What's new in 2.0.0?
This update
This update is focused on cookie management and user authentication.
If you find a bug, or just have a new idea to improve the package, please open an issue on Github!
Server side
Additions
Cookies
- The cookies from the WS client's browser now can be accessed via the
cookiesproperty. - You can now set cookies from the server side if the client is connected from a browser using
setCookie. - You can now delete cookies from the targeted client's browser directly from the server side using the
removeCookiefunction. - The client can now sync the cookies to the server side
- New local event:
onCookieSync
- New local event:
Extendable clients
-
When creating a server you can now specify a custom ZilaClient class
/*You should not use the WebSocketClient constructor since it's a part of the `ws` npm package,
and is only exported to make the extending easier.*/
import { ZilaServer, ZilaClient, WebSocketClient, IncomingHttpHeaders } from "zilaws-server";
class MyClient extends ZilaClient {
public clientData: {
rank: "admin" | "user";
username: string;
}
//In order to get access to the cookies, sadly you need to define the constructor by hand.
constructor(
socket: WebSocketClient,
ip: string | undefined,
server: ZilaServer,
isBrowser: boolean,
headers: IncomingHttpHeaders,
cookies?: Map<string, string>
) {
super(socket, ip, server, isBrowser, headers, cookies);
//This is the best place to authenticate the user.
if(isBrowser && !AuthUserByBrowser(cookies?.get("loginToken"))) {
this.kick("Wrong token");
return;
}else if (!AuthUserByHeader(headers["authorization"])) {
this.kick("Wrong token");
return;
}
this.clientData = {
rank: "admin",
username: "SomeUsername"
}
}
}
//Defining both the generic type and the clientClass is needed.
const server = new ZilaServer<MyClient>({
port: 6589,
logger: true,
verbose: true,
clientClass: MyClient
});
server.onceMessageHandler("Anything", (socket) => {
socket.clientData == {
rank: "admin",
username: "SomeUsername"
}; //--> true
});
Waiting for clients
- This update solves a major security issue waiters
- Two new functions:
waiterTimeoutandbroadcastWaiterTimeout. Both has a maxWaitingTime parameter. This parameter constains the max time the server should wait for the client / each connected client - The
waiter's andwaiterBroadcast's now has max waiting time and it is the server'smaxWaiterTimesetting. - A server's
maxWaiterTimecan be set in the settings upon server creation or directly using the server's corrresponding property.
Others
- Checks for passing a function down to a client has been removed. The built-in JSON serializer ignores functions by default.
- An array of the server's actively connected clients can now be accessed through a the
clientsproperty of the corresponding server. - ILogger interface typeguard for text parameter.
- Added property
isBrowserto ZilaClient. This determines if the client's environment is a browser on not. - The WS server is now powered with a seperate HTTP/HTTPS server.
- If the client is already banned by the server while connecting, the connection gets terminated about 4 times faster.
Client side
New Features
-
Timeout for waiters
- Set the timeout with
client.maxWaiterTime waiterTimeoutfunction with a max waiting time parameter
- Set the timeout with
-
The server side can now set and remove cookies.
- The server side does not have access to cookies that were created after the establishment of the ws connection by default. In order to resync the cookies, use the
syncCookiesfunction. This also means that it's important to sync the cookies after one got deleted. - New local events:
onCookieSetonCookieDelete
- The server side does not have access to cookies that were created after the establishment of the ws connection by default. In order to resync the cookies, use the