Socket.IO Authentication

by

Use connect-redis and have redis as your session store for all authenticated users. Make sure on authentication you send the key (normally req.sessionID) to the client. Have the client store this key in a cookie.

On socket connect (or anytime later) fetch this key from the cookie and send it back to the server. Fetch the session information in redis using this key. (GET key)

Eg:

Server side (with redis as session store):

req.session.regenerate...
res.send({rediskey: req.sessionID});

Client side:

//store the key in a cookie
SetCookie('rediskey', <%= rediskey %>); //http://msdn.microsoft.com/en-us/library/ms533693(v=vs.85).aspx

//then when socket is connected, fetch the rediskey from the document.cookie and send it back to server
var socket = new io.Socket();

socket.on('connect', function() {
  var rediskey = GetCookie('rediskey'); //http://msdn.microsoft.com/en-us/library/ms533693(v=vs.85).aspx
  socket.send({rediskey: rediskey});
});

Server side:

//in io.on('connection')
io.on('connection', function(client) {
  client.on('message', function(message) {

    if(message.rediskey) {
      //fetch session info from redis
      redisclient.get(message.rediskey, function(e, c) {
        client.user_logged_in = c.username;
      });
    }

  });
});

More Related Contents:

  1. How to share sessions with Socket.IO 1.x and Express 4.x?
  2. Understanding passport serialize deserialize
  3. Using socket.io in Express 4 and express-generator’s /bin/www
  4. socket.io and session?
  5. How do I remove documents using Node.js Mongoose?
  6. user authentication libraries for node.js?
  7. socket.io.js not found
  8. how to implement login auth in node.js
  9. Redirecting to previous page after authentication in node.js using passport.js
  10. Using PassportJS, how does one pass additional form fields to the local authentication strategy?
  11. socket.io and express 4 sessions
  12. How to setup an authentication middleware in Express.js
  13. How to resolve a Socket.io 404 (Not Found) error?
  14. How to use socket.io in express routes?
  15. How to access POST form fields in Express
  16. Express.js req.body undefined
  17. Set cookies for cross origin requests
  18. What’s the difference between OpenID and OAuth?
  19. Cannot enqueue Handshake after invoking quit
  20. TypeScript import/as vs import/require? [duplicate]
  21. Running multiple Node (Express) apps on same port
  22. socket.emit() vs. socket.send()
  23. Can I determine if a string is a MongoDB ObjectID?
  24. REST API Token-based Authentication
  25. What are “signed” cookies in connect/expressjs?
  26. Node.js, can’t open files. Error: ENOENT, stat ‘./path/to/file’
  27. Why POST redirects to GET and PUT redirects to PUT?
  28. Node.js: how to limit the HTTP request size and upload file size?
  29. Manage multiple tabs (but same user) in socket.io
  30. socket.io private message

Leave a Comment