Authenticate socket.io incoming connections with JWTs. https://www.npmjs.com/package/@thream/socketio-jwt
This repository has been archived on 2024-11-11. You can view files and clone it, but cannot push or open issues or pull requests.
Go to file
2020-12-29 12:28:53 +01:00
.github ci: faster build by removing codeql_analysis 2020-12-29 12:23:18 +01:00
src test: add authorize 100% coverage 2020-12-29 04:05:39 +01:00
.editorconfig chore: initial commit 2020-12-27 17:25:44 +01:00
.gitignore chore: basic structure of files to rewrite in TS 2020-12-28 16:49:31 +01:00
.npmrc chore: initial commit 2020-12-27 17:25:44 +01:00
.yarnrc chore: initial commit 2020-12-27 17:25:44 +01:00
CHANGELOG.md chore(release): v1.0.0 2020-12-29 04:51:35 +01:00
commitlint.config.js chore: add commitlint, husky and release-it 2020-12-27 18:18:34 +01:00
LICENSE chore: initial commit 2020-12-27 17:25:44 +01:00
package.json chore(release): v1.0.0 2020-12-29 04:51:35 +01:00
README.md docs(readme): add npm badge version 2020-12-29 12:28:53 +01:00
tsconfig.json chore: basic structure of files to rewrite in TS 2020-12-28 16:49:31 +01:00

Thream/socketio-jwt

Authenticate socket.io incoming connections with JWTs.

Node.js CI codecov Dependabot badge npm version TypeScript Standard Style Licence MIT Conventional Commits Contributor Covenant

📜 About

Authenticate socket.io incoming connections with JWTs.

Compatible with socket.io >= 3.0.

This repository was originally forked from auth0-socketio-jwt & it is not intended to take any credit but to improve the code from now on.

💾 Install

npm install --save @thream/socketio-jwt

⚙️ Usage

Server side

import { Server } from 'socket.io'
import { authorize } from '@thream/socketio-jwt'

const io = new Server(9000)
io.use(
  authorize({
    secret: 'your secret or public key'
  })
)

io.on('connection', async () => {
  const clients = await io.sockets.allSockets()
  for (const clientId of clients) {
    const client = io.sockets.sockets.get(clientId)
    client.emit('messages', { message: 'Success!' })
    // we can access the jwt payload of each connected client
    console.log(client.decodedToken)
  }
})

Client side

import { io } from 'socket.io-client'

// Require Bearer Tokens to be passed in as an Authorization Header
const socket = io('http://localhost:9000', {
  extraHeaders: { Authorization: `Bearer ${yourJWT}` }
})

// Handling token expiration
socket.on('connect_error', (error) => {
  if (error.data.type === 'UnauthorizedError') {
    console.log('User token has expired')
  }
})

// Listening to events
socket.on('messages', (data) => {
  console.log(data)
})

💡 Contributing

Anyone can help to improve the project, submit a Feature Request, a bug report or even correct a simple spelling mistake.

The steps to contribute can be found in the CONTRIBUTING.md file.

📄 License

MIT