-
Notifications
You must be signed in to change notification settings - Fork 571
Open
Labels
Description
It would be helpful if the library would allow for easy custom auth mechanisms. This would require maintaining an auth state flag that the implementor can control (since basic auth can be problematic due to #116).
A possible way would be:
- add
webSocket(num).requireAuth()
-> default = false - In WStype_CONNECTED, we can set
webSocket(num).requireAuth(true)
- if requireAuth is set:
- Next sending event of that client will trigger WStype_AUTH
- Broadcasts will not be sent to that client
- (send() to that client only from within the WStype_AUTH event - tbd)
- If successfully authorized, one sets
webSocket(num).requireAuth(false)
This should be perfectly backwards-compatible. Just a suggestion. Right now I have to override all broadcast()
methods, which is a ugly.