Scoket.IO v1.0.x基于令牌的身份验证 - 无法传递令牌?

时间:2014-05-29 00:00:11

标签: javascript node.js express websocket socket.io

我正在使用this tutorial来获取基于令牌的身份验证系统的基础知识。以下是我使用的代码:

在app.html中:

var socket = io('', {
  // originally I thought the $.param might've been a problem, so I hard coded a token instead
  // query: $.param({token: 'i271az2Z0PMjhd6w0rX019g0iS7c2q4R'})
  query: "token=i271az2Z0PMjhd6w0rX019g0iS7c2q4R"
});

在index.js中:

var app = require('express')();
var http = require('http').Server(app);
var io = require('socket.io')(http);

var tokens = [
  'i271az2Z0PMjhd6w0rX019g0iS7c2q4R',
  'oWD4sh1eU2Yhn95C05t2YKrKMVWoAFAk'
];

io.set('authorization', function(handshakeData, callback) {

    console.log(handshakeData.query);

    // Some basic validation to make sure a token was passed
    if ( handshakeData.query.token === undefined || handshakeData.query.token.length === 0 ) {
        console.log('No token')
        return false;
    }

    // Loop through the valid tokens, to validate the token passed
    var validated = false;
    for ( var key in tokens ) {
        if ( key == handshakeData.query.token ) {
            validated = true;
            break;
        }
    }

    // If valid, continue to callback the next function
    if ( validated ) {
        console.log('Good token');
        return callback(null, true);
    } else {
        console.log('Bad token');
        return false;
    }
});

io.on('connection', function(socket){
    console.log('connection ' + socket.id);
});

但是,当我导航到我的服务器时,我收到了控制台错误:

if ( handshakeData.query.token === undefined || handshakeData.query.token.
                            ^
TypeError: Cannot read property 'token' of undefined
....

console.log(handshakeData.query);返回undefined

关于我失踪的想法?

2 个答案:

答案 0 :(得分:2)

适用于v1.0.x

经过一些修补和浏览socket.io文档的纠结网络后,我提出了以下解决方案:

app.html:

// in version 1.0 the first param is the options object
var socket = io({
    query: $.param({token: 'i271az2Z0PMjhd6w0rX019g0iS7c2q4R'})
});

Index.js:

// io.use instead of io.set
io.use(function(socket, next) {
    var handshakeData = socket.request;

    // "query" lives in _query
    var query = handshakeData._query

    if ( query.token === undefined || query.token.length === 0 ) {
        console.log('No token')
        return false;
    }

    // the for loop was returning the array key and was
    // comparing that to the token val, so I fixed that
    var validated = false;
    for ( var key in tokens ) {
        console.log(tokens[key]);
        if ( tokens[key] == query.token ) {
            validated = true;
            break;
        }
    }

    // This now returns next() if true and nothing if false
    if (validated) {
        next();
    }
});

答案 1 :(得分:0)

我假设您正在使用新的socket.io v 1.0,这不是本教程的目的。

我遵循相同的教程,我的代码与您的代码相同,并且没有错误地运行。

您可以将整个握手数据打印到控制台,它应该如下所示:

    { headers: 
   { host: '_yourip/_yourPort',
     connection: 'keep-alive',
     'cache-control': 'max-age=0',
     origin: 'http://localhost:8080',
     accept: '*/*',
     referer: 'http://localhost:8080/',
     'accept-encoding': 'gzip,deflate,sdch',
     'accept-language': 'en-US,en;q=0.8' },
  address: { address: '_ipAdress', port: _yourPort },
  time: 'Thu May 29 2014 16:13:51 GMT-0600 (MDT)',
  query: { token: 'i271az2Z0PMjhd6w0rX019g0iS7c2q4R', t: '1401401631469' },
  url: '/socket.io/1/?token= i271az2Z0PMjhd6w0rX019g0iS7c2q4R&t=1401401631469',
  xdomain: true,
  secure: undefined,
  issued: 1401401631471 }

如果未设置查询,它将显示为查询:{}(在上一个socket.io中)

编辑:看来你已经弄明白了。如果您希望按照为其编写的版本中的教程进行操作,可以添加

socket.io : 0.9.*

指向package.json中的依赖项,但socket.io的网站已针对新版本进行了大修。

相关问题
最新问题