ruby - Private channels with Pusherapp (using Rails) -

-

i got through hello world pusherapp. want create private channels users read messages supposed read.

the pusher docs give details on how this, , i'm kind of lost.

from docs:

... pusher js library returned socket_id when connects pusher.

when attempts subscribe private channel, sends ajax request server channel_name , socket_id parameters.

the default url http://yourserver.com/pusher/auth. ...

class pushercontroller < applicationcontroller   def auth     if current_user       response = pusher[params[:channel_name]].authenticate(params[:socket_id])       render :json => response     else       render :text => "not authorized", :status => '403'     end   end end

given unique user id (current_user.id), how can authenticate user have him/her subscribe corresponding channel?

thanks

this blog post on implementation seems explain things bit more: https://pusher.com/docs/client_api_guide/client_private_channels

the authorization scheme based on idea that, rather implementing custom user authentication, , adding complexity , state pusher, should trust existing level of authentication offered application. wanted ensure reading data sent application browser not able connect channel user, , therefore couldn't include secrets in page html.

sounds application's business logic should authenticate user , decide should access private channel.

their diagram shows:

enter image description here

once authenticated, app requests subscribe user. pusher replies socket_id. connected using that.

here's how describe it:

as shown in diagram, unique socket id generated , sent browser pusher. sent application (1) via ajax request authorizes user access channel against existing authentication system. if successful application returns authorization string browser signed pusher secret. sent pusher on websocket, completes authorization (2) if authorization string matches.

the example @ bottom of blog post further clarifies:

suppose have channel called project-3, users , b have access, not c. you'd make channel private user c cannot listen in on private events. send events private-project-3 , subscribe in browser. long you're using latest javascript (version 1.3 or above), you'll see post request made application /pusher/auth. fail, , therefore subscribe request not made socket.

so, me sounds like: 1) request subscribe sent pusher 2) pusher posts /auth method determine if user can access channel 3) if business logic allows user access channel, auth method returns "ok" response:

auth = pusher[params[:channel_name]].socket_auth(params[:socket_id])      content_type 'application/json'     return json.generate({       :auth => auth     })

i haven't used pusher itself, model seems mirror structure of other push-based models. hope helps!


Comments

Post a Comment

Popular posts from this blog

Javascript line number mapping -

-
magically formatted comments change reported line number of javascript errors in browsers; this: //@line n "f" n line number , f file name. unfortunately, //@line appears ungoogleable. know there documentation on feature, , browsers support it? (i found references here , here .) from can find available in mozilla based browsers. it using js_setoptions command can turn these options on or off depending on values passed. https://developer.mozilla.org/en/js_setoptions
Read more

c# - Is it possible to remove an existing registration from Autofac container builder? -

-
something along lines: builder.registertype<mytype>().as<itype>(); builder.registertype<mytype2>().as<itype>(); builder.deregistertype<mytype>().as<itype>() var container = builder.build(); var types = container.resolve<ienumerable<itype>>(); assert.istrue(types.count == 1); assert.istrue(types[0].gettype == typeof(mytype2)); scenario: go through bunch of assemblies , go register types want make sure have 1 implementation of given type. need before create container. track on own nice if autofac me bit. this cannot done directly using containerbuilder , unless start on new one. mind you, having first built container should able construct new container filtering away unwanted types , reusing registrations first container. this: ... var container = builder.build(); builder = new containerbuilder(); var components = container.componentregistry.registrations .where(cr => cr.activator.limittype != typ...
Read more

php - Mysql PK and FK char(36) vs int(10) -

-
i have read mysql can handle indexes , searches better if tables keys integers rather char(36) uuid's. is worth converting int(10)? note: use 1 server , have have plans use multiple databases concurrently therefore removing 1 of big reasons using uuid. our tables innodb if makes difference. thanks in advance. usually rdbms can handle integer keys pk more efficient, other datatypes. reason how build index column, yes: long dont require string (or other typed) keys, should use integers. however: char(36) , int(10) far away being equal, because int(10) much smaller, char(36). dont know, if require many different keys, should keep in mind. update, complete last paragraph: int(10) 32-bit, char(36) 36 - ^byte^ (= 288-bit). not mean, int consumes less space, means, char(36) has 4 times more different keys.
Read more