-
-
Save jfromaniello/4087861 to your computer and use it in GitHub Desktop.
/* | |
* Little example of how to use ```socket-io.client``` and ```request``` from node.js | |
* to authenticate thru http, and send the cookies during the socket.io handshake. | |
*/ | |
var io = require('socket.io-client'); | |
var request = require('request'); | |
/* | |
* This is the jar (like a cookie container) we will use always | |
*/ | |
var j = request.jar(); | |
/* | |
* First I will patch the xmlhttprequest library that socket.io-client uses | |
* internally to simulate XMLHttpRequest in the browser world. | |
*/ | |
var originalRequest = require('xmlhttprequest').XMLHttpRequest; | |
require('xmlhttprequest').XMLHttpRequest = function(){ | |
originalRequest.apply(this, arguments); | |
this.setDisableHeaderCheck(true); | |
var stdOpen = this.open; | |
/* | |
* I will patch now open in order to set my cookie from the jar request. | |
*/ | |
this.open = function() { | |
stdOpen.apply(this, arguments); | |
var header = j.get({ url: 'http://localhost:9000' }) | |
.map(function (c) { | |
return c.name + "=" + c.value; | |
}).join("; "); | |
this.setRequestHeader('cookie', header); | |
}; | |
}; | |
/* | |
* Authenticate first, doing a post to some url | |
* with the credentials for instance | |
*/ | |
request.post({ | |
jar: j, | |
url: 'http://localhost:9000/login', | |
form: {username: 'jose', password: 'Pa123'} | |
}, function (err, resp, body){ | |
/* | |
* now we can connect.. and socket.io will send the cookies! | |
*/ | |
var socket = io.connect('http://localhost:9000'); | |
socket.on('connect', function(){ | |
console.log('connected! handshakedddddddddddd') | |
done(); | |
})); | |
}); |
Some more hackery will be required for socket.io 1.0 as it does require('xmlhttprequest')
directly, rather than require('xmlhttprequest').XMLHttpRequest
, making it even more difficult to override.
I was having the same issue and was able to get cookies working with 1.2.1 by creating a file containing the following:
// XMLHttpRequest to override.
var xhrPath = 'socket.io-client/node_modules/engine.io-client/node_modules/xmlhttprequest';
// Make initial call to require so module is cached.
require(xhrPath);
var name = require.resolve(xhrPath);
// Get cached version.
var cachedXhr = require.cache[name];
var stdXhr = cachedXhr.exports;
// Callbacks exposes an object that callback functions can be added to.
var callbacks = {};
// Example
callbacks.test = function() {
console.log("In callback.");
}
var newXhr = function() {
stdXhr.apply(this, arguments);
for (method in callbacks) {
if (typeof callbacks[method] == "function") {
callbacks[method].apply(this, arguments);
}
}
}
newXhr.XMLHttpRequest = newXhr;
cachedXhr.exports = newXhr;
module.exports = newXhr;
module.exports.callbacks = callbacks;
Requiring that and adding methods to callbacks
ends up with a similar result to the original post, at least while the cached version of XMLHttpRequest persists. The require statement for the above file should be made before socket.io-client
is required. An example, which adds the cookie to the request:
var myXhr = require('./xmlhttprequest');
var io = require('socket.io-client');
/*
...
code which ends up with cookie value in myCookie
...
*/
myXhr.callbacks.test2 = function() {
this.setDisableHeaderCheck(true);
var stdOpen = this.open;
this.open = function() {
stdOpen.apply(this, arguments);
this.setRequestHeader('cookie', myCookie);
}
}
// Assuming uri was defined somewhere above.
var socket = io.connect(uri);
It would also be possible, in the first file, to call stdXhr.XMLHttpRequest
instead of stdXhr
, in which case I believe the original solution (along with the few edits mentioned in the comments here) would work.
Thank you chrahunt this is what I was looking for 😄
Complete example
For anyone that look for a complete example here is:
First create a file: client-code.js
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
var request = require('request');
var cookies = request.jar();
var myXhr = require('./newXhr');
console.log('');
console.log('Request https://yourdomain.com/');
request.get(
{
url: 'https://yourdomain.com/',
jar: cookies
},
function (err, res, body) {
if (err) {
console.log('Error: ', err);
process.exit(0);
}
console.log('Status code: ', res.statusCode);
console.log('');
console.log('Headers: ', res.headers);
console.log('');
console.log('Cookies: ', cookies);
console.log('');
request.post(
{
url: 'https://yourdomain.com/login',
jar: cookies,
form: {
nick: 'secret_user',
password: 'yourpassword'
}
},
function (err, res, body) {
console.log('');
if (err) {
console.log('Error: ', err);
process.exit(0);
}
console.log('Status code: ', res.statusCode);
console.log('');
console.log('Headers: ', res.headers);
console.log('');
console.log('Cookies: ', cookies);
console.log('');
myXhr.callbacks.test2 = function () {
this.setDisableHeaderCheck(true);
var stdOpen = this.open;
this.open = function () {
stdOpen.apply(this, arguments);
this.setRequestHeader('Cookie', res.headers['set-cookie'][0].split(';')[0]);
}
}
var io = require("socket.io-client")("https://yourdomain.com/audience", {forceNew: true});
io.on('connect', function () {
console.log("Eureka !!!");
});
//process.exit(0);
});
}
);
Now create new file called:newXhr.js thank you @chrahunt
// XMLHttpRequest to override.
var xhrPath = 'socket.io-client/node_modules/engine.io-client/node_modules/xmlhttprequest';
// Make initial call to require so module is cached.
require(xhrPath);
var name = require.resolve(xhrPath);
// Get cached version.
var cachedXhr = require.cache[name];
var stdXhr = cachedXhr.exports;
// Callbacks exposes an object that callback functions can be added to.
var callbacks = {};
// Example
callbacks.test = function () {
console.log("In callback.");
}
var newXhr = function () {
stdXhr.apply(this, arguments);
for (method in callbacks) {
if (typeof callbacks[method] == "function") {
callbacks[method].apply(this, arguments);
}
}
}
newXhr.XMLHttpRequest = newXhr;
cachedXhr.exports = newXhr;
module.exports = newXhr;
module.exports.callbacks = callbacks;
The dependencies package.json
{
"name": "client-code",
"version": "1.0.0",
"description": "",
"main": "client-code.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"dependencies": {
"request": "^2.55.0",
"socket.io-client": "^1.1.0",
"xmlhttprequest": "^1.5.0"
}
}
In Windows
Now run this in the promt:
set DEBUG=* & node client-code.js
Unix base
Now run this in the shell/terminal:
DEBUG=* node client-code.js
Tested with socket.io v1.1.0
Cheers!
I fixed the cookie issue in socket-io-client 1.3.6 by overriding the http.ClientRequest constructor.
var ClientRequestOrig = require('http').ClientRequest;
// Override the ClientRequest constructor to set your cookie.
http.ClientRequest = function(options, cb) {
// Set your cookie
options.headers.Cookie = 'mycookie=mycookievalue';
return new ClientRequestOrig(options, cb);
};
This solution does not work when you have multiple socket.io clients in the same node instance. If the clients auth as different users, overriding the cookie in the common xmlhttprequest
makes all the clients appear to be the same
For those that are still ending up here, using a newer version of SocketIO client may be better for you. This pull requests outlines how you can set cookies using the library directly: rakeshok/socket.io-client-cookie#9
Posting the code from the pull request here as well:
const io = require('socket.io-client');
const cookie = 'connect.sid=xyz';
const socket = io(url, { path, extraHeaders: { cookie } `});
Sending cookies across origins is disabled in browsers (I believe at a lower level than any patching could allow).
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Cookies</title>
<script>
window.addEventListener('load', function(event) {
let exist = document.getElementById("exist");
exist.textContent = document.cookie;
let mycookie = "mysession=abc123";
let elem = document.getElementById("cook");
elem.textContent = mycookie;
document.cookie = mycookie;
// let url = "https://www.google.ca/";
let url = "http://localhost:30080/";
let urlelem = document.getElementById("url");
urlelem.textContent = url;
let respelem = document.getElementById("resp");
let req = new Request(url, { credentials: "same-origin" });
fetch(req).then(function(resp) {
return resp.text();
}).then(function(text) {
respelem.textContent = text;
});
});
</script>
</head>
<body>
<p>
Existing document cookies <code id="exist"></code>.
<p>
Sending a cookie <code id="cook"></code> to URL <code id="url"></code>.
<p>
Response text: <code id="resp"></code>.
</body>
</html>
Existing document cookies .
Sending a cookie mysession=abc123 to URL http://localhost:30080/.
Response text: <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> [...] </body> </html> .
The browser's console shows the cookie being sent (when using the same origin as a destination).
GET / HTTP/1.1
Host: localhost:30080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:84.0) Gecko/20100101 Firefox/84.0
Accept: */*
Accept-Language: en-CA,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://localhost:30080/f.html
DNT: 1
Connection: keep-alive
Cookie: mysession=abc123
I've made this works for socket.io-client ~0.9.
Is there a way to make it work for ~1.2 release?
Does it already?