Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
J
J
jeruthadam2019-06-28 15:31:53
User identification
jeruthadam, 2019-06-28 15:31:53

Authorization on websockets? How to transfer a token?

I understand that it is impossible to put your own headings (except for the protocol).
Cookies are not suitable due to cross-domain requests.
Only query remains, but how safe is it?
I want to authorize at the moment of connection, and not in subsequent onmessage.
What is the right way to do this on websockets?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
Ivan Shumov, 2019-06-28
@inoise

1. Wss instead of WS
2. When connecting to a socket, send an auth message with a token (jwt, for example) and let the server remember this session until the token dies

Similar questions
S
sazhyk2015-09-23 09:04:34
How to make login to Django site only after authorization? 2Reply
R
Robotex2011-01-29 05:00:40
Interaction of a client-server application in C, a site in PHP and a third-party site 1Reply
I
ipetropolsky2011-03-04 21:25:39
Browser Authorization 1Reply
B
Boris2018-02-10 13:15:29
SPA and REST API - how to correctly build authentication? 7Reply
A
alexrock2011-04-21 10:00:12
How to determine user authorization in My World? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question