gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
bb7a50e3417e13e1eec3efb9a69176e49de8b164
freeCodeCamp/curriculum/challenges/english/06-information-security-and-quality-assurance/advanced-node-and-express/authentication-with-socket.io.english.md
Relsig bb7a50e341 Enable newlines in Authentication with Socket.IO, test 3 (#37862) 
* newlines in Authentication with Socket.IO, test 3

Both my original formatting and glitch's "format this file" button add a newline between "io.use("  and  "passport.authorize"
".+" catches one or more of anything that isn't a newline.
"[^]+" catches one or more of anything including newlines. 
This change updates the test accordingly so people who use glitch's formatting don't get left searching for assistance

* less permissive match to prevent shenanigans

Won't work with comments still.

* fix my own silliness
2020-03-26 08:09:34 -05:00

3.5 KiB
Raw Blame History

id, title, challengeType, forumTopicId
id title challengeType forumTopicId
589fc831f9fc0f352b528e77 Authentication with Socket.IO 2 301548

Description

As a reminder, this project is being built upon the following starter project on Glitch, or cloned from GitHub. Currently, you cannot determine who is connected to your web socket. While 'req.user' contains the user object, that's only when your user interacts with the web server and with web sockets you have no req (request) and therefore no user data. One way to solve the problem of knowing who is connected to your web socket is by parsing and decoding the cookie that contains the passport session then deserializing it to obtain the user object. Luckily, there is a package on NPM just for this that turns a once complex task into something simple!
Add 'passport.socketio' as a dependency and require it as 'passportSocketIo'. Now we just have to tell Socket.IO to use it and set the options. Be sure this is added before the existing socket code and not in the existing connection listener. For your server it should look as follows: 
io.use(passportSocketIo.authorize({
  cookieParser: cookieParser,
  key:          'express.sid',
  secret:       process.env.SESSION_SECRET,
  store:        sessionStore
}));

You can also optionally pass 'success' and 'fail' with a function that will be called after the authentication process completes when a client tries to connect. The user object is now accessible on your socket object as socket.request.user. For example, now you can add the following: console.log('user ' + socket.request.user.name + ' connected'); and it will log to the server console who has connected! Submit your page when you think you've got it right. If you're running into errors, you can check out the project up to this point here.

Instructions

Tests

tests:
  - text: passportSocketIo should be a dependency.
    testString: getUserInput => $.get(getUserInput('url')+ '/_api/package.json') .then(data => { var packJson = JSON.parse(data); assert.property(packJson.dependencies, 'passport.socketio', 'Your project should list "passport.socketio" as a dependency'); }, xhr => { throw new Error(xhr.statusText); })
  - text: passportSocketIo should be properly required.
    testString: getUserInput => $.get(getUserInput('url')+ '/_api/server.js').then(data => { assert.match(data, /require\((['"])passport\.socketio\1\)/gi, 'You should correctly require and instantiate "passport.socketio"');}, xhr => { throw new Error(xhr.statusText); })
  - text: passportSocketIo should be properly setup.
    testString: getUserInput => $.get(getUserInput('url')+ '/_api/server.js') .then(data => { assert.match(data, /io\.use\(\s*\w+\.authorize\(/, 'You should register "passport.socketio" as socket.io middleware and provide it correct options'); }, xhr => { throw new Error(xhr.statusText); })

Challenge Seed

Solution

/**
  Backend challenges don't need solutions, 
  because they would need to be tested against a full working project. 
  Please check our contributing guidelines to learn more.
*/