Send user data along with handshakeData to socket.io?

Question

Send user data along with handshakeData to socket.io?

So, I have an application running under node js with socket.io as a backend and plain javascript as an interface. My application has a login system in which the client currently simply sends their login information immediately after connecting.

Now I realized that it would be much nicer to have login information sent along with handshakeData, so I can connect directly to the user when I connect (and not after the connection is established), respectively, refuse authorization when the login data is invalid.

I think it would be better to put my extra data in the header of the handshake, so any ideas how I could do this? (Without having to change socket.io if possible, but if this is the only way I can live with it)

+53

node.js socket.io handshake

Wingblade Dec 06

source share

7 answers

Now this has been changed in version 1.0. See migration documents

mostly,

 io.set('authorization', function (handshakeData, callback) { // make sure the handshake data looks good callback(null, true); // error first, 'authorized' boolean second });

becomes:

  io.use(function(socket, next) { var handshakeData = socket.request; // make sure the handshake data looks good as before // if error do this: // next(new Error('not authorized'); // else just call next next(); });

+19

slupek2013 Sep 24 '14 at 14:12

source share

For socket.io v1.2.1 use this:

 io.use(function (socket, next) { var handshake = socket.handshake; console.log(handshake.query); next(); });

+10

zaynetro Dec 22 '14 at 15:31

source share

This is my code for sending request data to the nodes and server.io server.

 var socket = io.connect(window.location.origin, { query: 'loggeduser=user1' }); io.sockets.on('connection', function (socket) { var endp = socket.manager.handshaken[socket.id].address; console.log("query... " + socket.manager.handshaken[socket.id].query.user); }

+7

user2969994 Mar 29 '14 at 20:07

source share

The api may have changed, but I did the following to get more information on the server.

 // client io.connect('localhost:8080', { query: 'foo=bar', extra: 'extra'}); // server io.use(function(sock, next) { var handshakeData = sock.request; console.log('_query:', handshakeData._query); console.log('extra:', handshakeData.extra); next(); });

prints

 _query: { foo: 'bar', EIO: '3', transport: 'polling', t: '1424932455409-0' } extra: undefined

If anyone knows how to get data from a client to a server through a handshake that is not part of the request parameters, let me know.

Update I ran into problems later with this syntax

 io.connect('localhost:8080?foo=bar');

- this is what I am using now.

+1

Harry Moreno Feb 26 '15 at 6:39

source share

I found a little problem to see .loggeduser

 io.sockets.on('connection', function (socket) { var endp = socket.manager.handshaken[socket.id].address; console.log("query... " + socket.manager.handshaken[socket.id].query.loggeduser); // ↑ here }

0

user3678015 May 27 '14 at 1:16

source share

The old thread, but provided that you store your jwt token / session identifier in session cookies (standard things), they are still passed to the default server when executing a handshake (socket.io-client), which I noticed. Is there something wrong with getting authentication information for a handshake (via middleware or on.connection) via a cookie? eg.

 io.on('connection', function(socket) { // assuming base64url token const cookieStr = socket.handshake.headers.cookie const matchRes = cookieStr == null ? false : cookieStr.match(/my-auth-token=([a-zA-Z0-9_.-]+)/) if (matchRes) { // verify your jwt... if ( tokenIsGood(matchRes[1]) { // handle authenticated new socket } else { socket.emit('AUTH_ERR_LOGOUT') socket.disconnect() } } else { socket.emit('AUTH_ERR_LOGOUT') socket.disconnect() } }

I am using this now for a project and it is working fine.

0

KM3 Jan 26 '19 at 6:51

source share

Alex Wright · Accepted Answer · 2012-12-18 19:48

As many comments have already been said, the Socket.IO API has changed in version 1.0 . Authentication should now be performed using the middleware function, see "Authentication Differences" @ http://socket.io/docs/migrating-from-0-9/#authentication-differences . I will include my original answer for those stuck at <1.0, as old documents seem to have disappeared.

1.0 and later:

Client side:

 //The query member of the options object is passed to the server on connection and parsed as a CGI style Querystring. var socket = io("http://127.0.0.1:3000/", { query: "foo=bar" });

Server side:

 io.use(function(socket, next){ console.log("Query: ", socket.handshake.query); // return the result of next() to accept the connection. if (socket.handshake.query.foo == "bar") { return next(); } // call next() with an Error if you need to reject the connection. next(new Error('Authentication error')); });

Pre 1.0

You can pass the request: param in the second argument to connect () on the client side, which will be available on the server in the authorization method.

I just tested it. On the client, I have:

 var c = io.connect('http://127.0.0.1:3000/', { query: "foo=bar" });

On server:

 io.set('authorization', function (handshakeData, cb) { console.log('Auth: ', handshakeData.query); cb(null, true); });

The result on the server looked like this:

 :!node node_app/main.js info - socket.io started Auth: { foo: 'bar', t: '1355859917678' }

Send user data along with handshakeData to socket.io?

1.0 and later:

Pre 1.0

More articles: