Ws: Can I use this -easily- with a middleware framework like Express 4?

I imagined that there was some sort of mechanism available to UPGRADE the connection, thereby transparently integrating ws into the existing server.

Note that Express 4 is NOT Express 3.

Broke a few things, it seems...

I did an experiment and it seems working. Here's my code:

    var app = express();

    var cookieParser = require('cookie-parser');
    var session = require('express-session');
    var bodyParser = require('body-parser');
    var compression = require('compression');

    app.use(compression());
    app.use(bodyParser());
    app.use(cookieParser());
    app.use(session({secret: 'HJH#22jh12bKHiu2'}));
    app.use(express.static(__dirname + '/../../public'));

    var server = http.createServer(app);

    var wss = new ws.Server({ server: server, path: "/websocket" });
    wss.on('connection', function(ws) {
        console.log("connection");
    });

    server.listen(4000);

I think we need to set the path to the websocket. Let me know if you still have some problem.

The above example uses latest express 4.

@alinz example works great, but how is it possible to get session info from ws?

if I use the verifyClient option on the server to get the request object, i don't have cookies or session info.

Do you know of any way to do this?
in other websocket implementations, I see methods like wss.on('request', cb)
but this doesn't seem available with ws.

any suggestion on how to get underlying http session info?
Thanks

I think I figured it out, using the server.on('upgrade') gives access to the original req and allow to use sessionParser to generate the session info, which is then accessible to the ws server

server.on('upgrade', function(req, res, next) {
    sessionParser(req, {}, function () {
        console.log("REQUEST:" + req.session);
        // do stuff with the session here
    });
});

var verifyClient = function verifyClient(info, cb) {
    console.log(info);
    // get session here from info.req.session
    cb(true);
};

var wss = new ws.Server({ server: server,  verifyClient: verifyClient});

hope this can help: I successfully parsed the session on connection, and used session info on every message. This can secure the connection with the cookie session obtained during user login, and limit the users requests also on server side.

var WebSocketServer = require('ws').Server
  , http = require('http')
  , express = require('express')
  , app = express();

var bodyParser=require('body-parser');
var session=require('express-session');
var sessionParser=session({

    secret: 'there is no spoon',
    cookie: { maxAge: null },
    //store: sessionStore,
    resave: true,
    saveUninitializes: true
})

app.use(sessionParser);
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: true}));

var server = http.createServer(app);
var wss = new WebSocketServer({
    server: server,
    verifyClient: function (info, done){

        sessionParser(info.req, {}, function(){

            console.log('VERIFY', info.req.session);
            // allow connection only if session is valid and a user is logged in
            done(info.req.session && info.req.session.user && info.req.session.user.id);
        });
    }
});

wss.on('connection', function(ws) {

    ws.on('message', function(message) {

        console.log(message, ws.upgradeReq.session);
        if(message.type && canUserDo(ws.upgradeReq.session.user, message.type)){

            // do stuff here and reply to the message
        }
    }
});

@tmx976 Thank you, the provided example was very helpful for me. Would you mind if I make pull request to the docs with your example? Or, maybe, it is better to just modify one of the examples in the corresponding folder/create a new one?

Glad to be helpful.
I don't know which solution is best, maybe adding an example is more reachable..

However the two are not exclusive: it's OK to make them both..

Bye.

Inviato da BlueMail

Il giorno 14:41 19/Lug/2016, alle ore 14:41, Vasily Loginov [email protected] ha scritto:

@tmx976 Thank you, the provided example was very helpful for me. Would
you mind if I make pull request to the docs with your example? Or,
maybe, it is better to just modify one of the examples in the
corresponding folder/create a new one?

---

You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub:
https://github.com/websockets/ws/issues/326#issuecomment-233619565

The example is now available in the examples folder (thanks to @karatheodory).