'
 ---
 
@@ -10,11 +11,12 @@ Please make sure your issue has not already been fixed.
 Please place an x (no spaces - [x]) in all [ ] that apply.
 -->
 
-### Documentation :
+## Documentation
 
-- [ ] Is Missing
-- [ ] Is Confusing
-- [ ] Has Typo errors
-- [ ] Not Sure?
+<!-- Please uncomment the type of documentation problem this issue address -->
 
-### Proposal
+<!-- Documentation is Missing -->
+<!-- Documentation is Confusing -->
+<!-- Documentation has Typo errors -->
+
+## Proposal

.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md

@@ -1,19 +1,20 @@
 ---
 name: '✨ Feature Request'
 about: 'Suggest a new feature idea.'
+title: '[Feature]'
 labels: 'feature request'
 ---
 
 <!-- Please make sure your issue has not already been fixed. -->
 
-### Description
+## Description
 
 <!-- A clear and concise description of the problem or missing capability... -->
 
-### Describe the solution you'd like
+## Describe the solution you'd like
 
 <!-- If you have a solution in mind, please describe it. -->
 
-### Describe alternatives you've considered
+## Describe alternatives you've considered
 
 <!-- Have you considered any alternative solutions or workarounds? -->

.github/ISSUE_TEMPLATE/IMPROVEMENT.md

@@ -1,6 +1,7 @@
 ---
 name: '🔧 Improvement'
 about: 'Improve structure/format/performance/refactor/tests of the code.'
+title: '[Improvement]'
 labels: 'improvement'
 ---
 
@@ -10,12 +11,14 @@ Please make sure your issue has not already been fixed.
 Please place an x (no spaces - [x]) in all [ ] that apply.
 -->
 
-### Type of Improvement :
+## Type of Improvement
 
-- [ ] Files and Folders Structure
-- [ ] Performance
-- [ ] Refactoring code
-- [ ] Tests
-- [ ] Not Sure?
+<!-- Please uncomment the type of improvements this issue address -->
 
-### Proposal
+<!-- Files and Folders Structure -->
+<!-- Performance -->
+<!-- Refactoring code -->
+<!-- Tests -->
+<!-- Not Sure? -->
+
+## Proposal

.github/ISSUE_TEMPLATE/QUESTION.md

@@ -1,6 +1,7 @@
 ---
 name: '🙋 Question'
 about: 'Further information is requested.'
+title: '[Question]'
 labels: 'question'
 ---
 

.github/PULL_REQUEST_TEMPLATE.md

@@ -9,19 +9,8 @@ Please place an x (no spaces - [x]) in all [ ] that apply.
 
 -->
 
-### What type of change does this PR introduce?
+## What changes this PR introduce?
 
-- [ ] Bugfix
-- [ ] Feature
-- [ ] Refactor
-- [ ] Documentation
-- [ ] Not Sure?
+## List any relevant issue numbers
 
-### Does this PR introduce breaking changes?
-
-- [ ] Yes
-- [ ] No
-
-### List any relevant issue numbers:
-
-### Description:
+## Is there anything you'd like reviewers to focus on?

.github/workflows/commitlint.yml

@@ -12,7 +12,7 @@ on:
 jobs:
   commitlint:
     if: ${{ (github.event_name == 'push') || (github.event_name == 'pull_request_review' && github.event.review.state == 'approved' && (github.event.review.author_association == 'COLLABORATOR' || github.event.review.author_association == 'MEMBER' || github.event.review.author_association == 'OWNER') && !github.event.pull_request.draft && github.event.pull_request.state == 'open') }}
-    runs-on: ubuntu-latest
+    runs-on: 'ubuntu-latest'
     steps:
       - uses: 'actions/checkout@v2'
         with:

.github/workflows/nodejs.yml

@@ -12,7 +12,7 @@ on:
 jobs:
   ci_app:
     if: ${{ (github.event_name == 'push') || (github.event_name == 'pull_request_review' && github.event.review.state == 'approved' && (github.event.review.author_association == 'COLLABORATOR' || github.event.review.author_association == 'MEMBER' || github.event.review.author_association == 'OWNER') && !github.event.pull_request.draft && github.event.pull_request.state == 'open') }}
-    runs-on: ubuntu-latest
+    runs-on: 'ubuntu-latest'
     strategy:
       matrix:
         node-version: [14.x]
@@ -25,10 +25,9 @@ jobs:
           node-version: ${{ matrix.node-version }}
 
       - name: 'Cache dependencies'
-        uses: 'actions/cache@v2'
+        uses: 'actions/cache@v2.1.4'
         with:
-          path: |
-            **/node_modules
+          path: '**/node_modules'
           key: ${{ runner.os }}-${{ hashFiles('**/package.json') }}
 
       - name: 'Install dependencies'
@@ -37,6 +36,9 @@ jobs:
       - name: 'Lint'
         run: 'npm run lint'
 
+      - name: 'MarkdownLint'
+        run: 'npm run markdownlint'
+
       - name: 'Build'
         run: 'npm run build'
 

.github/workflows/npm-publish.yml

@@ -13,7 +13,7 @@ jobs:
       - uses: 'actions/checkout@v2'
 
       - name: 'Cache dependencies'
-        uses: 'actions/cache@v2'
+        uses: 'actions/cache@v2.1.4'
         with:
           path: '**/node_modules'
           key: ${{ runner.os }}-${{ hashFiles('**/package.json') }}

.husky/.gitignore

@@ -0,0 +1 @@
+_

.husky/commit-msg

@@ -0,0 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+npx --no-install commitlint --edit

.husky/pre-commit

@@ -0,0 +1,5 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+npm run lint
+npm run markdownlint

.markdownlint.json

@@ -0,0 +1,7 @@
+{
+  "default": true,
+  "MD013": false,
+  "MD024": false,
+  "MD033": false,
+  "MD041": false
+}

.yarnrc

@@ -1,2 +1,2 @@
-install.no-lockfile true
+--install.no-lockfile true
 save-exact true

CHANGELOG.md

@@ -1,5 +1,41 @@
 # Changelog
 
+## [2.0.0](https://github.com/Thream/socketio-jwt/compare/v1.1.1...v2.0.0) (2021-02-22)
+
+### Features
+
+- usage of auth option to send credentials ([a14d4e9](https://github.com/Thream/socketio-jwt/commit/a14d4e937b764fdf4fb6b173c55b6f49688766dd))
+
+  See: <https://socket.io/docs/v3/middlewares/#Sending-credentials>
+
+### BREAKING CHANGES
+
+- `extraHeaders` with `Authorization` doesn't work anymore
+
+### Migration
+
+You need to change the way to connect client side.
+
+Before :
+
+```ts
+import { io } from 'socket.io-client'
+
+const socket = io('http://localhost:9000', {
+  extraHeaders: { Authorization: `Bearer ${yourJWT}` }
+})
+```
+
+After :
+
+```ts
+import { io } from 'socket.io-client'
+
+const socket = io('http://localhost:9000', {
+  auth: { token: `Bearer ${yourJWT}` }
+})
+```
+
 ## [1.1.1](https://github.com/Thream/socketio-jwt/compare/v1.1.0...v1.1.1) (2021-01-28)
 
 ### Bug Fixes

README.md

@@ -87,14 +87,19 @@ io.on('connection', async (socket) => {
 })
 ```
 
+### `authorize` options
+
+- `secret` is a string containing the secret for HMAC algorithms, or a function that should fetch the secret or public key as shown in the example with `jwks-rsa`.
+- `algorithms` (default: `HS256`)
+
 ### Client side
 
 ```ts
 import { io } from 'socket.io-client'
 
-// Require Bearer Tokens to be passed in as an Authorization Header
+// Require Bearer Token
 const socket = io('http://localhost:9000', {
-  extraHeaders: { Authorization: `Bearer ${yourJWT}` }
+  auth: { token: `Bearer ${yourJWT}` }
 })
 
 // Handling token expiration

commitlint.config.js

@@ -1 +0,0 @@
-module.exports = { extends: ['@commitlint/config-conventional'] }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@thream/socketio-jwt",
-  "version": "1.1.1",
+  "version": "2.0.0",
   "description": "Authenticate socket.io incoming connections with JWTs.",
   "license": "MIT",
   "main": "build/index.js",
@@ -25,15 +25,11 @@
     "url": "https://github.com/Thream/socketio-jwt/issues"
   },
   "homepage": "https://github.com/Thream/socketio-jwt#readme",
-  "husky": {
-    "hooks": {
-      "commit-msg": "commitlint -E HUSKY_GIT_PARAMS",
-      "pre-commit": "npm run lint"
-    }
-  },
   "release-it": {
     "git": {
-      "commitMessage": "chore(release): v${version}"
+      "commit": false,
+      "push": false,
+      "tag": false
     },
     "github": {
       "release": false
@@ -44,6 +40,8 @@
     "hooks": {
       "before:init": [
         "npm run lint",
+        "npm run markdownlint",
+        "npm run build",
         "npm run test"
       ]
     },
@@ -72,12 +70,16 @@
   },
   "scripts": {
     "build": "rimraf ./build && tsc",
+    "markdownlint": "markdownlint '**/*.md' --ignore node_modules",
     "lint": "ts-standard | snazzy",
     "format": "ts-standard --fix | snazzy",
     "release": "release-it",
     "test": "jest",
     "test:watchAll": "jest --watchAll",
-    "test:clearCache": "jest --clearCache"
+    "test:clearCache": "jest --clearCache",
+    "postinstall": "husky install",
+    "prepublishOnly": "pinst --disable",
+    "postpublish": "pinst --enable"
   },
   "peerDependencies": {
     "socket.io": ">=3.0.0"
@@ -92,20 +94,22 @@
     "@types/express": "4.17.11",
     "@types/jest": "26.0.20",
     "@types/jsonwebtoken": "8.5.0",
-    "@types/node": "14.14.22",
+    "@types/node": "14.14.31",
     "@types/server-destroy": "1.0.1",
     "axios": "0.21.1",
     "express": "4.17.1",
-    "husky": "4.3.8",
+    "husky": "5.1.0",
     "jest": "26.6.3",
-    "release-it": "14.2.2",
+    "markdownlint-cli": "0.26.0",
+    "pinst": "2.1.4",
+    "release-it": "14.4.1",
     "rimraf": "3.0.2",
     "server-destroy": "1.0.1",
     "snazzy": "9.0.0",
-    "socket.io": "3.1.0",
-    "socket.io-client": "3.1.0",
-    "ts-jest": "26.4.4",
+    "socket.io": "3.1.1",
+    "socket.io-client": "3.1.1",
+    "ts-jest": "26.5.1",
     "ts-standard": "10.0.0",
-    "typescript": "4.1.3"
+    "typescript": "4.1.5"
   }
 }

src/__test__/authorize.test.ts

@@ -31,7 +31,7 @@ describe('authorize - with secret as string in options', () => {
 
   it('should emit error with bad token format', (done) => {
     const socket = io('http://localhost:9000', {
-      extraHeaders: { Authorization: 'testing' }
+      auth: { token: 'testing' }
     })
     socket.on('connect_error', (err: any) => {
       expect(err.data.message).toEqual(
@@ -45,7 +45,7 @@ describe('authorize - with secret as string in options', () => {
 
   it('should emit error with unauthorized handshake', (done) => {
     const socket = io('http://localhost:9000', {
-      extraHeaders: { Authorization: 'Bearer testing' }
+      auth: { token: 'Bearer testing' }
     })
     socket.on('connect_error', (err: any) => {
       expect(err.data.message).toEqual(
@@ -59,7 +59,7 @@ describe('authorize - with secret as string in options', () => {
 
   it('should connect the user', (done) => {
     const socket = io('http://localhost:9000', {
-      extraHeaders: { Authorization: `Bearer ${token}` }
+      auth: { token: `Bearer ${token}` }
     })
     socket.on('connect', () => {
       socket.close()
@@ -93,7 +93,7 @@ describe('authorize - with secret as callback in options', () => {
 
   it('should connect the user', (done) => {
     const socket = io('http://localhost:9000', {
-      extraHeaders: { Authorization: `Bearer ${token}` }
+      auth: { token: `Bearer ${token}` }
     })
     socket.on('connect', () => {
       socket.close()

src/authorize.ts

@@ -40,9 +40,9 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
   const { secret, algorithms = ['HS256'] } = options
   return async (socket, next) => {
     let encodedToken: string | null = null
-    const authorizationHeader = socket.request.headers.authorization
-    if (authorizationHeader != null) {
-      const tokenSplitted = authorizationHeader.split(' ')
+    const { token } = socket.handshake.auth
+    if (token != null) {
+      const tokenSplitted = token.split(' ')
       if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {
         return next(
           new UnauthorizedError('credentials_bad_format', {
@@ -59,7 +59,6 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
         })
       )
     }
-    // Store encoded JWT
     socket.encodedToken = encodedToken
     let keySecret: string | null = null
     let decodedToken: any
@@ -78,7 +77,6 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
         })
       )
     }
-    // Store decoded JWT
     socket.decodedToken = decodedToken
     return next()
   }