AUTH如何与Socketio一起使用?
我是Web插座的新手(专门针对Socketio接口,包括客户端和服务器),我想知道通常如何实现基本JWT auth。标题如何通过。我应该将它们添加到每个插座听众或发射事件中吗?或仅在连接期间一次。也许由于连接ID,连接已经被视为私有?
我正在使用socket.io-client v.4和烧瓶插座。 我对一般实践感兴趣,并感谢您的任何信息或您自己的经验。
I'm new to web sockets (specifically to socketIO interfaces, both client and server), and I wonder how basic JWT auth is usually implemented. How the headers are passed through. Should I add them to every socket listener or emit event? Or just once during the connection. Maybe the connection is already considered private because of the connection id?
I am using Socket.io-client v.4 and flask-socketio.
I am interested in general practices and would be grateful for any information or your own experience.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
连接时有多种通过身份验证的方法:
auth在标题中传递令牌的选项(直接通过WebSocket连接时无效):
同一站点cookie始终传递给服务器。要通过cookie跨站点:
要在查询字符串中传递:
用
auth> authoption(socket.io v3及以上)传递它:There are many ways to pass authentication when you connect:
authoptionTo pass a token in a header (not valid when connecting directly via WebSocket):
Same site cookies are always passed to the server. To pass cookies cross-site:
To pass it in the query string:
To pass it with the
authoption (Socket.IO v3 and up only):