To add authentication with Socket.IO and JavaScript, we call send
to get the key from client side and receive it on server side.
For instance, we write
const jwt = require("jsonwebtoken");
//...
app.post("/login", (req, res) => {
const profile = {
first_name: "John",
last_name: "Doe",
email: "john@doe.com",
id: 123,
};
const token = jwt.sign(profile, jwtSecret, { expiresInMinutes: 60 * 5 });
res.json({ token });
});
to add the /login endpoint.
Then we call jwt.sign
to return am auth token with the profile data.
Then we write
const socketioJwt = require("socketio-jwt");
const sio = socketIo.listen(server);
sio.set(
"authorization",
socketioJwt.authorize({
secret: jwtSecret,
handshake: true,
})
);
sio.sockets.on("connection", (socket) => {
console.log(socket.handshake.decoded_token.email, "has joined");
});
to use the socketio-jwt
package to add authentication to Socket.io.
We use it to add JWT authentication with secret
set to jwtSecret
.
And we listen to the connection event with handler that gets the decoded token’s email.