You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A feature request I have would be for the configuration for authenticate to pass in more than the token. I would like to restrict who can access a particular document, but as it is, I am unable to access the URL from the socket.io handshake. Preferably, the entire handshake would be passed instead of just the auth.
I can see a workaround by manually registering with the dynamic namespace after initialization, but that's inelegant.
The text was updated successfully, but these errors were encountered:
Hi, I think it's a good idea, currently you can already pass more than just the token. For example, to check a user ID to see if they have permissions to access the document or to deny their access, you can do the following:
// ...constauthenticate=(authorization)=>{if(!auth.token||auth.token!=='valid-token')returnfalse;elseif(auth.userId!=='my-user-id')returnfalse;// Here you can validate and manipulate to your liking all the information of the auth object...}constysocketio=newYSocketIO(io,{authenticate: authenticate,})// ...
However, doing these little code snippets, I realize that:
1.- The server-side authentication function should be able to accept promises in case the permissions are stored elsewhere (eg in mongodb or MySQL)
2.- The server-side authentication function could provide the yjs document itself as a parameter of the authentication function in case the access data is in the document
In the next version post I'm going to include these two points I just mentioned in addition to the handshake forwarding as well.
A feature request I have would be for the configuration for authenticate to pass in more than the token. I would like to restrict who can access a particular document, but as it is, I am unable to access the URL from the socket.io handshake. Preferably, the entire
handshake
would be passed instead of just theauth
.I can see a workaround by manually registering with the dynamic namespace after initialization, but that's inelegant.
The text was updated successfully, but these errors were encountered: