Juggernaut / Socket.io 和验证单用户频道订阅
我是 Node JS 和 Socket IO 的新手,但我听说过很多关于它们的好消息,所以我想看看它们作为实时通知系统的用途。
在我的场景中,用户将打开一个套接字来侦听发布给用户的通知 - 每个用户将打开一个与自己的通知的连接,而不是“公共”通道。
var jug = new Juggernaut;
var channel = "/user/" + userId + "/notifications";
jug.subscribe(channel, function(data){
console.log("Got data: " + data);
});
因此,在几乎所有情况下,都会有 1 个用户订阅 1 个频道。
我有两个顾虑:
- 我见过的所有 Juggernaut 示例都涉及多个客户端订阅 1 个频道 - 这让我认为它不是为 1-1 通信而设计的。
- 有没有一种方法可以添加身份验证,以便只有指定的用户才会收到消息(IE,当前登录的用户是唯一可以订阅他/她的通知频道的用户)。如果有一种方法可以在订阅时传递额外的数据,那可能就足够了(散列用户 ID 并将其用作令牌?)。
有没有人有过使用 Juggernaut 的经验,以前可能遇到过这种情况?
I'm new to Node JS and Socket IO, but I've heard a lot of good things about them so I wanted to take a look at them for use as a realtime notification system.
In my scenario, a user will open a socket to listen for notifications that are posted to the user -- each user will open up a connection to their OWN notifications, not a "public" channel.
var jug = new Juggernaut;
var channel = "/user/" + userId + "/notifications";
jug.subscribe(channel, function(data){
console.log("Got data: " + data);
});
So in almost all cases it will be 1 user subscribing to 1 channel.
I have 2 concerns:
- All of the Juggernaut examples I've seen involve multiple clients subscribing to 1 channel -- this makes me think that it's not designed to be used for 1-1 communications.
- Is there a way to add authentication so that only specified users will receive the message (IE, the currently logged in user is the only one who can subscribe to his/her notification channel). If there was a way to pass additional data on subscribe it would probably be sufficient (hash the user id and use that as a token maybe?).
Does anyone have any experience with Juggernaut that might have encountered this scenario before?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
发布者的多个订阅者和一个订阅者之间有什么区别?
“确定”。要求通道进行身份验证,并且由于它将通过用户 ID 进行身份验证,因此您已经知道保护它所需的内容。
至于如何让主宰者进行身份验证,看起来您可以发布主机标头来为您处理该问题。
What is the difference between many subscribers and one subscriber to the publisher?
Sure. Require the channel to have authentication and since it's going to be by userid, then you already know the things you need to secure it.
As for how to get juggernaut to do authentication, looks like you can post host headers to handle that for you.