I think current logic assumes there is current user before broadcast can happen. I had to do fake a user record with an arbitrarily large id to make broadcast work. What I am trying to do is to have light feature that user without logging in can try with assigned session_uuid in the browser session. Because I always subscribe to an actual AR object with different id and there is already encryption of channel name, there is no risk of them seeing each other's data.
module ApplicationCable
class Connection < ActionCable::Connection::Base
include SetCurrentRequestDetails
identified_by :current_user, :current_account, :true_user
impersonates :user
delegate :params, :session, to: :request
def connect
self.current_user = find_verified_user
set_request_details
self.current_account = Current.account || Account.new(id: 10000000000)
logger.add_tags "ActionCable", "User #{current_user.id}", "Account #{current_account.id}"
end
protected
def find_verified_user
if (current_user = env["warden"].user(:user))
current_user
else
User.new(id: 1000000000)
# reject_unauthorized_connection
end
end
is there a more elegant way on the framework level to handle this?
I think current logic assumes there is current user before broadcast can happen. I had to do fake a user record with an arbitrarily large id to make broadcast work. What I am trying to do is to have light feature that user without logging in can try with assigned session_uuid in the browser session. Because I always subscribe to an actual AR object with different id and there is already encryption of channel name, there is no risk of them seeing each other's data.
is there a more elegant way on the framework level to handle this?