Saturday 18 March 2017

Parse codeigniter's session data from redis

I made a simple login functionality that stores the following array into the session:

$sessionData=[
              'username'=>/*username of the loged in user*/,
              'user_id'=>/*user id of the logedin user*/
             ];

And I wanted the authorized user to be able to be able to chat into the following chat page that gets served via Codeigniter:

 <?php 
$this->load->helper('url');
?>
<!doctype html>
<html>
<head>
    <meta charset="UTF-8">
    <title>Messaging</title>
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">

    <link href="<?=base_url('assets/css/bootstrap/bootstrap.min.css');?>" rel="stylesheet"  >

    <script src="<?=base_url('assets/js/jquery.min.js')?>"></script>
    <script src="<?=base_url('assets/js/bootstrap.min.js')?>"></script>
    <script src="<?=base_url('assets/js/socket.io.min.js')?>"></script>
    <script>
        $(function () {
            var socket = io('http://localhost:3000');
            $('form').submit(function(e){
                e.preventDefault();
                socket.emit('chat message', $('#m').val());
                $('#m').val('');
            });

            socket.on('chat message', function(msg){
                    $('#messages').append($('<div class="col-xs-12">').text(msg));
            });
        });
    </script>
</head>
<body>
    <div id="messages" style="max-height:100%" class="container-fluid">

    </div>
    <div class="container-fluid">
        <div class="col-xs-12">     
            <form action="" class="form-inline bg-success">
                <div class="form-group">
                 <input id="m" type="text" class="form-control" autocomplete="off" />
                </div>
                <button class="btn btn-primary">Send</button>
            </form>
        </div>
    </div>
</body>

As you can see it uses socker.io on a node.js server listening into port 3000. But I want to put some authentication into the socket.io server in order not to be able for 3rd party applications with unauthorized users to use it.

As I noticed as long as the websocket uses the same domain the codeigniter';s cookie gets passed on the node.js' socket.io. So I thought that I needed a middleware in order to get coceigniters session data from redis.

So in the first place I wanted to have a look on how the data gets stored on redis server so I connected via redis-cli --scan --pattern '*' command and I got the following results:

ci_session:uipchhk7lfc5vmodndljquqsbs2ru02d
ci_session:gvmio1esujbscbh8847olbn4hkg5897n
ci_session:iejok3chmv025keh5g52lj3lps701umj

But they do not seem in any usefull form. So I wanted to know:

What are these data above? How I will get the session information I want from the node.js application?



via Dimitrios Desyllas
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)