Skip to content

A ticket store designed to allow an application to use an express app to do auth for a socket.io app

License

Notifications You must be signed in to change notification settings

joewagner/scalper

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

scalper

A ticket store designed to allow an application to use an express app to do auth for a socket.io app. compatible with Express 4

Installation

npm install scalper

Options

  • authenticate - Function that checks if current request is authenticated. It is passed the request object, and should return the value that will be stored in the ticket. (default checks req.user._id and req.user.id)
  • genTicket - Function that returns the ticket. (default uses the node-uuid v4 method)
  • route - String that represents the GET route that will serve tickets. (default is '/socket-ticket')
  • store - an instance of a ticket store. (default is a memory-store instance)

Store Option

Note: The default memory store should not be used in production. A store should expose a get and a set method. set should take three arguments. A key, a value, and a callback. The store implementation should ensure the uniqueness of tickets get should take two arguments. A key and a callback. Important get should delete the ticket as soon as its retrieved, so that tickets can not be used twice.

Look at redis-ticket for an example implementation with mongodb.

Motivation

There are many advantages for token based authentication when using websockets. Heroku docs have a nice article outlining some of the details of securing websockets. authO.com has a blog post that also goes over the details of token based auth with socket.io

About

A ticket store designed to allow an application to use an express app to do auth for a socket.io app

Resources

License

Stars

Watchers

Forks

Packages

No packages published