var restify = require('restify');// Authenticationvar passport = requi

1. var restify = require('restify');
2.  
3. // Authentication
4. var passport = require('passport');
5. var LocalStrategy = require('passport-local').Strategy;
6. var sessions = require("client-sessions");
7.  
8. var server = restify.createServer();
9. server.use(restify.queryParser());
10. server.use(restify.bodyParser());
11.  
12. server.use(sessions({
13. // cookie name dictates the key name added to the request object
14. cookieName: 'session',
15. // should be a large unguessable string
16. secret: 'yoursecret',
17. // how long the session will stay valid in ms
18. duration: 365 * 24 * 60 * 60 * 1000
19. }));
20.  
21. // Initialize passport
22. server.use(passport.initialize());
23. // Set up the passport session
24. server.use(passport.session());
25.  
26. // This is how a user gets serialized
27. passport.serializeUser(function(user, done) {
28. done(null, user.id);
29. });
30.  
31. // This is how a user gets deserialized
32. passport.deserializeUser(function(id, done) {
33. // Look the user up in the database and return the user object
34. // For this demo, return a static user
35. return done(null, {id:123456, username:'john'});
36. });
37.  
38. // Lookup a user in our database
39. var lookupUser = function(username, password, done) {
40. if(username === 'john' && password === 'johnspassword') {
41. return done(null, {id:123456, username:'john'});
42. }
43.  
44. return done(null, false, { error: 'Incorrect username or password.' });
45. };
46.  
47. passport.use(new LocalStrategy({ usernameField: 'username', session: true }, lookupUser));
48.  
49.  
50.  
51.  
52.  
53. // POST /login
54. var loginRoute = function(req, res, next) {
55. // The local login strategy
56. passport.authenticate('local', function(err, user) {
57. if (err) {
58. return next(err);
59. }
60.  
61. // Technically, the user should exist at this point, but if not, check
62. if(!user) {
63. return next(new restify.InvalidCredentialsError("Please check your details and try again."));
64. }
65.  
66. // Log the user in!
67. req.logIn(user, function(err) {
68. if (err) {
69. return next(err);
70. }
71. console.log(req.isAuthenticated());
72. req.session.user_id = req.user.id;
73.  
74. if(user.username) {
75. res.json({ success: 'Welcome ' + user.username + "!"});
76. return next();
77. }
78.  
79. res.json({ success: 'Welcome!'});
80. return next();
81. });
82.  
83. })(req, res, next);
84. };
85.  
86.  
87.  
88.  
89.  
90. // GET /hello
91. var helloRoute =function(req, res, next) {
92. console.log(req.isAuthenticated());
93. if(req.user) {
94. res.send("Hello " + req.user.username);
95. } else {
96. res.send("Hello unauthenticated user");
97. }
98.  
99. return next();
100. };
101.  
102.  
103.  
104.  
105.  
106. server.post({url:'/login'}, loginRoute);
107. server.get({url:'/hello'}, helloRoute);
108.  
109. var io = require('socket.io').listen(server);
110.  
111. /// Parse the given cookie header string into an object
112. /// The object has the various cookies as keys(names) => values
113. /// @param {String} str
114. /// @return {Object}
115. var parseCookie = function(str, opt) {
116. opt = opt || {};
117. var obj = {}
118. var pairs = str.split(/[;,] */);
119. var dec = opt.decode || decodeURIComponent;
120.  
121. pairs.forEach(function(pair) {
122. var eq_idx = pair.indexOf('=')
123.  
124. // skip things that don't look like key=value
125. if (eq_idx < 0) {
126. return;
127. }
128.  
129. var key = pair.substr(0, eq_idx).trim()
130. var val = pair.substr(++eq_idx, pair.length).trim();
131.  
132. // quoted values
133. if ('"' == val[0]) {
134. val = val.slice(1, -1);
135. }
136.  
137. // only assign once
138. if (undefined == obj[key]) {
139. try {
140. obj[key] = dec(val);
141. } catch (e) {
142. obj[key] = val;
143. }
144. }
145. });
146.  
147. return obj;
148. };
149.  
150. io.set('authorization', function (handshakeData, accept) {
151.  
152. // Check that the cookie header is present
153. if (!handshakeData.headers.cookie) {
154. return accept('No cookie transmitted.', false);
155. }
156.  
157. // Get all the cookie objects
158. var cookie = parseCookie(handshakeData.headers.cookie);
159.  
160. // Pull out the user from the cookie by using the decode function
161. handshakeData.sessionID = sessions.util.decode({cookieName: 'session', secret:'yoursecret'}, cookie['session']);
162.  
163. accept(null, true);
164. });
165.  
166. io.on('connection', function(socket) {
167. // Get the first key of the handshake data
168. var firstKey = Object.keys(socket.manager.handshaken)[0];
169. var userId = socket.manager.handshaken[firstKey].sessionID.content.user_id;
170.  
171. // Send a hello message with the user's id
172. socket.emit('message', "Hey " + userId);
173. });
174.  
175. // Launch the server
176. server.listen(5000, function() {
177. console.log('Server running at port 5000');
178. });