search

SemoxyMC / Server

The backend code for Semoxy
GNU General Public License v3.0
0 stars 0 forks source link

WebSocket Changes #18

Closed xImAnton closed 3 years ago

xImAnton commented 3 years ago

We don't need WebSocket tickets, so we just authenticate the client with the session ID. The session token should not be included in the url because it is not encrypted with https. Instead, the session token should be transmitted as the first client -> server packet. The authentication packet could look like this:

{
  "action": "LOGIN",
  "data": {
    "sessionId": "token"
  }
}
xImAnton commented 3 years ago

added in https://github.com/SemoxyMC/Server/commit/b83dc304f059ec0a69279db72eff77445a39fcc7