Authenticate socket.io incoming connections with JWTs.
## 📜 About
Authenticate socket.io incoming connections with JWTs.
Compatible with `socket.io >= 3.0`.
This repository was originally forked from [auth0-socketio-jwt](https://github.com/auth0-community/auth0-socketio-jwt) & it is not intended to take any credit but to improve the code from now on.
## 💾 Install
```sh
npm install --save @thream/socketio-jwt
```
## ⚙️ Usage
### Server side
```ts
import { Server } from 'socket.io'
import { authorize } from '@thream/socketio-jwt'
const io = new Server(9000)
io.use(
authorize({
secret: 'your secret or public key'
})
)
io.on('connection', async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
const clients = await io.sockets.allSockets()
if (clients != null) {
for (const clientId of clients) {
const client = io.sockets.sockets.get(clientId)
client?.emit('messages', { message: 'Success!' })
// we can access the jwt payload of each connected client
console.log(client?.decodedToken)
}
}
})
```
### Client side
```ts
import { io } from 'socket.io-client'
// Require Bearer Tokens to be passed in as an Authorization Header
const socket = io('http://localhost:9000', {
extraHeaders: { Authorization: `Bearer ${yourJWT}` }
})
// Handling token expiration
socket.on('connect_error', (error) => {
if (error.data.type === 'UnauthorizedError') {
console.log('User token has expired')
}
})
// Listening to events
socket.on('messages', (data) => {
console.log(data)
})
```
## 💡 Contributing
Anyone can help to improve the project, submit a Feature Request, a bug report or even correct a simple spelling mistake.
The steps to contribute can be found in the [CONTRIBUTING.md](./.github/CONTRIBUTING.md) file.
## 📄 License
[MIT](./LICENSE)
