socket.io连接角色认证 [英] socket.io connect role authentication

问题描述

我当时正在考虑在socket.io连接之上实现角色/身份验证模型.关于这一点有很多事情，特别是对于令牌认证.但是，我在下面附加的内容呢?这种方法有什么问题?

I was thinking to implement a role/auth model on top of socket.io connections. There is a lot out there about this, especially for token authentication. But what about what I am attaching below? What would be wrong with this approach?

下面的代码的想法是仅允许特定角色访问socket.io连接.

The idea with the code below is to give access to socket.io connections only to specific roles.

var role = true;

module.exports = function (io) {

  if (role == true){
    'use strict';
    io.on('connection', function (socket) {
      socket.on('chat message', function(msg){
      io.emit('chat message', msg);
    });
   });
  };
};

推荐答案

您可以使用 Passport.socketio 验证您的套接字连接.它与Express一起使用时效果很好.这是一个示例应用程序:

You can use Passport.socketio to authentify your socket connections. It works really well with express. Here is a sample app :

var express = require('express');
var passport = require('passport');
var passportSocketIo = require("passport.socketio");
var cookieParser = require('cookie-parser');
var session      = require('express-session');
var app = express();
var RedisStore = require('connect-redis')(session);
var sessionStore = new RedisStore({
  host: 'localhost',
  port: 6379,
  db: 2,
});

app.use(session({
  store: sessionStore,
  secret: 'YOUR_SECRET_HERE'
}));

app.use(passport.initialize());
app.use(passport.session());


var io = require('socket.io').listen(http.createServer(app).listen(app.get('port'), function(){
    console.log('Express server listening on port ' + app.get('port'));
}));

io.use(passportSocketIo.authorize({
  cookieParser: cookieParser,
  secret:      'YOUR_SECRET_HERE',
  store:       sessionStore,
}));

在这种情况下，您必须将角色添加到您的通行证用户.然后可以在 socket.request.user

In your case, you'd have to add the roles to your passport users. The user info can then be accessed in socket.request.user

io.sockets.on('connection', function(socket) {
  var user = socket.request.user;
  if (user.role == true){
    //do something
  }
});

请注意，您必须使用sessionStore，本地存储不适用于通行证.有关各种可能性，请参阅上面的Git页面.

Please note that you have to use a sessionStore, local storage doesn't work with passport. Refer to the Git page above for different possibilities.

这篇关于socket.io连接角色认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！