Open brandon-reinhart opened 2 years ago
Yep currently naia works by establishing it's own protocol on top of an established WebRTC data channel. This is not ideal. Authentication should happen before WebRTC establishes a connection, not after. Thank you for the heads up on this :+1:
If we force an auth failure, the server will continue to send heartbeats to the client for some time. The client doesn't know what to do with these:
After a bit, the server times out the connection, but then tries to begin a new channel connection. This doesn't work because the client is no longer engaged:
I would expect that a rejection would close to the connection, not send heartbeats, and not attempt to renegotiate with a rejected client.