Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Creating a user-socket association map #2323

Closed
wirespecter opened this issue Nov 24, 2015 · 2 comments
Closed

Creating a user-socket association map #2323

wirespecter opened this issue Nov 24, 2015 · 2 comments

Comments

@wirespecter
Copy link

Hi all,

I'm trying to implement a private messaging system using socket.io

In order to associate the users with their sockets, most sites are suggesting this:

var people = {};

client.on('connection', function(socket) {

    //join the server
    socket.on('add user', function(user_id) {
        //create user-socket map
        people[user_id] = socket.id;
    });

});

But isn't it wrong? The user_id is sent from the client side, so if the user modify it and send another user's id an impersonation will take place. How can someone avoid this?
@darrachequesne
Copy link
Member

Hi! I'd personally use the socket.id as key here people[socket.id] = user_id as you're sure it is unique and not messed-with.

Please note that StackOverflow (for example) would be better (and more responsive) for questions like that (as this is not really an issue 😉)

@wirespecter
Copy link
Author

ok @darrachequesne thanks!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@wirespecter @darrachequesne and others