#36 supporting auth() in sockets

lib/crudr.js

@@ -30,11 +30,12 @@ var CRUDr = function (){
 
 CRUDr.prototype = {
 
-	defaults : {
+	options : {
 			config : config,
 			app : {},
 			db : {}, 
-			sync : false
+			sync : false, 
+			auth : false
 	}, 
 
 	sockets : new Sockets(), 
@@ -45,15 +46,15 @@ CRUDr.prototype = {
 		if ( typeof options.server == "undefined" ) options.server = options.app;
 		// #23 FIX: extend default config with the existing config (recursive)
 		for( i in config){
-			options.config[i] = _.extend( config[i], options.config[i]);
+			options.config[i] = ( options.config[i] instanceof Object ) ? _.extend( config[i], options.config[i]) : options.config[i];
 		}
 
 		// extend defaults with the existing options
-		options = _.extend( this.defaults, options);
+		this.options = _.extend( this.options, options);
 		// initialize the backend
-		options.db = this.backends( options ); 
+		options.db = this.backends( this.options ); 
 
-		// save options as objects for future reference 
+		// (need this?) save options as objects for future reference 
 		for( i in options){
 			this[i] = options[i];
 		}
@@ -64,7 +65,7 @@ CRUDr.prototype = {
 
 		//  setup sockets if  server is available
 		if( !_.isEmpty( this.server) )
-			this.sockets.init( options );
+			this.sockets.init( this.options );
 
 
 		// return the io object in case the dev needs to make further setup

lib/sockets.js

@@ -26,18 +26,55 @@ Sockets.prototype = {
 		// sockets configuration (deserves its own function?)
 		// - no debug messages in production
 		//this.io.set('log level', 1);
-
+		// initialize authentication (optionally)
+		this.authorize();
+		// add backend events
 		this.events( this.db );
 
 	}, 
 
+	authorize: function(){
+		var self = this;
+
+		self.io.on('connection', function(socket) {
+
+			// handle uthentication (if required)
+			socket.on('token', function (token) {
+				// check if there's an auth method
+				var auth = ( !self.auth ) ? true : self.auth(token);
+				// disconnect the user if they are not authorized
+				if( !auth ) return socket.disconnect();
+				socket.set('access_token', token, function () { socket.emit('ready'); });
+			});
+
+			// get the session info from app (express)
+			if( self.sessions && typeof(self.sessions) != "undefined"  && typeof(self.app.cookieParser) != "undefined" ){ 
+				// need to add this line to your express app 
+				// app.cookieParser = express.cookieParser("session secret");
+				self.app.cookieParser(socket.handshake, {}, function(err) {
+					self.sessions.get(socket.handshake.signedCookies["connect.sid"], function(err, session) {
+						// this is ridicilous btw - session info should be available in the socket by default
+						socket.session = session;
+					});
+				});
+			} 
+
+		});
+
+	}, 
+
 	setup : function( domain ){
 
-		var scope = (typeof this.config.scope[domain] === "undefined") ? false : this.config.scope[domain];
+		var scope = ( this.config.scope && this.config.scope[domain]) ? this.config.scope[domain] : false;
+
+		// check if we're namespacing the domains
+		// if so, use the string after the first underscore
+		var backend = ( this.config.namespace ) ? domain.substring( domain.indexOf("_") +1 ) : domain;
 
 		return {
 			// replacing legacy event 'backend' with domain name
 			event : domain, 
+			backend : backend, 
 			// defining scope for each domain name
 			scope : scope
 		}
@@ -51,35 +88,32 @@ Sockets.prototype = {
 		Object.keys( db ).forEach(function(domain) {
 
 			self.io.of(domain).on('connection', function(socket) {
+				// check auth against domain this time
+				socket.get('access_token', function (err, token) {
+					var auth = ( !self.auth ) ? true : self.auth(token, domain);
+					// disconnect the user if they are not authorized
+					if( !auth ) return socket.disconnect();
+				});
 
 				var options = self.setup(domain);
 				var sync = new Sync(domain, socket, options);
+
 				socket.on('listen', function(callback) {
 					callback(options);
 				});
 
-				// get the session info from app (express)
-
-				if( self.sessions && typeof(self.sessions) != "undefined"  && typeof(self.app.cookieParser) != "undefined" ){ 
-					// need to add this line to your express app 
-					// app.cookieParser = express.cookieParser("session secret");
-					self.app.cookieParser(socket.handshake, {}, function(err) {
-						self.sessions.get(socket.handshake.signedCookies["connect.sid"], function(err, session) {
-							// this is ridicilous btw - session info should be available in the socket by default
-							socket.session = session;
-						});
-					});
-				} 
-
 				socket.on('sync', function(req, callback) {
 					//req || (req = {});
 					//req.method || (req.method = 'create');
 					// add the user session (if available)
+
 					if(socket.session) req.session = socket.session;
 					// use the right scope 
 					req.scope = options.scope;
+					//req.backend = options.backend;
 
 					sync.handle(self.db[domain], req, function(err, result) {
+
 						callback(err, result);
 
 						if (!err && req.method !== 'read') {

lib/sync.js

@@ -2,8 +2,8 @@ var EventEmitter = require('events').EventEmitter;
 
 module.exports = Sync;
 
-function Sync(backend, socket, options) {
-    this.backend = backend;
+function Sync(domain, socket, options) {
+    this.backend = options.backend || domain;
     this.socket = socket;
     this.options = options || {};
 };