Home/ Questions/Q 9140849
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-17T09:34:12+00:00

I am using socket.io’s authorize method( In detail here ) to check whether the

  • 0

I am using socket.io’s authorize method( In detail here) to check whether the user is authorized to use my app by checking the cookie associated with the user.

The above blog post is fairly straight forward but I am using cookieSessions to store session data in cookies. One good question is on stackoverflow but I can’t figure that out.

I want to know how to decrypt cookieSession data to access the session data. A bit of my sample code:

io.set('authorization', function (data, accept) {

//Check cookie for session data

accept(null, true);});

In other words, how can I access the cookieSession in socket.io?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I use the following (with passport, but it doesn’t matter):

    io.set('authorization', function(data, accept) {
    var getCookieSession = require('./lib/cookie_session');
    var session = getCookieSession(data.headers, {
        key: 'YOUR KEY',
        secret: 'YOUR SECRET'
    });

    if (session.passport.user) {
        accept(null, true);
    } else {
        accept(null, false);
    }
});

    and getCookieSession is the following module:

    var connect = require('connect');

var cookieParser = connect.cookieParser;
var cookieSession = connect.cookieSession;

module.exports = function(headers, opts) {
    var key = opts.key || '_session';
    var secret = opts.secret || '';
    var req = { headers: headers, originalUrl: "/" };
    var res = { on: function() {} };
    var next = function () {};

    cookieParser(secret)(req, res, next);
    cookieSession({ key: key })(req, res, next);

    return req.session;
};
    • 0