认证socket io连接 [英] Authenticating socket io connections
问题描述
<$ ('message',function(message){
io.emit('message ',message);
});
});
var token = sessionStorage.token;
var socket = io.connect('http:// localhost:3000',{
query:'token ='+ token
});
如果标记是用python创建的:
token = jwt.encode(payload,SECRET_KEY,algorithm ='HS256')
如何使用此标记来验证节点中的套接字连接?
如果令牌是在另一台服务器上创建的。如果你有正确的密钥和算法,你仍然可以验证它。
使用 jsonwebtoken 模块
客户
var token = sessionStorage.token;
var socket = io.connect('http:// localhost:3000',{
query:{token:token}
});
服务器
var io = require('socket.io')();
var jwt = require('jsonwebtoken');
$ b $ io.use(function(socket,next){
if(socket.handshake.query&& socket.handshake.query.token){
jwt.verify (错误('认证错误'));
socket.decoded =已解码(已解密) ;
next();
));
}
next(new Error('Authentication error'));
})
.on (连接),函数(套接字){
//连接现在通过认证来接收更多的事件
socket.on('message',function(message){
io.emit ('message',message);
});
});
使用
$ b 客户
var token = sessionStorage.token;
var socket = io.connect('http:// localhost:3000');
socket.on('connect',function(socket){
socket
.on('authenticated',function(){
//做其他事情
})
.emit('authenticate',{token:token}); //发送jwt
});
服务器
var io = require('socket.io')();
var socketioJwt = require('socketio-jwt');
$ b $ io.sockets
.on('connection',socketioJwt.authorize({
secret:'SECRET_KEY',
timeout:15000 // 15 seconds to send认证消息
)))。on('authenticated',function(socket){
//这个套接字被认证,我们很好的处理更多的事件
console.log ('hello!'+ socket.decoded_token.name);
});
How can I authenticate a socket.io connection? My application uses a login endpoint from another server (python) to get a token, how can I get use that token whenever a user opens a socket connection on the node side?
io.on('connection', function(socket) {
socket.on('message', function(message) {
io.emit('message', message);
});
});
And the client side:
var token = sessionStorage.token;
var socket = io.connect('http://localhost:3000', {
query: 'token=' + token
});
If the token is created in python:
token = jwt.encode(payload, SECRET_KEY, algorithm='HS256')
How can I use this token to authenticate a socket connection in node?
解决方案 It doesn't matter if the token was created on another server. You can still verify it if you have the right secret key and algorithm.
Implementation with jsonwebtoken module
client
var token = sessionStorage.token;
var socket = io.connect('http://localhost:3000', {
query: {token: token}
});
Server
var io = require('socket.io')();
var jwt = require('jsonwebtoken');
io.use(function(socket, next){
if (socket.handshake.query && socket.handshake.query.token){
jwt.verify(socket.handshake.query.token, 'SECRET_KEY', function(err, decoded) {
if(err) return next(new Error('Authentication error'));
socket.decoded = decoded;
next();
});
}
next(new Error('Authentication error'));
})
.on('connection', function(socket) {
// Connection now authenticated to receive further events
socket.on('message', function(message) {
io.emit('message', message);
});
});
Implementation with socketio-jwt module
This module makes the authentication much easier in both client and server side. Just check out their examples.
client
var token = sessionStorage.token;
var socket = io.connect('http://localhost:3000');
socket.on('connect', function (socket) {
socket
.on('authenticated', function () {
//do other things
})
.emit('authenticate', {token: token}); //send the jwt
});
Server
var io = require('socket.io')();
var socketioJwt = require('socketio-jwt');
io.sockets
.on('connection', socketioJwt.authorize({
secret: 'SECRET_KEY',
timeout: 15000 // 15 seconds to send the authentication message
})).on('authenticated', function(socket) {
//this socket is authenticated, we are good to handle more events from it.
console.log('hello! ' + socket.decoded_token.name);
});
这篇关于认证socket io连接的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
var token = sessionStorage.token;
var socket = io.connect('http:// localhost:3000');
socket.on('connect',function(socket){
socket
.on('authenticated',function(){
//做其他事情
})
.emit('authenticate',{token:token}); //发送jwt
});
var io = require('socket.io')();
var socketioJwt = require('socketio-jwt');
$ b $ io.sockets
.on('connection',socketioJwt.authorize({
secret:'SECRET_KEY',
timeout:15000 // 15 seconds to send认证消息
)))。on('authenticated',function(socket){
//这个套接字被认证,我们很好的处理更多的事件
console.log ('hello!'+ socket.decoded_token.name);
});
io.on('connection', function(socket) {
socket.on('message', function(message) {
io.emit('message', message);
});
});
var token = sessionStorage.token;
var socket = io.connect('http://localhost:3000', {
query: 'token=' + token
});
token = jwt.encode(payload, SECRET_KEY, algorithm='HS256')
jsonwebtoken modulevar token = sessionStorage.token;
var socket = io.connect('http://localhost:3000', {
query: {token: token}
});
var io = require('socket.io')();
var jwt = require('jsonwebtoken');
io.use(function(socket, next){
if (socket.handshake.query && socket.handshake.query.token){
jwt.verify(socket.handshake.query.token, 'SECRET_KEY', function(err, decoded) {
if(err) return next(new Error('Authentication error'));
socket.decoded = decoded;
next();
});
}
next(new Error('Authentication error'));
})
.on('connection', function(socket) {
// Connection now authenticated to receive further events
socket.on('message', function(message) {
io.emit('message', message);
});
});
socketio-jwt modulevar token = sessionStorage.token;
var socket = io.connect('http://localhost:3000');
socket.on('connect', function (socket) {
socket
.on('authenticated', function () {
//do other things
})
.emit('authenticate', {token: token}); //send the jwt
});
var io = require('socket.io')();
var socketioJwt = require('socketio-jwt');
io.sockets
.on('connection', socketioJwt.authorize({
secret: 'SECRET_KEY',
timeout: 15000 // 15 seconds to send the authentication message
})).on('authenticated', function(socket) {
//this socket is authenticated, we are good to handle more events from it.
console.log('hello! ' + socket.decoded_token.name);
});
