From d37a03968834e677c3e30a1b7d21ca654c09000e Mon Sep 17 00:00:00 2001 From: Ian Mancini Date: Sun, 15 Nov 2020 13:30:41 -0300 Subject: [PATCH] Add passport.socketio authentication --- packages/server/package-lock.json | 13 +++++++++++ packages/server/package.json | 1 + packages/server/src/index.js | 36 +++++++++++++++++++++++++++---- 3 files changed, 46 insertions(+), 4 deletions(-) diff --git a/packages/server/package-lock.json b/packages/server/package-lock.json index d4df02b..9993d82 100644 --- a/packages/server/package-lock.json +++ b/packages/server/package-lock.json @@ -4417,6 +4417,14 @@ "xtraverse": "0.1.x" } }, + "passport.socketio": { + "version": "3.7.0", + "resolved": "https://registry.npmjs.org/passport.socketio/-/passport.socketio-3.7.0.tgz", + "integrity": "sha1-LuX6/paV1CgcjN3T/pdezRjmcm4=", + "requires": { + "xtend": "^4.0.0" + } + }, "path-dirname": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/path-dirname/-/path-dirname-1.0.2.tgz", @@ -5881,6 +5889,11 @@ "resolved": "https://registry.npmjs.org/xmldom/-/xmldom-0.1.31.tgz", "integrity": "sha512-yS2uJflVQs6n+CyjHoaBmVSqIDevTAWrzMmjG1Gc7h1qQ7uVozNhEPJAwZXWyGQ/Gafo3fCwrcaokezLPupVyQ==" }, + "xtend": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz", + "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==" + }, "xtraverse": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/xtraverse/-/xtraverse-0.1.0.tgz", diff --git a/packages/server/package.json b/packages/server/package.json index 12752be..cacbae7 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -48,6 +48,7 @@ "passport-facebook": "^3.0.0", "passport-google-oauth20": "^2.0.0", "passport-twitter": "^1.0.4", + "passport.socketio": "^3.7.0", "redis": "^3.0.2", "regenerator-runtime": "^0.13.7", "socket-io": "^1.0.0", diff --git a/packages/server/src/index.js b/packages/server/src/index.js index 8ddf481..357e49f 100644 --- a/packages/server/src/index.js +++ b/packages/server/src/index.js @@ -12,11 +12,13 @@ import cookieParser from 'cookie-parser' import session from 'express-session' import redis from 'redis' import connectRedis from 'connect-redis' + import connectSocketIO from 'socket.io' +import passportSocketIo from 'passport.socketio' import morgan from 'morgan' -import { morganStream } from './logger' +import logger, { morganStream } from './logger' import passport from 'passport' import mongoose from 'mongoose' @@ -57,6 +59,7 @@ mongoose.connect( const app = express() app.set('trust proxy', 1) const server = http.createServer(app) +// @ts-ignore const io = connectSocketIO(server) app.use(bodyParser.json()) @@ -78,15 +81,40 @@ app.use('/auth', authRouter) app.use(morgan('short', { stream: morganStream })) +function onAuthorizeSuccess(data, accept) { + // console.log(data.user) + logger.debug( + `Successful connection to socket.io from ${data.user._id} (${data.user.email})`, + ) + accept(null, true) +} + +function onAuthorizeFail(_, message, error, accept) { + if (error) throw new Error(message) + logger.debug('failed connection to socket.io:', message) + accept(null, false) +} + +io.use( + passportSocketIo.authorize({ + // @ts-ignore + cookieParser: cookieParser, // the same middleware you registrer in express + secret: process.env.SESSION_SECRET, // the session_secret to parse the cookie + store: new RedisStore({ client: redisClient }), // we NEED to use a sessionstore. no memorystore please + success: onAuthorizeSuccess, // *optional* callback on success - read more below + fail: onAuthorizeFail, // *optional* callback on fail/error - read more below + }), +) + io.on('connection', (socket) => { - console.log('a user connected') + logger.debug('a user connected') + //console.log(socket.request.user) socket.on('disconnect', () => { - console.log('user disconnected') + logger.debug('a user connected') }) }) if (process.env.NODE_ENV !== 'PRODUCTION') { - const proxy = require('express-http-proxy') app.use('/', proxy('http://localhost:4000/')) } else { // probably serve up build version in production