PHP

How to authenticate application user when connecting to RabbitMQ via WEB-STOMP protocol?

Initial data
Given: WEB-application in PHP with a frontend in JS, as well as RabbitMQ, which is also used as a websocket server operating via the STOMP protocol (web-stomp-plugin).
The interaction scheme is standard: the front-end application, using stomp.js, connects to RabbitMQ, logging in with a login and password. On RabbitMQ, fanout type exchanges are created for each registered user of the web application - they are used to send push messages towards the frontend. The frontend immediately connects to RabbitMQ after loading, creates a temporary auto-kill queue and connects it to a specific exhange associated with the current user of the web application. Now, if the backend sends a message to the user's exchange, it will immediately go to all queues connected to it and will be transferred to the frontend side using the stomp protocol. This circuit works great.
Problem
The fact is that having studied the source js code on the frontend or the traffic, you can find the login and password for connecting to RabbitMQ, as well as the name of the exchange to which the queue created by the frontend is connected. Having this data, you can connect to RabbitMQ without authorization, as well as create a queue and connect it to any exchange, intercepting information that is intended for other users.
Question
How can I organize access to a specific exchange only within a known session? Or in some other way? Surely there are standard solutions to this security issue, implemented by means in RabbitMQ.