2
1
mirror of https://github.com/Thream/socketio-jwt.git synced 2024-07-21 09:38:31 +02:00
socketio-jwt/lib/index.js
Screeny 928cd508ff major changes
passport.socketio now lets the user decide whether to accept a
connection or not. to do so, you have tu provide your own 'fail'-method.
this will be called unless the user is successfuly authenticated (still
uses the 'success'-method). The method will be called with four
parameters:
- data: <Object> Handshake Data
- message <String> Error-Message
- critical <Bool> True if the User is and will be unable to use
socket.io because of errors in the authorization-system or somewhere
else. False if the user would still be able to use the system (indicates
that he's just not logged-in)
- accept: <function> plain old accept function.
If there's no fail-method given, passport.socketio allows every
not-critical-failed connection.
Also there is now a 'logged_in' <Bool>-Property inside your User-Key.
2013-11-06 18:19:00 +01:00

82 lines
2.4 KiB
JavaScript

var xtend = require('xtend');
function parseCookie(auth, cookieHeader) {
var cookieParser = auth.cookieParser(auth.secret);
var req = {
headers:{
cookie: cookieHeader
}
};
var result;
cookieParser(req, {}, function (err) {
if (err) throw err;
result = req.signedCookies;
});
return result;
}
function authorize(options) {
var defaults = {
passport: require('passport'),
key: 'connect.sid',
secret: null,
store: null,
success: function(data, accept){accept(null, true)},
fail: function(data, message, critical, accept){accept(null, !critical)}
};
var auth = xtend({}, defaults, options );
auth.userProperty = auth.passport._userProperty || 'user';
if (typeof auth.cookieParser === 'undefined' || !auth.cookieParser) {
throw new Error('cookieParser is required use connect.cookieParser or express.cookieParser');
}
return function(data, accept){
data.cookie = parseCookie(auth, data.headers.cookie || '');
data.sessionID = data.cookie[auth.key] || '';
data[auth.userProperty] = {
logged_in: false
};
if(data.xdomain)
return auth.fail(data, 'Can not read cookies from CORS-Requests.', false, accept);
auth.store.get(data.sessionID, function(err, session){
if(err)
return auth.fail(data, 'Error in session store.', true, accept);
if(!session[auth.passport._key])
return auth.fail(data, 'Passport was not initialized', true, accept);
if(!session)
return auth.fail(data, 'No session found', false, accept);
var userKey = session[auth.passport._key][auth.userProperty];
if(!userKey)
return auth.fail(data, 'User not authorized through passport. (User Property not found)', false, accept);
auth.passport.deserializeUser(userKey, function(err, user) {
data[auth.userProperty] = user;
data[auth.userProperty].logged_in = true;
auth.success(data, accept);
});
});
};
}
function filterSocketsByUser(socketIo, filter){
var handshaken = socketIo.sockets.manager.handshaken;
return Object.keys(handshaken || {})
.filter(function(skey){
return filter(handshaken[skey].user);
})
.map(function(skey){
return socketIo.sockets.manager.sockets.sockets[skey];
});
}
exports.authorize = authorize;
exports.filterSocketsByUser = filterSocketsByUser;