io.set('authorization', function(handshakeData, accept){
if (!handshakeData.headers.cookie) {
return accept('no cookie.', false);
}
handshakeData.cookies = utils.parseSignedCookies(
cookie.parse(handshakeData.headers.cookie),
config.cookie_secret);
sessionStore.get(handshakeData.cookies['connect.sid'], function(err, session){
if (err || !session || !session.user) {
return accept('no session.', false);
}
handshakeData.session = session;
return accept(null, true);
});
});
var parseCookie = function (cookie) {
return parseSignedCookies(parse(cookie), 'your secret here')
};
function socialHandler(data, accept, sessionStore, handlers, secret) {
try {
// Deriving express cookie here to define whether user has already
// established session
var signedCookies = cookie.parse(decodeURIComponent(data.headers.cookie));
// Creating structure for the Session module that looks like request
data.cookie = connectUtils.parseSignedCookies(signedCookies, secret);
data.sessionID = data.cookie['express.sid'];
data.sessionStore = sessionStore;
} catch (error) {
console.warn("failed parsing cookies: " + error);
accept('Malformed cookie transmitted', false);
return;
}
//
sessionStore.load(data.sessionID, function (error, session) {
if (error) {
console.warn("error in session storage: ", error);
accept("Server error", false);
return;
}
if (!session) {
// Cookie exists but session is missing in storage. Probably it could
// be due to server reset or cache flush. So need to create a new
// session but notify the end user.
// Client is actually not allowed to get session but in order to
// allow auto refresh on client we grand new session but mark it with
// `reload` flag to allow just one message to be send back with
// notification that connection should be reestablish
console.warn("could not find session for cookie: ", data.sessionID);
data.reset = true;
data.session = new Session(data, session);
accept(null, true);
// the following should be used to fully deny connection
// accept("Error", false);
return;
}
// Resolve user, could be a locally mocked or from social network
var handler;
for (var i = 0, len = handlers.length; i < len; ++i) {
if (handlers[i].canHandle(data)) {
handler = handlers[i];
break;
}
}
if (!handler) {
accept("unauthorized", false);
return;
}
try {
// pass request object to the handler in order to derive user
// information
handler.handle(data, function (error, profile) {
if (error) {
accept(error, false);
return;
}
// TODO: validate profile
// if (!profile.uid || !profile.first_name || !profile.last_name || !profile.avatar)
data.user = profile;
data.session = new Session(data, session);
accept(null, true);
});
} catch (e) {
accept("failed handle request", false);
console.warn("failed handle request, error:", e, " handler:", handler);
}
});
}
global.parseCookie = function(cookie){
return parseSC((parse(cookie)),"rlaeodnjs");
};