search

socketio / socket.io

Realtime application framework (Node.JS server)
https://socket.io
MIT License
60.92k stars 10.09k forks source link

Handshake authorization stuck. #1934

Closed EugeneKostrikov closed 3 years ago

EugeneKostrikov commented 9 years ago

Hello,

I'm trying to figure out how to fail authorization correctly. If i callback with error from the middleware the server is getting stuck. Tried both middleware style and io.set('authorization'). The code is as follows.

Client is the same for both scenarios:

        socket = ioClient.connect(options.ioUrl + "/people", {query: query, forceNew: true});
        socket.on('data', function(data){
          console.log(data);
        });
        socket.on('connect', function() {
          callback();
        });
        socket.on('error', function(err){
          callback(err);
        });

Server with io.set

      io.set('authorization', function(handshake, done){
        setTimeout(function(){
          done(null, false);
        }, 100);
      });

Server with middleware 

      io.use(function(socket, next){
          setTimeout(function(){
           next(new Error('Auth failed');
          });
    });

It looks like the problem is transport. The state is still opening when i fail the auth. However if i use timeouts, it is writable. The client does not get any event at all. If i do not fail the auth - connect event fires. Any idea what is wrong here?

alxyang commented 9 years ago

Could you perhaps be a bit more specific as to the environment from which you are experiencing this issue? (Browser, Node version, OS, etc.)

I wrote a sample test and was not able to reproduce the issue. Code for the test is here: https://gist.github.com/aly006/cbc84a57d24744b67a32

Let me know if I am misunderstanding anything.

peteruithoven commented 9 years ago

@EugeneKostrikov, maybe you're experience this issue: https://github.com/Automattic/socket.io/issues/1888 Since you're trying to connect to a namespace. What happens when you try to connect to the root namespace? @aly006, maybe you can try to include a namespace in your sample?

serhiisol commented 7 years ago

Experiencing exactly the same problem that @EugeneKostrikov has mentioned.

setTimeout works only when client has really strong connection, otherwise he won't get error event.

Tried with throttling - same result, won't receive error event

Socket.IO - 1.6.0 Chrome - 57.0.2926.0 canary (64-bit) NodeJS - 7.1.0 OS - macOS Sierra 10.12.1

PS. to fix this issue for now, we can replace engine with uWebSockets (e.g.):

https://github.com/uWebSockets/uWebSockets#i-would-stay-away-from-these-projects

murrayju commented 6 years ago

See #3089 and #2342. The error is being fired on the default namespace, and not your custom namespace. I don't think it should work this way, but that's the current behavior.

darrachequesne commented 3 years ago

For future readers: this was fixed in Socket.IO v3

Documentation: