You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is there some way to have authentication mechanism or have session data based on ws connection?
Basically I would like to register methods that are usable anonymously (eg. login) and methods that require authenticated connection (eg. getPermissions). So on client connect, when calling getPermissions I would get some error, but calling it after successful login, I would get my data.
This use-case could be achieved by passing socket (<ws.WebSocket>) to registered method handler as second argument. Then registered methods can set and check custom properties.
Currently only way to achieved this is to return some token with login and require it on getPermissions. But because ws connections are not shared, then if feels strange to pass some session tokens to methods.
The text was updated successfully, but these errors were encountered:
@petslane: this feature is not available at this time. It's clearly an interesting use-case and it might be implemented without much difficulty.
ws' connection event has all sufficient parameters to handle login data such as cookies, etc., so it might be handled on server-side to mark the connection as logged in or anonymous.
We could introduce a special protected method _login or such where you'd be able to provide your own authentication middleware. You'd also be able to register rpc methods as "private" that could only be called when authenticated.
Is there some way to have authentication mechanism or have session data based on ws connection?
Basically I would like to register methods that are usable anonymously (eg.
login
) and methods that require authenticated connection (eg.getPermissions
). So on client connect, when callinggetPermissions
I would get some error, but calling it after successfullogin
, I would get my data.This use-case could be achieved by passing
socket
(<ws.WebSocket>
) to registered method handler as second argument. Then registered methods can set and check custom properties.Currently only way to achieved this is to return some token with
login
and require it ongetPermissions
. But because ws connections are not shared, then if feels strange to pass some session tokens to methods.The text was updated successfully, but these errors were encountered: