I'm currently working on a project which involves working with socket.io. For now, the user can query some api endpoints (let's say for example /login/facebook) with relevant data and gets a signed JWT if the authentication succeeds.
The socket.io part of the application works with JWT authentication. I'm using auth0/socketio-jwt middleware to handle the authentication. The thing is, the middleware is being relied upon only when the user first connects to the websocket server. Basically, a user would still be connected even if the JWT expires.
I saw some questions related to the same issue but none of the answers provided a way to implement this in a fashion that would prevent code redundancy.
tl;dr: What's the neatest way to handle jwt authentication with socket.io ?
via aslad
No comments:
Post a Comment