go-packages/iris
1
0
Fork 0
mirror of https://github.com/kataras/iris.git synced 2025-03-14 08:16:28 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

improve the example and add jwt authentication on handshake or server connect event or any other event

Browse Source 
as requested a long time ago at: https://github.com/kataras/iris/issues/1229#issuecomment-484791181


Former-commit-id: 17259069bc5decc022bf3b706b0654c8f473d3c8
This commit is contained in:
Gerasimos (Makis) Maropoulos 2019-07-06 06:27:28 +03:00
parent 2576b3da34
commit 85666da682
4 changed files with 68 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
_examples/websocket/basic/browser/index.html
View File

@ -17,6 +17,17 @@
var port = document.location.port ? ":" + document.location.port : ""; var port = document.location.port ? ":" + document.location.port : "";
var wsURL = scheme + "://" + document.location.hostname + port + "/echo"; var wsURL = scheme + "://" + document.location.hostname + port + "/echo";
const enableJWT = true;
if (enableJWT) {
// This is just a signature and a payload of an example content,
// please replace this with your logic.
//
// Add a random letter in front of the token to make it
// invalid and see that this client is not allowed to dial the websocket server.
const token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjozMjEzMjF9.8waEX7-vPKACa-Soi1pQvW3Rl8QY-SUFcHKTLZI4mvU";
wsURL += "?token=" + token;
}
var outputTxt = document.getElementById("output"); var outputTxt = document.getElementById("output");
function addMessage(msg) { function addMessage(msg) {
outputTxt.innerHTML += msg + "\n"; outputTxt.innerHTML += msg + "\n";
@ -24,7 +35,7 @@
function handleError(reason) { function handleError(reason) {
console.log(reason); console.log(reason);
window.alert(reason); window.alert("error: see the dev console");
} }
function handleNamespaceConnectedConn(nsConn) { function handleNamespaceConnectedConn(nsConn) {

11
_examples/websocket/basic/browserify/app.js
View File

@ -5,6 +5,17 @@ var port = document.location.port ? ":" + document.location.port : "";
var wsURL = scheme + "://" + document.location.hostname + port + "/echo"; var wsURL = scheme + "://" + document.location.hostname + port + "/echo";
const enableJWT = true;
if (enableJWT) {
// This is just a signature and a payload of an example content,
// please replace this with your logic.
//
// Add a random letter in front of the token to make it
// invalid and see that this client is not allowed to dial the websocket server.
const token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjozMjEzMjF9.8waEX7-vPKACa-Soi1pQvW3Rl8QY-SUFcHKTLZI4mvU";
wsURL += "?token=" + token;
}
var outputTxt = document.getElementById("output"); var outputTxt = document.getElementById("output");
function addMessage(msg) { function addMessage(msg) {

2
_examples/websocket/basic/browserify/bundle.js
View File

File diff suppressed because one or more lines are too long

45
_examples/websocket/basic/server.go
View File

@ -7,8 +7,14 @@ import (
"github.com/kataras/iris/websocket" "github.com/kataras/iris/websocket"
"github.com/kataras/neffos" "github.com/kataras/neffos"
// Used when "enableJWT" constant is true:
"github.com/dgrijalva/jwt-go"
jwtmiddleware "github.com/iris-contrib/middleware/jwt"
) )
// values should match with the client sides as well.
const enableJWT = true
const namespace = "default" const namespace = "default"
// if namespace is empty then simply neffos.Events{...} can be used instead. // if namespace is empty then simply neffos.Events{...} can be used instead.
@ -46,8 +52,45 @@ func main() {
websocket.DefaultGorillaUpgrader, /* DefaultGobwasUpgrader can be used too. */ websocket.DefaultGorillaUpgrader, /* DefaultGobwasUpgrader can be used too. */
serverEvents) serverEvents)
j := jwtmiddleware.New(jwtmiddleware.Config{
// Extract by the "token" url,
// so the client should dial with ws://localhost:8080/echo?token=$token
Extractor: jwtmiddleware.FromParameter("token"),
ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) {
return []byte("My Secret"), nil
},
// When set, the middleware verifies that tokens are signed with the specific signing algorithm
// If the signing method is not constant the ValidationKeyGetter callback can be used to implement additional checks
// Important to avoid security issues described here: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
SigningMethod: jwt.SigningMethodHS256,
})
// serves the endpoint of ws://localhost:8080/echo // serves the endpoint of ws://localhost:8080/echo
app.Get("/echo", websocket.Handler(websocketServer)) websocketRoute := app.Get("/echo", websocket.Handler(websocketServer))
if enableJWT {
// Register the jwt middleware (on handshake):
websocketRoute.Use(j.Serve)
// OR
//
// Check for token through the jwt middleware
// on websocket connection or on any event:
/*
websocketServer.OnConnect = func(c *neffos.Conn) error {
ctx := websocket.GetContext(c)
if err := j.CheckJWT(ctx); err != nil {
// will send the above error on the client
// and will not allow it to connect to the websocket server at all.
return err
}
log.Printf("[%s] connected to the server", c.ID())
return nil
}
*/
}
// serves the browser-based websocket client. // serves the browser-based websocket client.
app.Get("/", func(ctx iris.Context) { app.Get("/", func(ctx iris.Context) {