Thream/socketio-jwt
Archived
2
1
Fork 0
Code Issues Pull Requests Releases Activity
Authenticate socket.io incoming connections with JWTs. https://www.npmjs.com/package/@thream/socketio-jwt
This repository has been archived on 2024-11-11. You can view files and clone it, but cannot push or open issues or pull requests.
33 Commits 2 Branches 18 Tags 3.9 MiB
TypeScript 98.9%
Shell 1.1%
928cd508ff
Go to file
Screeny 928cd508ff major changes 
passport.socketio now lets the user decide whether to accept a
connection or not. to do so, you have tu provide your own 'fail'-method.
this will be called unless the user is successfuly authenticated (still
uses the 'success'-method). The method will be called with four
parameters:
- data: <Object> Handshake Data
- message <String> Error-Message
- critical <Bool> True if the User is and will be unable to use
socket.io because of errors in the authorization-system or somewhere
else. False if the user would still be able to use the system (indicates
that he's just not logged-in)
- accept: <function> plain old accept function.
If there's no fail-method given, passport.socketio allows every
not-critical-failed connection.
Also there is now a 'logged_in' <Bool>-Property inside your User-Key.
2013-11-06 18:19:00 +01:00
lib major changes 2013-11-06 18:19:00 +01:00
test remove connect and cookie dependency 2013-06-05 08:38:33 -03:00
.gitignore initial 2012-09-05 15:14:36 -03:00
package.json 1.2.1 2013-06-30 16:44:51 -03:00
README.md add note about cors, closes #28 2013-11-03 21:11:52 -02:00

README.md

Access Passport.js user information from socket.io connection.

Installation

npm install passport.socketio

Usage


  //configure passport and express

  var socketIo = require("socket.io"),
    passportSocketIo = require("passport.socketio");

  var sio = socketIo.listen(webServer);


  //except for the optional fail and success the parameter object has the 
  //same attribute than the session middleware http://www.senchalabs.org/connect/middleware-session.html

  sio.set("authorization", passportSocketIo.authorize({
    cookieParser: express.cookieParser, //or connect.cookieParser
    key:          'express.sid',        //the cookie where express (or connect) stores its session id.
    secret:       'my session secret',  //the session secret to parse the cookie
    store:         mySessionStore,      //the session store that express uses
    fail: function(data, accept) {      // *optional* callbacks on success or fail
      accept(null, false);              // second param takes boolean on whether or not to allow handshake
    },
    success: function(data, accept) {
      accept(null, true);
    }
  }));

  sio.sockets.on("connection", function(socket){
    console.log("user connected: ", socket.handshake.user.name);
    
    //filter sockets by user...
    var userGender = socket.handshake.user.gender, 
        opposite = userGender === "male" ? "female" : "male";

    passportSocketIo.filterSocketsByUser(sio, function (user) {
      return user.gender === opposite;
    }).forEach(function(s){
      s.send("a " + userGender + " has arrived!");
    });

  });

Note: in the client-side use io.connect() or io.connect('http://the-same-domain.com') because Socket.io can work with CORS but the browser will not send the cookies.

Develop

npm install
npm test

License

MIT - José F. Romaniello 2012.