|
|
|
|
|
|
by bham
6049 days ago
|
|
|
This looks fantastic. Thanks for writing it. How would you go about restricting access to channels to a specific user or users? My first take would be to issue an unguessable id upon successful authentication and use this id as the channel id -- a shared secret. Only those who should know the id do know it. I don't see support for streaming; the connection to the long-polling client is closed after consuming. Are you planning on adding support for streaming new messages as they are published? |
|
|
Though it just looks like a stub for now.
Also, I read the following here: http://github.com/slact/nginx_http_push_module/issues/unread...
"Meanwhile, you can use your application to do the authenticating, and generate ids for already-authenticated clients from a large enough (> 2^128) keyspace for security."
So, there, I did my homework.