nodejs & socket.io vs php - auth & integrate to php app

Question

Please, I need a push (or kick) because I am feeling lost.

I have to write some kind of portal, which I would like to do by using php+mysql via ajax. There is no problem with that, but part of the portal should be working in realtime - so , because I've been messing around with node.js & socket.io for while, and I think its pretty awesome, I am going to use it. The problematic part is that I would like to get pushed on the right way to solve this:

I'm going to authenticate users in that php "portal thing" by setting and checking php sessions - really simple way to log user in, log user out, saving hash and microtime hash to database etc.

But how should I use this kind of signature and authentication in socket communication? Is something shown in diagram below reasonable and legal?

If anyone could redirect me somewhere or point out risks and things I should be worried about.

It may be all stupid and nonsense. My problem is that I am newbie with node&socket (Ive been coding some simple chats etc..).

Thanks for any suggestions!

Answer 1

Its great that you are using node.js. I have been playing with it recently. Its Awesome!

There is a way you can use the PHP session in Nodejs. All you need to do is use the separate DB for session storage which can be accessed by both PHP and NodeJS. So this will fix your user 'Authenticaion' in both side.

I chose Redis over Memcache for custom session storage because you don't want to lose all your existing session data on server restart. For Nodejs you can easily search, install and configure the Redis.

Refer here for more useful info http://ericterpstra.com/2013/03/use-redis-instead-of-mysql-for-codeigniter-session-data