I'm trying to use Socket.IO's authorization function to get session data. The problem is that even if I log out and destroy my session, Socket.IO still has the old session information, which is clearly not ideal. Any ideas what I'm doing wrong in the code below?
io.set('authorization', function (data, accept) {
if(data.headers.cookie) {
data.cookie = parseCookie(data.headers.cookie);
data.sessionID = data.cookie['express.sid'];
app.set('mongo-store').get(data.sessionID, function (err, session) {
console.log(err, session);
if (err || !session) {
// if we cannot grab a session, turn down the connection
accept('Error', false);
} else {
// save the session data and accept the connection
data.session = session;
accept(null, true);
}
});
} else {
return accept('No cookie transmitted.', false);
}
accept(null, true);
});
And here is the connection code:
io.sockets.on('connection', function(socket) {
var hs = socket.handshake;
console.log('A socket with sessionID ' + hs.sessionID
+ ' connected!');
// setup an inteval that will keep our session fresh
var intervalID = setInterval(function () {
// reload the session (just in case something changed,
// we don't want to override anything, but the age)
// reloading will also ensure we keep an up2date copy
// of the session with our connection.
hs.session.reload( function () {
// "touch" it (resetting maxAge and lastAccess)
// and save it back again.
hs.session.touch().save();
});
}, 60 * 1000);
socket.on('disconnect', function () {
console.log('A socket with sessionID ' + hs.sessionID
+ ' disconnected!');
// clear the socket interval to stop refreshing the session
clearInterval(intervalID);
});
});
Problem: the socket is not able to connectYou are trying to reach a plain WebSocket server. The server is not reachable. The client is not compatible with the version of the server. The server does not send the necessary CORS headers.
listen(port); // Create a Socket.IO instance, passing it our server var socket = io. listen(server); // Add a connect listener socket. on('connection', function(client){ console. log('Connection to client established'); // Success!
js - Using socket.io is broadcasting the same efficiency as sending a message to every client - Stack Overflow.
From http://www.danielbaulig.de/socket-ioexpress/
sio.sockets.on('connection', function (socket) {
var hs = socket.handshake;
console.log('A socket with sessionID ' + hs.sessionID
+ ' connected!');
// setup an inteval that will keep our session fresh
var intervalID = setInterval(function () {
// reload the session (just in case something changed,
// we don't want to override anything, but the age)
// reloading will also ensure we keep an up2date copy
// of the session with our connection.
hs.session.reload( function () {
// "touch" it (resetting maxAge and lastAccess)
// and save it back again.
hs.session.touch().save();
});
}, 60 * 1000);
socket.on('disconnect', function () {
console.log('A socket with sessionID ' + hs.sessionID
+ ' disconnected!');
// clear the socket interval to stop refreshing the session
clearInterval(intervalID);
});
});
Edit: auth code
io.set('authorization', function (handshakeData, callback) {
var cookie;
// console.log(handshakeData.headers);
if (handshakeData.headers && handshakeData.headers.cookie) {
cookie = parseCookie(handshakeData.headers.cookie);
// where SessionStore is an instance of your mongo store
SessionStore.load(cookie['sioapp.sid'], function (err, session) {
if (err) {
// if we cannot grab a session, turn down the connection
console.log(err);
} else {
// console.log('Successfully decoded the session: ', session);
handshakeData.session = session;
}
});
}
callback(null, true); // error first callback style
});
Once every 60 seconds, the session is touched (thus refreshed). When the user disconnects, the session is destroyed.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With