mongo-realtime 1.0.1 → 1.0.3

package/README.md

@@ -2,6 +2,8 @@
 
 A Node.js package that combines Socket.IO and MongoDB Change Streams to deliver real-time database updates to your WebSocket clients.
 
+![Banner](logo.png)
+
 ## 🚀 Features
 
 - **Real-time updates**: Automatically detects changes in MongoDB and broadcasts them via Socket.IO
@@ -69,6 +71,8 @@ Initializes the socket system and MongoDB Change Streams.
 |-----------|------|-------------|
 | `options.connection` | `mongoose.Connection`* | Active Mongoose connection |
 | `options.server` | `http.Server`* | HTTP server to attach Socket.IO |
+| `options.authentify` | `Function` | Function to authenticate socket connections. Should return true if authenticated |
+| `options.middlewares` | `Array[Function]` | Array of Socket.IO middlewares |
 | `options.onSocket` | `Function` | Callback on socket connection |
 | `options.offSocket` | `Function` | Callback on socket disconnection |
 | `options.watch` | `Array[String]` | Collections to only watch. Listen to all when is empty |
@@ -95,6 +99,35 @@ The package automatically emits six types of events for each database change:
 | `db:change:{collection}:{id}` | Specific document | `db:change:users:507f1f77bcf86cd799439011` |
 | `db:{type}:{collection}:{id}` | Type + document | `db:insert:users:507f1f77bcf86cd799439011` |
 
+### Event listeners
+
+You can add serverside listeners to those db events to trigger specific actions on the server:
+
+```js
+function sendNotification(change){
+  const userId = change.docId; // or change.documentKey._id
+  NotificationService.send(userId,"Welcome to DB"); 
+}
+
+MongoRealtime.listen("db:insert:users",sendNotification);
+```
+
+#### Adding many callback to one event
+
+```js
+MongoRealtime.listen("db:insert:users",anotherAction);
+MongoRealtime.listen("db:insert:users",anotherAction2);
+```
+
+#### Removing event listeners
+
+```js
+MongoRealtime.removeListener("db:insert:users",sendNotification); // remove this specific action from this event
+MongoRealtime.removeListener("db:insert:users"); // remove all actions from this event
+MongoRealtime.removeAllListeners(); // remove all listeners
+
+```
+
 ### Event Payload Structure
 
 Each event contains the full MongoDB change object:
@@ -102,6 +135,8 @@ Each event contains the full MongoDB change object:
 ```javascript
 {
   "_id": {...},
+  "col":"users", // same as ns.coll
+  "docId":"...", // same as documentKey._id 
   "operationType": "insert|update|delete|replace",
   "documentKey": { "_id": "..." },
   "ns": { "db": "mydb", "coll": "users" },
@@ -186,29 +221,25 @@ MongoRealtime.init({
 ### Socket Authentication
 
 ```javascript
-function authenticateSocket(socket){
-    socket.on('authenticate', (token) => {
-      if (isValidToken(token)) {
-        socket.authenticated = true;
-        socket.emit('authenticated');
-      } else {
-        socket.disconnect();
-      }
-    });
-
-    socket.use((packet, next) => {
-      if (socket.authenticated) {
-        next();
-      } else {
-        next(new Error('Unauthenticated'));
-      }
-    });
+function authenticateSocket(token, socket){
+   const verify = AuthService.verifyToken(token);
+   if(verify){
+     socket.user = verify.user; // attach user info to socket
+     return true; // should return true to accept the connection
+   }
+   return false;
 }
 
 MongoRealtime.init({
   connection: mongoose.connection,
   server: server,
-  onSocket: authenticateSocket,
+  authentify: authenticateSocket,
+  middlewares: [
+    (socket, next) => {
+     console.log(`User is authenticated: ${socket.user.email}`);
+     next();
+    }
+  ],
   offSocket: (socket, reason) => {
     console.log(`Socket ${socket.id} disconnected: ${reason}`);
   }

package/index.js

@@ -12,6 +12,8 @@ class MongoRealtime {
    *
    * @param {Object} options
    * @param {import("mongoose").Connection} options.connection - Active Mongoose connection
+   * @param {(token:String, socket: import("socket.io").Socket) => boolean | Promise<boolean>} options.authentify - Auth function that should return true if `token` is valid
+   * @param {[( socket: import("socket.io").Socket, next: (err?: ExtendedError) => void) => void]} options.middlewares - Register mmiddlewares on incoming socket
    * @param {(socket: import("socket.io").Socket) => void} options.onSocket - Callback triggered when a socket connects
    * @param {(socket: import("socket.io").Socket, reason: import("socket.io").DisconnectReason) => void} options.offSocket - Callback triggered when a socket disconnects
    * @param {import("http").Server} options.server - HTTP server to attach Socket.IO to
@@ -22,6 +24,8 @@ class MongoRealtime {
   static init({
     connection,
     server,
+    authentify,
+    middlewares=[],
     onSocket,
     offSocket,
     watch = [],
@@ -37,6 +41,29 @@ class MongoRealtime {
     watch = watch.map((s) => s.toLowerCase());
     ignore = ignore.map((s) => s.toLowerCase());
 
+    this.io.use(async (socket, next) => {
+      if (!!authentify) {
+        try {
+          const token = socket.handshake.auth.token;
+          if (!token) return next(new Error("No token provided"));
+
+          const authorized =await authentify(token, socket);
+          if (authorized===true) return next(); // exactly returns true
+
+          return next(new Error("Unauthorized"));
+        } catch (error) {
+          return next(new Error("Authentication error"));
+        }
+      } else {
+        return next();
+      }
+      
+    });
+
+    for (let middleware of middlewares) {
+      this.io.use(middleware);
+    }
+
     this.io.on("connection", (socket) => {
       this.sockets = [...this.io.sockets.sockets.values()];
       if (onSocket) onSocket(socket);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mongo-realtime",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "main": "index.js",
   "scripts": {},
   "keywords": [