So I have an application running node js with socket.io as a backend and normal javascript as frontend. My application has a login system which currently simply has the client send its login data as soon as it's connected.
Now I figured it would be much nicer to have the login data sent along with the handshakeData, so I can directly have the user logged in while connecting (instead of after establishing a connection) respectively refuse authorization when the login data is invalid.
I'm thinking it would be best to put my additional data in the header part of the handshakeData, so any ideas how I could do that? (Without having to modify socket.io if possible, but if it's the only way I can live with it)
Both server and client node processes use 95-100% of a CPU core each. So pure throughput looks ok. I can emit 100 messages per second to 100 local clients at 55% CPU usage on the server process.
The bidirectional channel between the Socket.IO server (Node. js) and the Socket.IO client (browser, Node. js, or another programming language) is established with a WebSocket connection whenever possible, and will use HTTP long-polling as fallback.
No, it's not multithreaded.
JS, Socket.IO enables asynchronous, two-way communication between the server and the client. This means that the server can send messages to the client without the client having to ask first, as is the case with AJAX.
As a lot of comments have pointed out below the Socket.IO API changed in their 1.0
release. Authentication should now be done via a middleware function, see 'Authentication differences' @ http://socket.io/docs/migrating-from-0-9/#authentication-differences. I'll include my orginal answer for anyone stuck on <1.0 as the old docs seem to be gone.
Client Side:
//The query member of the options object is passed to the server on connection and parsed as a CGI style Querystring. var socket = io("http://127.0.0.1:3000/", { query: "foo=bar" });
Server Side:
io.use(function(socket, next){ console.log("Query: ", socket.handshake.query); // return the result of next() to accept the connection. if (socket.handshake.query.foo == "bar") { return next(); } // call next() with an Error if you need to reject the connection. next(new Error('Authentication error')); });
You can pass a query: param in the second argument to connect() on the client side which will be available on the server in the authorization method.
I've just been testing it. On the client I have:
var c = io.connect('http://127.0.0.1:3000/', { query: "foo=bar" });
On the server:
io.set('authorization', function (handshakeData, cb) { console.log('Auth: ', handshakeData.query); cb(null, true); });
The output on the server then looked like:
:!node node_app/main.js info - socket.io started Auth: { foo: 'bar', t: '1355859917678' }
You can pass an authentication payload using the auth param as the second argument to connect() in the client side.
Client Side:
io.connect("http://127.0.0.1:3000/", { auth: { token: "AuthToken", }, }),
In server side you can access it using socket.handshake.auth.token
Server Side:
io.use(function(socket, next){ console.log(socket.handshake.auth.token) next() });
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With