Add websocketVerifyClient option to enable custom websocket auth

Fixes #1127
2017-01-24 21:37:08 +00:00 · 2017-01-24 21:37:08 +00:00 · 8d34f87667
parent 128c4fe222
commit 8d34f87667
2 changed files with 27 additions and 9 deletions
--- a/nodes/core/io/22-websocket.js
+++ b/nodes/core/io/22-websocket.js
@ -82,16 +82,15 @@ module.exports = function(RED) {

            RED.server.addListener('newListener',storeListener);

-            // Create a WebSocket Server
-            node.server = new ws.Server({
+            var serverOptions = {
                server:RED.server,
-                path:path,
-                // Disable the deflate option due to this issue
-                //  https://github.com/websockets/ws/pull/632
-                // that is fixed in the 1.x release of the ws module
-                // that we cannot currently pickup as it drops node 0.10 support
-                perMessageDeflate: false
-            });
+                path:path
+            }
+            if (RED.settings.webSocketNodeVerifyClient) {
+                serverOptions.verifyClient = RED.settings.webSocketNodeVerifyClient;
+            }
+            // Create a WebSocket Server
+            node.server = new ws.Server(serverOptions);

            // Workaround https://github.com/einaros/ws/pull/253
            // Stop listening for new listener events
--- a/settings.js
+++ b/settings.js
@ -167,6 +167,25 @@ module.exports = {
    //    next();
    //},

+    // The following property can be used to verify websocket connection attempts.
+    // This allows, for example, the HTTP request headers to be checked to ensure
+    // they include valid authentication information.
+    //webSocketVerifyClient: function(info) {
+    //    // 'info' has three properties:
+    //    //   - origin : the value in the Origin header
+    //    //   - req : the HTTP request
+    //    //   - secure : true if req.connection.authorized or req.connection.encrypted is set
+    //    //
+    //    // The function should return true if the connection should be accepted, false otherwise.
+    //    //
+    //    // Alternatively, if this function is defined to accept a second argument, callback,
+    //    // it can be used to verify the client asynchronously.
+    //    // The callback takes three arguments:
+    //    //   - result : boolean, whether to accept the connection or not
+    //    //   - code : if result is false, the HTTP error status to return
+    //    //   - reason: if result is false, the HTTP reason string to return
+    //},
+
    // Anything in this hash is globally available to all functions.
    // It is accessed as context.global.
    // eg: