improve client connection parameters description

centrifugal · Nov 5, 2015 · aac967c · aac967c
1 parent 2512f09
commit aac967c
Showing 1 changed file with 12 additions and 8 deletions.
diff --git a/client/connect.md b/client/connect.md
@@ -39,23 +39,27 @@ detect which endpoint to use (SockJS or Websocket) automatically based on SockJS
 `user` string is your web application's current user ID. It can be empty if you don't have logged in user
 but you must enable `anonymous` access option for channels in Centrifugo project/namespace configuration.
 
+Note, that **it must be string type** even if your application uses numbers as user ID. Just convert that
+user ID number to string.
+
 ### timestamp
 
-`timestamp` string is UNIX server time in seconds when connection token (see below) was generated. For example
-for Python this is `"%.0f" % time.time()` (or just `str(int(time.time()))`)
+`timestamp` string is UNIX server time in seconds when connection token (see below) was generated.
+
+Note, that most programming languages by default return UNIX timestamp as float value. Or with microseconds included.
+Centrifugo server **expects only timestamp seconds represented as string**. For example for Python to get timestamp in a
+correct format use `"%.0f" % time.time()` (or just `str(int(time.time()))`).
 
 ### token
 
-`token` is a digest string generated by your web application based on project secret key,
-project key, user ID, timestamp.
+`token` is a digest string generated by your web application based on project secret key, user ID, timestamp.
 
 To create token HMAC sha256 algorithm is used. To understand how to generate client connection token see
 special chapter "Tokens and signatures".
 
-Correct token guarantees that connection request to Centrifugo contains valid
-information about user ID and timestamp. Token is similar to HTTP cookie, client must never
-show it to anyone else. Also remember that you must always use private channels when working with confidential
-data.
+Correct token guarantees that connection request to Centrifugo contains valid information about user ID and timestamp.
+Token is similar to HTTP cookie, client must never show it to anyone else. Also remember that you should consider using
+private channels when working with confidential data.
 
 If you are using Python - then you can use `generate_client_token` function from `Cent` library to
 generate tokens for your users.