When using Sails.js with Passport.js, the isAuthenticated method does not exist on the req object when requested through websocket.

How to check user is authenticated from socket requests ?

You can inject authentication methods into socket requests. For this just make a little hijack into config/bootstrap.js.

module.exports.bootstrap = function (cb) {

  var passport = require('passport'),
    initialize = passport.initialize(),
    session = passport.session(),
    http = require('http'),
    methods = ['login', 'logIn', 'logout', 'logOut', 'isAuthenticated', 'isUnauthenticated'];

  sails.removeAllListeners('router:request');
  sails.on('router:request', function(req, res) {
    initialize(req, res, function () {
      session(req, res, function (err) {
        if (err) {
          return sails.config[500](500, req, res);
        }
        for (var i = 0; i < methods.length; i++) {
          req[methods[i]] = http.IncomingMessage.prototype[methods[i]].bind(req);
        }
        sails.router.route(req, res);
      });
    });
  });
  cb();
};

After this hijack you can use isAuthenticated() to check user authenticated and other methods from Passport in sockets. And then inject user variable through policies like Scott says.

With this approach you don’t need special handling for checking socket request authentication in policies. You do still need to hook up passport for non socket requests by way of express middleware.

Reference Link

About The Author