English | 简体中文
live-stream-comment-auth principle is to capture the information sent by registered users on the live platform. The information must have a unique user ID (uid) representing a specific user.
For example, the danmu in bilibili live has a well-designed authentication data structure. It includes the uid of bili users and a 20-character space to pass messages. If the user wants to log in to a third-party platform, we can send a 20-character verification code to the user, and the user should send it to the selected bilibili live room as danmu. Therefore, we will capture the danmu message through the danmu machine. The message contains buid and the verification code.
- User request a verification code from the third party platform, we call it "vcode".
- User opens a bilibili live room and send the vcode as a Danmu.
- The live-stream-comment-auth worker program captures the Danmu and check if the vcode is valid.
- If the vcode is valid, the worker program will send a JWT token to the third party platform.
- User can use the JWT token to login to the third party platform.