session.socket.io doesn't work

[chechenev]

I using express 4 + passport with sessions.

I want to make private messages between users with socket.io

Before sending a message from the first user to a second user - I want to verify that the message is really from the first user. To exclude id spoofing in javascript files.

I try to using session.socket.io but it does not work and I can not understand why.

"console.log('connect!');" doesn't work. It seems that the function "sessionSockets.on('connection')"is not executed

Code:

require('./db');

var flash = require('connect-flash');
var mongoose = require('mongoose');
require('./config/passport');

var express = require('express');
var http = require('http');
var path = require('path');
var favicon = require('serve-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
var passport = require('passport');

var routes = require('./routes');
var users = require('./routes/user');

var session = require('express-session');
var MongoStore = require('connect-mongo')(session);

var sessionStore = new MongoStore({db:mongoose.connection.db});

var app = express();

app.use(cookieParser('keyboard cat'));
app.use(favicon(__dirname + '/public/favicon.ico'));
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded());
app.use(express.static(path.join(__dirname, 'public')));

app.use(session({
secret: 'keyboard cat',
cookie: {httpOnly: true, secure: true, maxAge: new Date(Date.now() + 3600000)},
store: sessionStore
}));
app.use(flash());

app.use(passport.initialize());
app.use(passport.session());
app.set('port', process.env.PORT || 3000);

var server = app.listen(app.get('port'), function() {
// debug('Express server listening on port ' + server.address().port);
});

var io = require('socket.io').listen(server);
var SessionSockets = require('session.socket.io-express4');
var sessionSockets = new SessionSockets(io, sessionStore, cookieParser);

sessionSockets.on('connection', function (err, socket, session) {
console.log('connect!');

socket.on('sendMessageToUser', function(data){
console.log(data);
console.log('User is ' + req);
});
//now you can read session.foo from your express routes or connect middlewares
});

[GeneralZero]

I have the same problem. I am able to sent messages from the client but it is never received by the server.
connection is never called even though I get info - handshake authorized cBaOEKhzCtlntCPxOvNv
in the logs

Client

var socket = io.connect( window.location.protocol + '//' + window.location.host , {secure: true});
socket.on('session', function (session){
    console.log(session);
})

Server

sessionSockets.on('connection', function (err, socket, session) {
    socket.emit('session', session);
});

[GeneralZero]

I haven't tried it yet but
https://github.com/eiriklv/session.socket.io seems to have a fix for 4.0

You can add it to package.json by

"session.socket.io": "http://github.com/eiriklv/session.socket.io/tarball/master"

[chechenev]

Yes, I use this https://github.com/eiriklv/session.socket.io s
The problem was the following:

"var sessionSockets = new SessionSockets(io, sessionStore, cookieParser);"

in "cookieParser" it is necessary to put the brackets like this:

"var sessionSockets = new SessionSockets(io, sessionStore, cookieParser());"

And it worked.

[eiriklv]

@GeneralZero it is also published as session.socket.io-express4 on npm

[oleksii-novikov]

unfortunately it doesn't work for me. I use socket.io v1.0.6 and sessionSockets.on('connection', ...) does not fired

[eiriklv]

@hunterok727 session.socket.io only works for socket.io@0.9.x. For socket.io@1.x look at socket.io-handshake. It's also on npm :)

[oleksii-novikov]

thanks! I've tried to use express v4 and socket.io v1.0.6. with socket.io-handshake, but io.on('connection', function(socket)) doesn't work

[eiriklv]

@hunterok727 could you provide an example?

[oleksii-novikov]

I know, it might listen strange, but now it works :) and I don't change any line of code.
There is my code:

var express = require('express');
var path = require('path');
var favicon = require('static-favicon');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');

var routes = require('./routes/index');
var users = require('./routes/users');
var session = require('express-session');
var RedisStore = require('connect-redis')(session);
var socketHandshake = require('socket.io-handshake');
var sessionStore = new RedisStore({});
var app = express();

// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');

app.use(favicon());
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded());
app.use(cookieParser());
app.use(require('less-middleware')(path.join(__dirname, 'public')));
app.use(express.static(path.join(__dirname, 'public')));

app.use(session({store: sessionStore, key:'sid', secret: 'verysecretkey'}));

app.use('/', routes);
app.use('/users', users);

/// catch 404 and forward to error handler
app.use(function(req, res, next) {
    var err = new Error('Not Found');
    err.status = 404;
    next(err);
});

/// error handlers

// development error handler
// will print stacktrace
if (app.get('env') === 'development') {
    app.use(function(err, req, res, next) {
        res.status(err.status || 500);
        res.render('error', {
            message: err.message,
            error: err
        });
    });
}

// production error handler
// no stacktraces leaked to user
app.use(function(err, req, res, next) {
    res.status(err.status || 500);
    res.render('error', {
        message: err.message,
        error: {}
    });
});

var server = app.listen(3001, function() {
    console.log('Listening on port %d', server.address().port);
});
var io = require('socket.io').listen(server);
io.use(socketHandshake({store: sessionStore, key:'sid', secret:'verysecretkey', parser:cookieParser()}));

io.on('connection', function (socket) {
    console.log('connected');
});

module.exports = app;

[eiriklv]

@hunterok727 then all is good in the hood :)

[s49836]

I changed my code to @hunterok727 's in the hope that it works just as well, but unfortunately io.on('connection', function(socket)) doesn't still work. I use express: ~4.4.1 and socket.io 1.0.6

[GeReV]

I managed to work around similar issues I had with Express 4 and express-session package.
My code was something along these lines:

var app = express();
var io = require('socket.io');

var session = require('express-session')({
  name: 'cookiename',
  secret: 'secret',
  resave: false,
  saveUninitialized: true
});

app.use(session);

var server = http.Server(app);

var socket = io(server);

socket.on('connection', function (client) {
  session(client.handshake, {}, function() {
    // The above call embedded sessionID and session.into client.handshake. Its callback doesn't pass anything.
    client.handshake.session.test = 'test';
    client.handshake.session.save();
  });
});

Hope this helps anyone.

[sovanna]

as @chechenev said, I put the brackets to cookieParser and it works :)

[wcamarao]

Thanks @eiriklv for supporting express 4 in the meantime.

I've added support for express 4 just now. It's also published on npm.

[eiriklv]

Great stuff @wcamarao! No problem :-)