socket-controllers
socket-controllers copied to clipboard
typestack
feat: add @Authorized() decorator
Is there any chance to create an Authorized-Decorator like in routing controllers?
Would be nice, if you could limit the connections to only authorized users (directly at connect or at message-level) and to inject the user.
Hi @acuntex!
I am not familiar with the project and I don't think pleerock will have any free time soon to work on this project. However, the community can pick this up and implement and document it then it can be merged.
The first step would be to actually discuss your proposal. How do you expect the @Authorized decorator to work? The first message must include an authorization message or every message should contain the authorization payload?
Any news or workarounds? I'm trying to the same thing - protect some of my socket.io "routes".
Do you have an example of the thing I'm trying to accomplish - authentication with socket.io. I'm using passport.js, routing-controllers, socket-controllers and socket.io. Right now for some reason calling req.isAuthenticated() gives me false for some reason.
See sample5
@Middleware()
export class AuthenticationMiddleware implements MiddlewareInterface {
use(socket: any, next: ((err?: any) => any)): any { // where socketio instance. not connected socket instance!
console.log("authentication..."); // your auth logic here
next();
}
}
For events no, because the middlewares works globally. As I said before it is problem
You can implement your own auth solution using interceptors per event, or use the middleware per connection.
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}