Authenticate socket.io incoming connections with JWTs. https://www.npmjs.com/package/@thream/socketio-jwt
This repository has been archived on 2024-11-11. You can view files and clone it, but cannot push or open issues or pull requests.
Go to file
2014-01-13 16:00:21 -03:00
lib initial commit after fork of passport-socketio 2014-01-13 16:00:21 -03:00
test initial commit after fork of passport-socketio 2014-01-13 16:00:21 -03:00
.gitignore initial 2012-09-05 15:14:36 -03:00
package.json initial commit after fork of passport-socketio 2014-01-13 16:00:21 -03:00
README.md initial commit after fork of passport-socketio 2014-01-13 16:00:21 -03:00

Authenticate socket.io incoming connections with JWTs. This is useful if you are build a single page application and you are not using cookies as explained in this blog post: Cookies vs Tokens. Getting auth right with Angular.JS.

Installation

npm install socketio-jwt

Example usage

var io            = require("socket.io")(server);
var socketioJwt   = require("socketio-jwt");

// set authorization for socket.io
io.set('authorization', socketioJwt.authorize({
  secret: 'your secret or public key'
}));

For more validation options see auth0/jsonwebtoken.

Client side:

For now the only way to append the jwt token is using query string:

var socket = io.connect('http://localhost:9000', {
  'query': 'token=' + your_jwt
});

Take care as URLs has a lenght limitation on Internet Explorer. I opened a issue in engine-io-client to support headers.

Contribute

You are always welcome to open an issue or provide a pull-request!

Also check out the unit tests:

npm test

License

Licensed under the MIT-License. 2013 AUTH10 LLC.