Javascript 如何在Socket.io身份验证中解析cookie头?
我想在用户连接到websocket之前读取会话/cookie数据 我的websocket是使用Socket.io和express framework实现的 这就是我所做的Javascript 如何在Socket.io身份验证中解析cookie头?,javascript,node.js,cookies,express,socket.io,Javascript,Node.js,Cookies,Express,Socket.io,我想在用户连接到websocket之前读取会话/cookie数据 我的websocket是使用Socket.io和express framework实现的 这就是我所做的 const env = require('./config'); const sess = require('./sessions'); const app = require('express')(); const https = require('https'); const fs = require('fs'); con
const env = require('./config');
const sess = require('./sessions');
const app = require('express')();
const https = require('https');
const fs = require('fs');
const session = require('express-session');
const RedisStore = require("connect-redis")(session);
const cookieParser = require('cookie-parser')
const connect = require('connect');
const server = https.createServer(
{
key: fs.readFileSync('certs/key.pem'),
cert: fs.readFileSync('certs/cert.pem')
}, function (req, res){
res.setHeader('Access-Control-Allow-Origin', '*');
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type');
}
).listen(env.socket.port, env.socket.host, function () {
console.log('\033[2J');
console.log('Websocket is running at https://%s:%s', server.address().address, server.address().port);
});
const io = require('socket.io')(server);
const sessionMiddleware = session({
store: new RedisStore({
host: env.redis.host,
port: env.redis.port
}),
secret: env.session.secret,
name: env.session.name,
rolling: false,
resave: true,
saveUninitialized: true,
});
var clients = {};
io.use(function(socket, next) {
sessionMiddleware(socket.request, socket.request.res, next);
});
var myCookieParser = cookieParser(env.session.secret);
app.use( myCookieParser ) ;
app.use( sessionMiddleware );
io.set('authorization', function (handshakeData, accept) {
onsole.log(handshakeData.headers.cookie);
if (handshakeData.headers.cookie) {
var cookies = myCookieParser(handshakeData.headers.cookie);
console.log(cookies);
return ;
handshakeData.sessionID = connect.utils.parseSignedCookie(cookies['connect.sid'], env.session.secret);
if (cookies['connect.sid'] == handshakeData.sessionID) {
return accept('Cookie is invalid.', false);
}
} else {
return accept('No cookie transmitted.', false);
}
accept(null, true);
});
io.on('connection', function (socket) {
var origin = socket.request.headers.origin || '';
var myIP = socket.request.socket.remoteAddress || '';
var socketId = socket.id;
var session_id = '';
var authorized = false;
var req = socket.request;
//console.log(socket.request);
console.log('SessionID: ' + socket.request.sessionID)
if (!originIsAllowed(origin)) {
// Make sure we only accept requests from an allowed origin
socket.destroy();
console.log((new Date()) + ' Connection from origin ' + origin + ' rejected.');
return false;
}
if(req.sessionID){
session_id = req.sessionID;
}
if(req.session.authorized){
authorized = req.session.authorized;
}
socket.on('chat', function(msg){
//only autherized users can chat
if( session.authorized ){
console.log('Chat Message: ' + msg);
socket.emit('chat', { message: msg });
}
});
socket.on('disconnect', function(msg){
console.log('Closing sessionID: ' + session_id);
var userCons = clients[session_id] || [];
var index = userCons.indexOf(socketId);
if(index > -1){
userCons.splice(index, 1);
console.log('Removed Disconnect Message: ' + msg);
} else {
console.log('Disconnect Message: ' + msg);
}
});
socket.on('error', function(msg){
console.log('Error Message: ' + msg);
});
});
function originIsAllowed(origin) {
// put logic here to detect whether the specified origin is allowed.
var allowed = env.session.allowedOrigins || []
if(allowed.indexOf(origin) >= 0){
return true;
}
return false;
}
当我启动服务器时,我得到了所有的错误
Websocket is running at https://10.0.4.18:8020
C:\Program Files\nodejs\node_modules\cookie-parser\index.js:26
var cookies = req.headers.cookie;
^
TypeError: Cannot read property 'cookie' of undefined
at cookieParser (C:\Program Files\nodejs\node_modules\cookie-parser\index.js
:26:30)
at C:\Program Files\nodejs\socket.js:79:17
at Array.<anonymous> (C:\Program Files\nodejs\node_modules\socket.io\lib\ind
ex.js:118:7)
at run (C:\Program Files\nodejs\node_modules\socket.io\lib\namespace.js:114:
11)
at C:\Program Files\nodejs\node_modules\socket.io\lib\namespace.js:122:7
at session (C:\Program Files\nodejs\node_modules\express-session\index.js:39
8:7)
如何正确解析cookies
已编辑
把问题改成这样之后
var cookies = myCookieParser(handshakeData);
我得到这个错误
Websocket is running at https://10.0.4.18:8020
C:\Program Files\nodejs\node_modules\cookie-parser\index.js:48
next();
^
TypeError: undefined is not a function
at cookieParser (C:\Program Files\nodejs\node_modules\cookie-parser\index.js
:48:5)
at C:\Program Files\nodejs\socket.js:61:17
at Array.<anonymous> (C:\Program Files\nodejs\node_modules\socket.io\lib\ind
ex.js:118:7)
at run (C:\Program Files\nodejs\node_modules\socket.io\lib\namespace.js:114:
11)
at C:\Program Files\nodejs\node_modules\socket.io\lib\namespace.js:122:7
at session (C:\Program Files\nodejs\node_modules\express-session\index.js:39
8:7)
at Array.<anonymous> (C:\Program Files\nodejs\socket.js:40:5)
at run (C:\Program Files\nodejs\node_modules\socket.io\lib\namespace.js:114:
11)
at Namespace.run (C:\Program Files\nodejs\node_modules\socket.io\lib\namespa
ce.js:126:3)
at Namespace.add (C:\Program Files\nodejs\node_modules\socket.io\lib\namespa
ce.js:155:8)
Websocket正在运行https://10.0.4.18:8020
C:\ProgramFiles\nodejs\node\u modules\cookie parser\index.js:48
next();
^
TypeError:undefined不是函数
在cookieParser(C:\Program Files\nodejs\node\u modules\cookie parser\index.js
:48:5)
在C:\Program Files\nodejs\socket.js:61:17
在阵列上。(C:\Program Files\nodejs\node\u modules\socket.io\lib\ind
ex.js:118:7)
运行时(C:\Program Files\nodejs\node\u modules\socket.io\lib\namespace.js:114:
11)
位于C:\Program Files\nodejs\node\u modules\socket.io\lib\namespace.js:122:7
在会话中(C:\Program Files\nodejs\node\u modules\express session\index.js:39
8:7)
在阵列上。(C:\ProgramFiles\nodejs\socket.js:40:5)
运行时(C:\Program Files\nodejs\node\u modules\socket.io\lib\namespace.js:114:
11)
在Namespace.run(C:\Program Files\nodejs\node\u modules\socket.io\lib\namespa
行政长官:126:3)
在Namespace.add(C:\Program Files\nodejs\node\u modules\socket.io\lib\namespa
行政长官:155:8)
错误引用了完全不同的行var cookies=req.headers.cookie代码>,我想你需要换一个地方看。@YuriZarubin在注释那行并在它之后返回时,我没有得到那个错误哦,对了,nvm。是的,它抱怨的原因是它期望的是一个请求
对象,而不是实际的cookie。所以它试图解析实际的cookie。@YuriZarubin当我这样做时,mycokieparser(handshakeData.headers)
我得到了一个正确的错误,因为那也不是请求对象。怎么样mycokieparser(握手数据)
Websocket is running at https://10.0.4.18:8020
C:\Program Files\nodejs\node_modules\cookie-parser\index.js:48
next();
^
TypeError: undefined is not a function
at cookieParser (C:\Program Files\nodejs\node_modules\cookie-parser\index.js
:48:5)
at C:\Program Files\nodejs\socket.js:61:17
at Array.<anonymous> (C:\Program Files\nodejs\node_modules\socket.io\lib\ind
ex.js:118:7)
at run (C:\Program Files\nodejs\node_modules\socket.io\lib\namespace.js:114:
11)
at C:\Program Files\nodejs\node_modules\socket.io\lib\namespace.js:122:7
at session (C:\Program Files\nodejs\node_modules\express-session\index.js:39
8:7)
at Array.<anonymous> (C:\Program Files\nodejs\socket.js:40:5)
at run (C:\Program Files\nodejs\node_modules\socket.io\lib\namespace.js:114:
11)
at Namespace.run (C:\Program Files\nodejs\node_modules\socket.io\lib\namespa
ce.js:126:3)
at Namespace.add (C:\Program Files\nodejs\node_modules\socket.io\lib\namespa
ce.js:155:8)