Closed Thomas-1985 closed 2 years ago
Hi! I think you should be able to use a classic middleware:
io.of("/admin").use((socket, next) => {
const userRole = fetchRole(socket);
if (userRole.admin) {
next();
} else {
next(new Error("forbidden"));
}
});
Reference: https://socket.io/docs/v4/middlewares/
Ok an what do i have to do to the instrument
method then? Currently what i use for initialization is
instrument(this.socketServer, {
auth: {
type: "basic",
username: "admin",
password: "$2a$10...."
},
readonly: true,
namespaceName: "/socketui"
});
and then for the socket namespace for the ui
io.of("/socketui").use((socket, next) => {
const userRole = fetchRole(socket);
if (userRole.admin) {
next();
} else {
next(new Error("forbidden"));
}
});
Correct?
@Thomas-1985 yes, that should work. And if you don't want the user/password authentication, you can use auth: false
:
instrument(this.socketServer, {
auth: false,
readonly: true,
namespaceName: "/socketui"
});
Yes it works fine, thanks a lot! :)
Hi
I have embedded the ui in my app which features a role-based authentication (roles "user" and "admin"). As there are more then one user which should have the ability to connect to the ui, is there a callback or similar i can use for authentication?
I thought about connecting the ui to my
userRole
so that only users withuserRole.admin
can connect (if they authenticate correctly).Best, Thomas