我有通行证 HTTP身份验证:
var express = require('express.io');
var passport = require('passport');
var expressSession = require('express-session');
var app = express().http().io();
app.use(express.cookieParser());
app.use(expressSession({ secret: 'someSecretWord' }));
app.use(passport.initialize());
app.use(passport.session());
router.post("/login", passport.authenticate("local", {
successRedirect: "/index"
}));
//It works fine like this:
router.get("/index", authMiddleware.isAuthenticatedUser, function (req, res) {
res.render("index");
});
//But doesn't affect WebSocket, so this won't work:
app.io.route('getMessage', authMiddleware.isAuthenticatedUser, function (req) {
controller.getMessage(req).then(function (message) {
req.io.respond(message);
});
});
在HTTP和WebSocket请求之间共享身份验证的最佳方法是什么?