Updated + first rough implementation

server/SocketAuthority.js

@@ -1,6 +1,9 @@
 const SocketIO = require('socket.io')
 const Logger = require('./Logger')
 const Database = require('./Database')
+const Auth = require('./Auth')
+const passport = require('passport')
+const expressSession = require('express-session')
 
 class SocketAuthority {
   constructor() {
@@ -81,6 +84,24 @@ class SocketAuthority {
         methods: ["GET", "POST"]
       }
     })
+
+    /*
+    const wrap = middleware => (socket, next) => middleware(socket.request, {}, next);
+
+    io.use(wrap(expressSession({
+      secret: global.ServerSettings.tokenSecret,
+      resave: false,
+      saveUninitialized: false,
+      cookie: {
+        // also send the cookie if were hare not on https
+        secure: false
+      },
+    })));
+    
+    io.use(wrap(passport.initialize()));
+    io.use(wrap(passport.session()));
+    */
+
     this.io.on('connection', (socket) => {
       this.clients[socket.id] = {
         id: socket.id,
@@ -147,7 +168,13 @@ class SocketAuthority {
   // When setting up a socket connection the user needs to be associated with a socket id
   //  for this the client will send a 'auth' event that includes the users API token
   async authenticateSocket(socket, token) {
-    const user = await this.Server.db.users.find(u => u.token === token)
+    // TODO
+    const token_data = Auth.validateAccessToken(token)
+    if (!token_data || !token_data.username) {
+      Logger.error('Cannot validate socket - invalid token')
+      return socket.emit('invalid_token')
+    }
+    const user = await Database.userModel.getUserByUsername(token_data.username)
     if (!user) {
       Logger.error('Cannot validate socket - invalid token')
       return socket.emit('invalid_token')