scttnlsn / backbone.io

Backbone.js sync via Socket.IO
http://scttnlsn.github.io/backbone.io
540 stars 66 forks source link

auth/login using backbone.io? #27

Closed mac100 closed 11 years ago

mac100 commented 11 years ago

Hey

I'm currently working on a project that requires users to login to the system, but am confused as to how I would go about doing this with backbone.io or even if I should be using backbone.io to do this.

What do I use if I don't wish to broadcast a clients data back out to the other clients? Would I be able to retrieve the clients socket.id and use this as the channel identifier, or would it be best to avoid backbone.io for use cases where data should not be synchronized back to other clients, in which case, how would I use socket.io while still having backbone.io for other processes?

If you can find the time to reply to this question it would be really, really appreciated.

Many Thanks, Mac

scttnlsn commented 11 years ago

Check out examples/auth.js...it uses the session generated by Express/Connect to authorize each Backbone.IO "request".

Creating a separate channel for each client would certainly work as a means to prevent data from being distributed to all connected clients.

More ideally, it would be nice to be able to control this via the middleware on the server. i.e. req.end(data, { silent: true })

mac100 commented 11 years ago

Having res.end(data, { silent: true }) would be great, although I can't figure out how I would be able to access res.end's new second parameter in order to prevent

socket.broadcast.emit('synced', req.method, result);

from running in index.js

I am also currently sending the username and password via

this.collection.create({ username: this.$('#username').val(), password: this.$('#password').val()}});

and I'm not sure if this is really the best way to be doing this, would you have any suggestions?

Many thanks for your earlier reply/time, it's much appreciated

Mac

scttnlsn commented 11 years ago

Any reason in particular you want to create the session client-side? I guess I would recommend submitting a login form that reloads the page and then presents your Backbone.IO app. If you're still wanting to do things client-side with Backbone.IO I'd say that you just need to make sure that your "session" backend/middleware just doesn't pass the given password to res.end().

mac100 commented 11 years ago

I'm using

this.collection.create({ username: this.$('#username').val(), password: this.$('#password').val()}});

to send the username and password from the client side to the server-side script, as my app's only means of communication with the server is through websockets, and all of the client side JS and HTML will be running local I just wondered if there was a better way to send over the username and password to the server, as I am currently doing this using the create method, but I'm not really 'creating' anything :/

scttnlsn commented 11 years ago

Presumably you're creating a session or auth token, etc. If you feel like having a Backbone collection and Backbone.IO backend for this is too much then just use Socket.IO directly: socket.emit('login', username, password, function(...) { ... }).

mac100 commented 11 years ago

Yes, I think this is likely the best approach for the login side of things. Thank you for your help!

scttnlsn commented 11 years ago

No problem!