nodejs + websocket session confusion
I'm really confused how to set up sessions with my nodejs application. I'm
using express + socksjs and I have trouble understanding how to bind the
ws connection to specific user session.
On the sockjs page they say not to use cookies for authorization but if I
don't send the session from the cookie when establishing the ws connection
(the cookie with session set earlier by express) how can I bind that
specific ws connection with specific user?
I'd like to achieve these simple goals: - User (logged in or guest) visits
the page and establishes ws connection - I store in redis the key value
pair of connection id and session so I know which user given ws connection
belongs to
How to do that if I can't send the session from cookie just after
establishing the ws connection? Even if I wanted, the cookie is not
available due to being HttpOnly and thus not readable through js.
No comments:
Post a Comment