Socket io authroziation #48

Closed
dombesz opened this Issue Apr 5, 2013 · 14 comments

Projects

None yet

8 participants

@dombesz
dombesz commented Apr 5, 2013

Hi all,

Is there a way to perform authentication of the clients? Here is an example of socketionode server http://howtonode.org/socket-io-auth

Thanks

@mrniko mrniko was assigned May 4, 2013
Owner
mrniko commented May 4, 2013

I plan to implement this feature.

pablojr commented May 6, 2013

Is there any way I can help/collaborate with the implementation of this feature? I would like to learn and understand socket.io authorization so it would be great to help if I can

Owner
mrniko commented May 6, 2013

"pull requests" are always welcome! Like it was done in #29 by JulianH. Or you may suggest any ideas about implementation of this feature.

Owner
mrniko commented May 30, 2013

session authentication implemented by Express HTTP server which used by Socket.IO. So this functionality is not a part of Socket.IO specification - https://github.com/LearnBoost/socket.io-spec

pablojr commented May 30, 2013

Sorry Nikita, but from the explanation in first post, there's a link to Socket.IO's page describing Authorization (see https://github.com/LearnBoost/socket.io/wiki/Authorizing). It seems to me that all references there to actions/responsibilities of Socket.IO server should be translated into actions/responsibilities this server needs to provide/implement. I'm using this library as the socket.io server, along with a custom HTTP server based on Netty as well, so I'm not going to use Express ever in such scenario

Am I missing something?

@dombesz dombesz closed this May 30, 2013
@dombesz dombesz reopened this May 30, 2013

Already been implemented authentication / authorization?

How to handle handshake on session?

Owner
mrniko commented Jul 31, 2013

What do you mean "handshake on session"? handshake performs automatically during connection

AuthorizeHandler can export some interface for session authorizing? cosider this case: front end also have cookie(global web site),he sends cookie info.to socketio server ,it according to some business logic to deciding whether produce session id.

finish this feature?

mrniko, how can we get this feaure or maybe how can we deal with session control with user cookies?

Owner
mrniko commented Dec 24, 2013

Stay tuned guys! i almost finished this feature

@mrniko mrniko pushed a commit that referenced this issue Dec 25, 2013
Nikita authroziation listener. Issue #48 e4eda5e
Owner
mrniko commented Dec 25, 2013

Done! You could test it with version from master.

@mrniko mrniko closed this Dec 25, 2013

@vongosling i face the same issue, need get the cookies passed from web. and then authorizing,
Could you show some code ? and in the web how to pass the cookies into the handshakeData?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment