Authenticate a user in WebSocket using Api token.

[roqkabel]

I am working on Adonis v5 for developing API for my mobile app.

And I am using WebSocket (socket.io), I need a way to authenticate the token I add to the socket handshake.

 auth {
  token: "Y2xoYzZwY2UxMDAwMDAxbTg0a2tqZDF4Ng.Sx18U4XzdI0zZYyQAb8XyIIPJ8G_IzMEVd1EfO6Us2WDstDqg2yNsy6_bMjE"
}

Why this feature is required (specific use-cases will be appreciated)?

In normal cases apart we only use the router to authenticate requests, it would be much nicer to just
call a function that can generate a user by passing in the token.

In the case of using Socket using this approach from the main Adonis Js documentation:

It would be much easier to authenticate a user in a socket file.

I don't know how to approach this but doing something like this from the code below really make sense to me :

Ws.io.on('connection', (socket) => {
 if (socket.handshake.auth.token) {
    let userToken = socket.handshake.auth.token
    Ws.verifyUserByToken(userToken)
  }
 else {
    socket.disconnect()
 }

})

Have you tried any other workarounds?

I tried to decode the Api Token but it seems not to be working.

  private decodeToken(token: string) {
    let user = jwt.verify(token, appKey)
    console.log(user)
  }

Are you willing to work on it with little guidance?

Yes!, I will be much grateful for your help.

[aikrom]

You can use this little trick

Ws.io.on('connection', async (socket) => {
  socket.request.headers['authorization'] = socket.handshake.auth.token

  const ctx = HttpContext.create('/', {}, socket.request)
  const auth = AuthManager.getAuthForRequest(ctx as any)

  try {
    const user = await auth.use('api').authenticate()
    socket.emit('user', user)
  } catch (error) {
    socket.disconnect()
  }
})

P.S. Send token in handshake like this: 'Bearer {your token}'

[MohamedAljoke]

how can i do this with adonis v6? how to access the AuthManager and HttpContext

[SwartZCoding]

Same question. If you find please share :)

[MohamedAljoke]

ah check this one
#4406

[victorLessa]

How to access the AuthManager and HttpContext?

[MohamedAljoke]

https://github.com/orgs/adonisjs/discussions/4154#discussioncomment-10707601

check this if it helps

[Dari4sho]

Roughly this works for me (@adonisjs/core 6.17.0):

import { Secret } from '@adonisjs/core/helpers'
import User from '#models/user'

export const authenticateWebSocketConnection = (rawToken: string) => {
    const secret = new Secret(rawToken)
    const userToken = await User.accessTokens.verify(secret)

    if (userToken && !userToken.isExpired()) {
      const user = await User.findOrFail(userToken.tokenableId)

      return {
        isAuthenticated: true,
        user,
      }
    }

    return { isAuthenticated: false }
}

Note that the user model needs this reference:

import { BaseModel, column } from '@adonisjs/lucid/orm'
import { compose } from '@adonisjs/core/helpers'
import { withAuthFinder } from '@adonisjs/auth/mixins/lucid'
import { AccessToken, DbAccessTokensProvider } from '@adonisjs/auth/access_tokens'

const AuthFinder = withAuthFinder(() => hash.use('scrypt'), {
  uids: ['email'],
  passwordColumnName: 'password',
})

export default class User extends compose(BaseModel, AuthFinder) {
  @column({ isPrimary: true, serializeAs: null })
  declare id: number

  // other definitions

  // Relevant part:
  static accessTokens = DbAccessTokensProvider.forModel(User, {
    table: 'user_auth_access_tokens',
  })
}

[MohamedAljoke]

• i am sure there is another way to do this, like what if we needed to decode the token in another application, but i did not find it out so what i did was use a provider class from adonis like this, just so that i can get an instance of the ApplicationService class.

folder:providers/file_name

export default class WProvider {
 constructor(protected app: ApplicationService) {}
 async start() {
   const { WebSocketIo } = await import('#connections/ws/sockets')
   const webSocket = new WebSocketIo(this.app)
   await webSocket.boot()
 }
}

and then inside my WebSocketIo class i get the app from the constructur

check the config/auth file make sure to have the authConfig function like this

import { InferAuthEvents, Authenticators } from '@adonisjs/auth/types'
import { tokensGuard, tokensUserProvider } from '@adonisjs/auth/access_tokens'

export const authProvider = {
  provider: tokensUserProvider({
    tokens: 'authTokens',
    model: () => import('#models/user'),
  }),
}
const authConfig = defineConfig({
  default: 'api',
  guards: {
    api: tokensGuard(authProvider),
  },
})

export default authConfig

/**
 * Inferring types from the configured auth
 * guards.
 */
declare module '@adonisjs/auth/types' {
  interface Authenticators extends InferAuthenticators<typeof authConfig> {}
}
declare module '@adonisjs/core/types' {
  interface EventsList extends InferAuthEvents<Authenticators> {}
}

now inside the class WebSocketIo that got called in the provider and has the app class i did this

      const request: Request = {
        header: () => `Bearer ${token}`,
      } as unknown as Request

      let ctx: HttpContext = {
        request: request,
      } as HttpContext

      const auth = authResolver.guards.api(ctx)
      const user = await auth.authenticate()```

[MohamedAljoke]

just to fix this the auth resolver comes from const authResolver = await authConfig.resolver(this.app)

[MohamedAljoke]

i need to give it a read to understand how the incoding is done, imagin if you needed to decode this token in a java application or even another nodejs express application, there must be a simpler way