From ac36a99a7226e1092c2e7e28c9b6e32d8f82e6fb Mon Sep 17 00:00:00 2001
From: Egil Moeller <egil.moller@freecode.no>
Date: Thu, 19 Apr 2012 14:25:12 +0200
Subject: More general basic auth

---
 src/node/hooks/express/socketio.js | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

(limited to 'src/node/hooks/express/socketio.js')

diff --git a/src/node/hooks/express/socketio.js b/src/node/hooks/express/socketio.js
index e040f7ac..6774b653 100644
--- a/src/node/hooks/express/socketio.js
+++ b/src/node/hooks/express/socketio.js
@@ -7,11 +7,27 @@ var hooks = require("ep_etherpad-lite/static/js/pluginfw/hooks");
 var padMessageHandler = require("../../handler/PadMessageHandler");
 var timesliderMessageHandler = require("../../handler/TimesliderMessageHandler");
 
-
+var connect = require('connect');
+ 
 exports.expressCreateServer = function (hook_name, args, cb) {
   //init socket.io and redirect all requests to the MessageHandler
   var io = socketio.listen(args.app);
 
+  /* Require an express session cookie to be present, and load the
+   * session. See http://www.danielbaulig.de/socket-ioexpress for more
+   * info */
+  io.set('authorization', function (data, accept) {
+    if (!data.headers.cookie) return accept('No session cookie transmitted.', false);
+    data.cookie = connect.utils.parseCookie(data.headers.cookie);
+    data.sessionID = data.cookie.express_sid;
+    args.app.sessionStore.get(data.sessionID, function (err, session) {
+      if (err || !session) return accept('Bad session / session has expired', false);
+      data.session = new connect.middleware.session.Session(data, session);
+      accept(null, true);
+    });
+  });
+
+
   //this is only a workaround to ensure it works with all browers behind a proxy
   //we should remove this when the new socket.io version is more stable
   io.set('transports', ['xhr-polling']);
-- 
cgit v1.2.3