Use socket.handshake instead of socket.client.request

Fixes a bug where sockets would be rejected if they connected directly with the 'websocket' transport instead of doing an AJAX connection with websocket upgrade (e.g. if `transports: ['websocket']` is passed to the socket.io-client constructor). See https://github.com/socketio/socket.io/blob/master/docs/API.md#sockethandshake
2017-12-27 14:18:46 -08:00 · 2017-12-27 14:18:46 -08:00 · 95e147b5a0
commit 95e147b5a0
parent 0b6106a89e
3 changed files with 18 additions and 20 deletions
--- a/src/io/ioserver.js
+++ b/src/io/ioserver.js
@ -52,8 +52,12 @@ class IOServer {
        if (!socket.context) socket.context = {};

        try {
+            socket.handshake.connection = {
+                remoteAddress: socket.handshake.address
+            };
+
            socket.context.ipAddress = proxyaddr(
-                socket.client.request,
+                socket.handshake,
                this.proxyTrustFn
            );

@ -159,7 +163,7 @@ class IOServer {

    // Parse cookies
    cookieParsingMiddleware(socket, next) {
-        const req = socket.request;
+        const req = socket.handshake;
        if (req.headers.cookie) {
            cookieParser(req, null, () => next());
        } else {
@ -172,7 +176,7 @@ class IOServer {
    // Determine session age from ip-session cookie
    // (Used for restricting chat)
    ipSessionCookieMiddleware(socket, next) {
-        const cookie = socket.request.signedCookies['ip-session'];
+        const cookie = socket.handshake.signedCookies['ip-session'];
        if (!cookie) {
            socket.context.ipSessionFirstSeen = new Date();
            next();
@ -193,7 +197,7 @@ class IOServer {
        socket.context.aliases = [];

        const promises = [];
-        const auth = socket.request.signedCookies.auth;
+        const auth = socket.handshake.signedCookies.auth;
        if (auth) {
            promises.push(verifySession(auth).then(user => {
                socket.context.user = Object.assign({}, user);