3rd-Eden
commented
11 years ago Something like https://github.com/joyent/node-http-signature might be suitable as well.
Open 3rd-Eden opened 11 years ago
3rd-Eden
commented
11 years ago Something like https://github.com/joyent/node-http-signature might be suitable as well.
Broadcasting is done through HTTP
PUTmessages against the/stream/broadcast/route. There's some basic data validation done to ensure that don't receive any broken information but these routes are still approachable from the outside.We should add some basic authentication to these routes to prevent hacker from broadcasting messages to all our users. The easiest way to do this would be generate a random username + password when the server is generated and to store these details with every host + socket.io inside of redis. If we probably sandbox and firewall redis, it should be good enough.