Aller au contenu principal
Version: 4.x

The Socket instance (server-side)

A Socket is the fundamental class for interacting with the client. It inherits all the methods of the Node.js EventEmitter, like emit, on, once or removeListener.

Bidirectional communication between server and clientBidirectional communication between server and client


The Socket instance has a few attributes that may be of use in your application:


Each new connection is assigned a random 20-characters identifier.

This identifier is synced with the value on the client-side.

// server-side
io.on("connection", (socket) => {
console.log(; // ojIckSD2jqNzOqIrAGzL

// client-side
socket.on("connect", () => {
console.log(; // ojIckSD2jqNzOqIrAGzL

Upon creation, the Socket joins the room identified by its own id, which means you can use it for private messaging:

io.on("connection", socket => {
socket.on("private message", (anotherSocketId, msg) => {"private message",, msg);

Note: you can't overwrite this identifier, as it is used in several parts of the Socket.IO codebase.


This object contains some details about the handshake that happens at the beginning of the Socket.IO session.

headers: /* the headers of the initial request */
query: /* the query params of the initial request */
auth: /* the authentication payload */
time: /* the date of creation (as string) */
issued: /* the date of creation (unix timestamp) */
url: /* the request URL string */
address: /* the ip of the client */
xdomain: /* whether the connection is cross-domain */
secure: /* whether the connection is secure */


"headers": {
"user-agent": "xxxx",
"accept": "*/*",
"host": "",
"connection": "close"
"query": {
"EIO": "4",
"transport": "polling",
"t": "NNjNltH"
"auth": {
"token": "123"
"time": "Sun Nov 22 2020 01:33:46 GMT+0100 (Central European Standard Time)",
"issued": 1606005226969,
"url": "/",
"address": "::ffff:",
"xdomain": false,
"secure": true


This is a reference to the rooms the Socket is currently in.

io.on("connection", (socket) => {
console.log(socket.rooms); // Set { <> }
console.log(socket.rooms); // Set { <>, "room1" }


An arbitrary object that can be used in conjunction with the fetchSockets() utility method:

// server A
io.on("connection", (socket) => { = "alice";

// server B
const sockets = await io.fetchSockets();
console.log(sockets[0].data.username); // "alice"

More information here.


A reference to the underlying Engine.IO socket (see here).

io.on("connection", (socket) => {
console.log("initial transport",; // prints "polling"

socket.conn.once("upgrade", () => {
// called when the transport is upgraded (i.e. from HTTP long-polling to WebSocket)
console.log("upgraded transport",; // prints "websocket"

socket.conn.on("packet", ({ type, data }) => {
// called for each packet received

socket.conn.on("packetCreate", ({ type, data }) => {
// called for each packet sent

socket.conn.on("drain", () => {
// called when the write buffer is drained

socket.conn.on("close", (reason) => {
// called when the underlying connection is closed

Additional attributes

As long as you do not overwrite any existing attribute, you can attach any attribute to the Socket instance and use it later:

// in a middleware
io.use(async (socket, next) => {
try {
const user = await fetchUser(socket);
socket.user = user;
} catch (e) {
next(new Error("unknown user"));

io.on("connection", (socket) => {

// in a listener
socket.on("set username", (username) => {
socket.username = username;

Socket middlewares

Those middlewares look a lot like the usual middlewares, except that they are called for each incoming packet:

socket.use(([event, ...args], next) => {
// do something with the packet (logging, authorization, rate limiting...)
// do not forget to call next() at the end

The next method can also be called with an error object. In that case, the event will not reach the registered event handlers and an error event will be emitted instead:

io.on("connection", (socket) => {
socket.use(([event, ...args], next) => {
if (isUnauthorized(event)) {
return next(new Error("unauthorized event"));

socket.on("error", (err) => {
if (err && err.message === "unauthorized event") {

Note: this feature only exists on the server-side. For the client-side, you might be interested in catch-all listeners.


On the server-side, the Socket instance emits two special events:


This event is fired by the Socket instance upon disconnection.

io.on("connection", (socket) => {
socket.on("disconnect", (reason) => {
// ...

Here is the list of possible reasons:

server namespace disconnectThe socket was forcefully disconnected with socket.disconnect
client namespace disconnectThe client has manually disconnected the socket using socket.disconnect()
server shutting downThe server is, well, shutting down
ping timeoutThe client did not send a PONG packet in the pingTimeout delay
transport closeThe connection was closed (example: the user has lost connection, or the network was changed from WiFi to 4G)
transport errorThe connection has encountered an error


This event is similar to disconnect but is fired a bit earlier, when the Socket#rooms set is not empty yet

io.on("connection", (socket) => {
socket.on("disconnecting", (reason) => {
for (const room of socket.rooms) {
if (room !== {"user has left",;

Note: those events, along with connect, connect_error, newListener and removeListener, are special events that shouldn't be used in your application:

// BAD, will throw an error

Complete API

The complete API exposed by the Socket instance can be found here.