We should allow a simple token-based auth to restrict which paths a client is allowed to connect to. This way, we could create private /pub and a public /sub so that we can control what messages go out. This could also create protected /bus, and other simple things.
The token should be passed in the URL when connecting:
/pub/mypub?token=mysecrettoken
These tokens should be in the config file and mapped to which URLs they are allowed to access. URL access should contain wildcards like * and ** to match [^/]+ and .+ respectively.
We are going to build a pluggable, role-based auth system, so keep that in mind when developing this.
We should allow a simple token-based auth to restrict which paths a client is allowed to connect to. This way, we could create private
/puband a public/subso that we can control what messages go out. This could also create protected/bus, and other simple things.The token should be passed in the URL when connecting:
These tokens should be in the config file and mapped to which URLs they are allowed to access. URL access should contain wildcards like
*and**to match[^/]+and.+respectively.We are going to build a pluggable, role-based auth system, so keep that in mind when developing this.