Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
socketio-jwt-decoder
Advanced tools
socketio-jwt-decoder - npm Package Compare versions
Comparing version 1.0.2 to 2.0.0
@@ -5,10 +5,7 @@ var jwt = require('jsonwebtoken'); | ||
| function authorize(options) { | ||
| return function(data, next){ | ||
| return function(socket, next){ | ||
| var token, error; | ||
| var req = data.request || data; | ||
| var req = socket.handshake | ||
| var authorization_header = (req.headers || {}).authorization; | ||
| data.decoded_token = null; | ||
| if (authorization_header) { | ||
@@ -20,3 +17,3 @@ var parts = authorization_header.split(' '); | ||
| if (/^Bearer$/i.test(scheme)) { | ||
| if (scheme.toLowerCase() === 'bearer') { | ||
| token = credentials; | ||
@@ -32,6 +29,2 @@ } | ||
| //get the token from query string | ||
| if (req._query && req._query.token) { | ||
| token = req._query.token; | ||
| } | ||
| else if (req.query && req.query.token) { | ||
@@ -41,6 +34,2 @@ token = req.query.token; | ||
| if (!token) { | ||
| return next(); | ||
| } | ||
| jwt.verify(token, options.secret, options, function(err, decoded) { | ||
@@ -53,6 +42,10 @@ | ||
| data.decoded_token = decoded; | ||
| socket.decoded_token = decoded; | ||
| next(); | ||
| }); | ||
| if (!token) { | ||
| next(); // if there is not token, just pass | ||
| } | ||
| }; | ||
@@ -59,0 +52,0 @@ } |
| { | ||
| "name": "socketio-jwt-decoder", | ||
| "version": "1.0.2", | ||
| "version": "2.0.0", | ||
| "description": "Socket.io JWT decoder", | ||
@@ -5,0 +5,0 @@ "main": "lib/index.js", |
| # Socket.io JWT decoder | ||
| A fork of [auth0/socketio-jwt](https://github.com/auth0/socketio-jwt). | ||
| [](http://travis-ci.org/juangl/socketio-jwt-decoder) | ||
| [](https://david-dm.org/juangl/socketio-jwt-decoder) | ||
| [](https://david-dm.org/juangl/socketio-jwt-decoder#info=devDependencies) | ||
| Authenticate socket.io incoming connections with JWTs. This is useful if you are build a single page application and you are not using cookies as explained in this blog post: [Cookies vs Tokens. Getting auth right with Angular.JS](http://blog.auth0.com/2014/01/07/angularjs-authentication-with-cookies-vs-token/). | ||
| > Authenticate socket.io incoming connections with JWTs. This is useful if you are build a single page application and you are not using cookies as explained in this blog post: [Cookies vs Tokens. Getting auth right with Angular.JS](http://blog.auth0.com/2014/01/07/angularjs-authentication-with-cookies-vs-token/). | ||
| * Socket.io JWT decoder just works for Socket.IO >= 1.0. * | ||
| ## Installation | ||
@@ -22,6 +27,5 @@ | ||
| //// With socket.io >= 1.0 //// | ||
| io.use(socketioJwt.authorize({ | ||
| secret: 'your secret or public key', | ||
| handshake: true | ||
| otherOption: someValue // you can pass other arguments to jsonwebtoken | ||
| })); | ||
@@ -31,5 +35,4 @@ | ||
| io.on('connection', function (socket) { | ||
| // in socket.io < 1.0 | ||
| if (socket.handshake.decoded_token !== null) { // authentication successful | ||
| if (socket.decoded_token) { // authentication successful | ||
| console.log('hello!', socket.handshake.decoded_token.name); | ||
@@ -88,2 +91,2 @@ } | ||
| Licensed under the MIT-License. | ||
| 2013 AUTH10 LLC. | ||
| 2015 Juan Jesús García López |
@@ -51,21 +51,2 @@ var fixture = require('./fixture'); | ||
| describe('unsgined token', function() { | ||
| beforeEach(function () { | ||
| this.token = 'eyJhbGciOiJub25lIiwiY3R5IjoiSldUIn0.eyJuYW1lIjoiSm9obiBGb28ifQ.'; | ||
| }); | ||
| it('should not do the handshake and connect', function (done){ | ||
| var socket = io.connect('http://localhost:9000', { | ||
| 'forceNew':true, | ||
| 'query': 'token=' + this.token | ||
| }); | ||
| socket.on('connect', function () { | ||
| done(new Error('this shouldnt happen')); | ||
| }).on('error', function (err) { | ||
| err.message.should.eql("jwt signature is required"); | ||
| done(); | ||
| }); | ||
| }); | ||
| }); | ||
| }); |
@@ -9,16 +9,12 @@ var express = require('express'); | ||
| var xtend = require('xtend'); | ||
| var server; | ||
| var server, sio; | ||
| exports.start = function (options, callback) { | ||
| exports.start = function (callback) { | ||
| if(typeof options == 'function'){ | ||
| callback = options; | ||
| options = {}; | ||
| } | ||
| options = xtend({ | ||
| secret: 'aaafoo super sercret' | ||
| }, options); | ||
| options = { | ||
| secret: 'aaafoo super sercret', | ||
| timeout: 1000 | ||
| }; | ||
@@ -48,7 +44,4 @@ var app = express(); | ||
| var sio = socketIo.listen(server); | ||
| sio = socketIo.listen(server); | ||
| sio.use(socketio_jwt.authorize(options)); | ||
| sio.set('log level', 0); | ||
@@ -59,2 +52,6 @@ sio.sockets.on('echo', function (m) { | ||
| server.__sockets = []; | ||
| server.on('connection', function (c) { | ||
| server.__sockets.push(c); | ||
| }); | ||
| server.listen(9000, callback); | ||
@@ -64,4 +61,4 @@ }; | ||
| exports.stop = function (callback) { | ||
| server.close(); | ||
| sio.close(); | ||
| callback(); | ||
| }; |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Number of package files
- increased by8.33%
13
- Number of lines in readme file
- increased by3.45%
90
Worsened metrics
- Total package byte prevSize
- decreased by-1.75%
15087
- Lines of code
- decreased by-11.5%
177
No dependency changes