javascript - Faye: How to disable specific channel for publish by clients? -
oh, hi
i create chat app server written node.js , faye.
- clients subscribe
/messages/new messages going way:
client
--[publish /messages]-->server side client--[publish /messages/new]-->clients
but if i'm anonymus h4x0r can edit client js file , make client publish messages not on /messages, on /messages/new. messages pass on server side client , go directly clients. want messages go via server side client, cause server magic: validates token, saves message in redis database , logs
question
how disable specific channel publish clients?
should write custom engine? didn't find channels configuration in faye server. let me know, if want see code, dunno show you.
note
createserver = -> server = http.createserver() server.listen settings.serverport bayeux = new faye.nodeadapter ################################## mount: '/faye' # "server side client" timeout: 45 # lol bayeux.attach server ################################## fayeclient = bayeux.getclient() log "listening on port #{settings.serverport}..." return [fayeclient, bayeux] edits
- edit: rename "server" "server side client"
- edit2: add
note
damn, i'm dumb.
every message goes through server extensions, after send listeners (other clients).
- i added token server side client.
- check token in incoming extension
- if token incorrect, not propagate message (don't run callback).
my code:
incoming: (message, callback) -> # validate, if message has been sent server if message.channel == channels.newmessages # /messages/new # added token server side client if message.data.token != settings.servertoken return # if message token incorrect, don't run callback callback(message) # send message listeners
Comments
Post a Comment