node.js - Authentication with Node/Express/Socket.IO -

node.js - Authentication with Node/Express/Socket.IO -

i have node/socket.io/express server that's connected html file (like so). visiting web address connects server. trying set scheme by, said server beingness run on multiple computers @ time , way of sort of username , password authentication, visiting webpage specific credentials connects 1 of computers same credentials running server.

ive seen mention of "redis" previous similar questions pretty old , im wondering if there newer or improve way of achieving this.

you won't find lot of up-to-date documentation since express 4 kind of new, allow me seek remedy here :

authentication in express 4.x , socket.io 1.x

let's start confusion think you're making:

what redis?

redis info construction engine. allows store key/values pairs, nil more (in context). thing can when building authentication scheme storing data, user info, session ids, etc. in case, can share store between multiple machines, same way you'd share database, or text file.

redis

authenticate user node/express server

one of ways can using passport. passport middleware dedicated authentication on node.js. made utilize express , relatively easy setup. there excellent tutorial series on how setup passport express application, won't detail part, please take time go through series, it's invaluable knowledge.

here's link first part, 1 i'll focus on next step.

add socket.io mix

socket.io doesn't have access session cookies create in part 1. remedy that, utilize passport-socketio module.

passport-socketio requires local session store, opposed memory store. means need way store session info somewhere, ring bell?

exactly, redis.

you can seek other stores, mongodb or mysql, redis fastest.

in example, i'll assume express app , passport operational , focus on adding socket.io app.

setup :

var session = require('express-session'); //you should have line in app var passportsocketio = require("passport.socketio"); var io = require("socket.io")(server); var redisstore = require('connect-redis')(session); var sessionstore = new redisstore({ // create session store host: 'localhost', port: 6379, }); app.use(session({ store: sessionstore, //tell express store session info in redis store secret: 'mysecret' })); io.use(passportsocketio.authorize({ //configure socket.io cookieparser: cookieparser, secret: 'mysecret', // create sure it's same 1 gave express store: sessionstore, success: onauthorizesuccess, // *optional* callback on success fail: onauthorizefail, // *optional* callback on fail/error }));

connect-redis session store bundle uses redis (in case name isn't obvious).

final step : function onauthorizesuccess(data, accept){ console.log('successful connection socket.io'); accept(); //let user through } function onauthorizefail(data, message, error, accept){ if(error) accept(new error(message)); console.log('failed connection socket.io:', message); accept(null, false); } io.sockets.on('connection', function(socket) { console.log(socket.request.user); });

the user object found in socket.request contain user info logged in user, can pass around, or whatever need point.

note : setup different socket.io < 1.x

node.js authentication express socket.io credentials