Use socket.handshake instead of socket.client.request

Fixes a bug where sockets would be rejected if they connected directly
with the 'websocket' transport instead of doing an AJAX connection with
websocket upgrade (e.g. if `transports: ['websocket']` is passed to the
socket.io-client constructor).

See https://github.com/socketio/socket.io/blob/master/docs/API.md#sockethandshake

package.json

@@ -2,7 +2,7 @@
   "author": "Calvin Montgomery",
   "name": "CyTube",
   "description": "Online media synchronizer and chat",
-  "version": "3.51.15",
+  "version": "3.51.16",
   "repository": {
     "url": "http://github.com/calzoneman/sync"
   },

src/io/ioserver.js

@@ -52,8 +52,12 @@ class IOServer {
         if (!socket.context) socket.context = {};
 
         try {
+            socket.handshake.connection = {
+                remoteAddress: socket.handshake.address
+            };
+
             socket.context.ipAddress = proxyaddr(
-                socket.client.request,
+                socket.handshake,
                 this.proxyTrustFn
             );
 
@@ -159,7 +163,7 @@ class IOServer {
 
     // Parse cookies
     cookieParsingMiddleware(socket, next) {
-        const req = socket.request;
+        const req = socket.handshake;
         if (req.headers.cookie) {
             cookieParser(req, null, () => next());
         } else {
@@ -172,7 +176,7 @@ class IOServer {
     // Determine session age from ip-session cookie
     // (Used for restricting chat)
     ipSessionCookieMiddleware(socket, next) {
-        const cookie = socket.request.signedCookies['ip-session'];
+        const cookie = socket.handshake.signedCookies['ip-session'];
         if (!cookie) {
             socket.context.ipSessionFirstSeen = new Date();
             next();
@@ -193,7 +197,7 @@ class IOServer {
         socket.context.aliases = [];
 
         const promises = [];
-        const auth = socket.request.signedCookies.auth;
+        const auth = socket.handshake.signedCookies.auth;
         if (auth) {
             promises.push(verifySession(auth).then(user => {
                 socket.context.user = Object.assign({}, user);

test/io/ioserver.js

@@ -10,19 +10,13 @@ describe('IOServer', () => {
             context: {
                 ipAddress: '9.9.9.9'
             },
-            client: {
+            handshake: {
-                request: {
+                address: '127.0.0.1',
-                    connection: {
-                        remoteAddress: '127.0.0.1'
-                    },
                 headers: {
                     'x-forwarded-for': '1.2.3.4'
                 }
             }
-            }
         };
-
-        socket.request = socket.client.request;
     });
 
     describe('#ipProxyMiddleware', () => {
@@ -35,7 +29,7 @@ describe('IOServer', () => {
         });
 
         it('does not proxy from a non-trusted address', done => {
-            socket.client.request.connection.remoteAddress = '5.6.7.8';
+            socket.handshake.address = '5.6.7.8';
             server.ipProxyMiddleware(socket, error => {
                 assert(!error);
                 assert.strictEqual(socket.context.ipAddress, '5.6.7.8');
@@ -128,18 +122,18 @@ describe('IOServer', () => {
 
     describe('#cookieParsingMiddleware', () => {
         it('parses cookies', done => {
-            socket.request.headers.cookie = 'flavor=chocolate%20chip';
+            socket.handshake.headers.cookie = 'flavor=chocolate%20chip';
 
             server.cookieParsingMiddleware(socket, () => {
-                assert.strictEqual(socket.request.cookies.flavor, 'chocolate chip');
+                assert.strictEqual(socket.handshake.cookies.flavor, 'chocolate chip');
                 done();
             });
         });
 
         it('defaults to empty objects if no cookies', done => {
             server.cookieParsingMiddleware(socket, () => {
-                assert.deepStrictEqual(socket.request.cookies, {});
+                assert.deepStrictEqual(socket.handshake.cookies, {});
-                assert.deepStrictEqual(socket.request.signedCookies, {});
+                assert.deepStrictEqual(socket.handshake.signedCookies, {});
                 done();
             });
         });