Open jamesrusso opened 1 year ago
ronlut
commented
1 year ago @benjamin-tang-pusher @samuelyallop-pusher @benw-pusher Same question here. Not sure what's the state with the new authentication flow in the client and our python server should be. Thanks
benw-pusher
commented
1 year ago I'll raise this internally, this may have been an oversight.
hhhroot
commented
1 year ago @benw-pusher Can I know when user authentication will be supported? Was there an internal roadmap or meeting?
stale[bot]
commented
1 year ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you'd like this issue to stay open please leave a comment indicating how this issue is affecting you. Thank you.
andersonrocha0
commented
1 year ago I created a PR with some "user" functions:
andersonrocha0
commented
1 year ago @benw-pusher do I need to do anything else regarding the opened PR?
Thx
andersonrocha0
commented
1 year ago @benjamin-tang-pusher @samuelyallop-pusher @benw-pusher any news about the opened PR?
Thanks so far.
benjamin-tang-pusher
commented
1 year ago Hey, I will test your PR and see if its good enough to be merged.
shakeeb1998
commented
1 year ago was this merged?
andersonrocha0
commented
1 year ago was this merged?
Not yet. I'm waiting too.
urkh
commented
8 months ago :cricket: :cricket:
edit:
Since this library seems a bit outdated, and Pusher documentation is not enough clear, I did this based on the work of @andersonrocha0 in https://github.com/pusher/pusher-http-python/pull/207
I did this to use it with DRF. You need to call generate_pusher_response method and pass socket_id param with ::user:: for authentication or :chanel_name to authorize the channel. Then, return that result as JSON
hope it helps someone
import json
from django.conf import settings
from pusher import sign
from rest_framework import status
from rest_framework.response import Response
def generate_pusher_response(socket_id, prefix, user_data_encoded=None):
response = {
'auth': generate_auth_string(socket_id, prefix, user_data_encoded),
}
if user_data_encoded:
response['user_data'] = user_data_encoded
return response
def generate_auth_string(socket_id, prefix, user_data_encoded=None):
string_to_sign = f'{socket_id}{prefix}{user_data_encoded or ""}'
signature = sign(settings.PUSHER_APP_SECRET, string_to_sign)
return f"{settings.PUSHER_APP_KEY}:{signature}"
class PusherAuthentication(APIView):
def post(self, request, *args, **kwargs):
socket_id = request.data.get('socket_id')
response_data = {}
response_status = status.HTTP_403_FORBIDDEN
try:
user_data = {'id': str(request.user.id)}
user_data_encoded = json.dumps(user_data)
response_data = generate_pusher_response(socket_id, '::user::', user_data_encoded)
response_status = status.HTTP_200_OK
except Exception as e: # noqa
pass
return Response(response_data, status=response_status)
class PusherChannelAuthorization(APIView):
def post(self, request, *args, **kwargs):
socket_id = request.data.get('socket_id')
channel = request.data.get('channel_name')
room_id = channel.removeprefix('private-channel-')
response_data = {}
response_status = status.HTTP_403_FORBIDDEN
if request.user.rooms.filter(id=room_id).exists():
try:
response_data = generate_pusher_response(socket_id, f':{channel}')
response_status = status.HTTP_200_OK
except Exception as e: # noqa
pass
return Response(response_data, status=response_status)
ctwillie
commented
2 months ago Bump
Is the lack of user authentication intentional for this library? Seems like the preferred method is now to use signin() method which would cause a POST to the user-auth endpoint (compared with just joining a private channel).