Websockets middleware

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:8.9.4-alpine
+FROM node:10-alpine
 
 WORKDIR /app
 

app/index.js

@@ -5,6 +5,8 @@ const morgan = require('morgan');
 const passport = require('passport');
 const path = require('path');
 const Auth0Strategy = require('passport-auth0-openidconnect').Strategy;
+const authorization = require('./middleware/authorization');
+const { compose } = require('compose-middleware');
 
 const config = require('./config');
 const errors = require('./errors');
@@ -18,10 +20,14 @@ app.set('views', path.join(__dirname, 'views'));
 app.use(require('serve-favicon')(path.join(__dirname, 'favicon.ico')));
 
 bole.output({ level: config.log.level, stream: process.stdout });
-app.use(morgan('combined'));
 
-app.use(require('cookie-parser')());
-app.use(require('express-session')(config.session));
+const logger = morgan('combined');
+const cookieParser = require('cookie-parser')();
+const session = require('express-session')(config.session);
+
+app.use(logger);
+app.use(cookieParser);
+app.use(session);
 
 const strategy = new Auth0Strategy(
   config.auth0,
@@ -48,11 +54,20 @@ passport.deserializeUser((user, done) => {
   done(null, user);
 });
 
-app.use(passport.initialize());
-app.use(passport.session());
+const initialize = passport.initialize();
+const passportSession = passport.session();
+app.use(initialize);
+app.use(passportSession);
 
 app.use(routes);
 app.use(errors);
-
+app.set('websocketMiddleware', compose([
+  logger,
+  cookieParser,
+  session,
+  initialize,
+  passportSession,
+  authorization,
+]));
 
 module.exports = app;

app/middleware/authorization.js

@@ -12,11 +12,19 @@ function isAuthorized(req) {
   return false;
 }
 
-module.exports = function (req, res, next) {
+module.exports = (req, res, next) => {
   if (isAuthorized(req)) {
     next();
   } else {
-    res.sendStatus(403);
-    next(new Error('User is not authorized'));
+    const err = new Error('User is not authorized');
+    if (Object.prototype.hasOwnProperty.call(res, 'end')) {
+      // if res is a stream / socket instead of a ServerResponse then close it
+      res.end();
+      throw err;
+    } else {
+      // else set the status to 403 because it's a http.ServerResponse
+      res.sendStatus(403);
+    }
+    next(err);
   }
 };

app/proxy.js

@@ -1,7 +1,7 @@
-var auth = require('./auth');
-var config = require('./config');
-var httpProxy = require('http-proxy');
-var log = require('bole')('proxy');
+const auth = require('./auth');
+const config = require('./config');
+const httpProxy = require('http-proxy');
+const log = require('bole')('proxy');
 
 
 var proxy = httpProxy.createProxyServer(config.proxy);

app/server.js

@@ -18,6 +18,8 @@ server.listen(config.express.port, config.express.host, function (error) {
   log.info('Listening on ' + config.express.host + ':' + config.express.port);
 });
 
-server.on('upgrade', function (req, socket, head) {
-  proxy.ws(req, socket, head);
+server.on('upgrade', (req, socket, head) => {
+  app.get('websocketMiddleware')(req, socket, () => {
+    proxy.ws(req, socket, head);
+  });
 });