adcentury / socketio-jwt-auth Goto Github PK

I'm using Angulra 2 as client and Nodejs as backend.

The issue is that error event is firing on the client side but the success event is not firing.

I Can't connect to server from an electron app this error kept on popping up
Can't connect to server from an electron app
socketio-jwt-auth is preventing my electron socket.io-client to connect.

is has the exact config with the web config which works perfectly

I Install the module from the npm and it's seems like the 0.0.5 version, but the succeedWithoutToken parameter is not working.
I look in to the code, ands it's look like something old. There is no handling of the succeedWithoutToken parameter.

It's a terrible idea to have JWT sent via query params. Urls can be logged, cached and tracked.

I can create a PR for this if it's desirable.

Hi,

The decode function of jwt-simple need the noVerify parameter before the algorithm paramater.

So now the signature validation is not working.

Have Problem, its good for you to make a simple test on a place like stackblitz.
because i try anyway and this package not work !

// Server Side
const express = require('express');
const server = express();
const app = require('http').createServer(server);
const io = require('socket.io')(app);
var jwtAuth = require('socketio-jwt-auth');

io.use(jwtAuth.authenticate({
  secret: 'your_secret',
  algorithm: 'HS256',
  succeedWithoutToken: true
}, function(payload, done){
// This part is never work
  console.log('work')
}
));

io.on('connection', function(socket) {
  socket.emit('success', {
    message: 'success logged in!',
    user: socket.request.user
  });
});

//Client Side

const socket = io('ws://127.0.0.1:3002', { query: `auth_token=x`});
`
  socket.on('error', function(err) {
    console.log(err)
  });

  socket.on('success', function(data) {
    console.log(data);
  })

Response

My case is the following

When a user connects as a guest, before supplying login credentials. He gets connected thats nice!

On the client side when I successfully login to the application. The returned JWT is being saved in localStorage. But the socket doesn't know anything about that.

In order to fix this I need to refresh the page to use the token from localStorage from my login to send to the socket server.

I hacked the code a little in my authentication function... to let the socket know that the user is connected

socket.request.user = {...person, logged_in: true };

Do you have a better method or a real world example for this?

Thanks.

In my token, I set the expiration to be 60 minutes. However, the authenticate() method continues to treat the token as valid after expiration. Is there something I am doing wrong, or does this library not support token expiration?

@adcentury In light of Auth0 stopping support for their socketio-jwt (https://github.com/auth0-community/socketio-jwt/issues/131) library, what were your plans for this project going forward?

Specifically...

• Badges
  • CI
  • Code coverage / Code Climate
• Dependency updates
  • socket.io v2

is it possible to use multiple authentications for multiple namespaces?