stackoom
  简体   繁体   中英

Send Authorization Credentials to Django-channels WebSocket (without setting token as cookie)

 原文  2018-12-06 12:00:32       javascript/ websocket/ django-rest-framework/ authorization/ django-channels

Question

I have a websocket that i want to be authenticated with Token Authorization on handshake on opennig. I looked for answers for this problem and almost all of them suggested to store Authorization cookie first with javascript then connect to web socket (so the header will be sent from cookie stored in web page).

But I prefer to not store the token in browser cookie and just send it in my websocket request scope.

Here is a simple javascript code to connect to websocket. I really appreciate it if any one help me on this context: 

<script>
const socket = new WebSocket('ws://localhost:8001/announcement');

socket.onopen = function open() {
  console.log('WebSockets connection created.');
};

// Listen for messages
socket.addEventListener('announcement', function (event) {
    console.log('Message from server ', event.data);
});
</script>

1 answers

solution1
 2 ACCPTED  2018-12-06 14:32:09

I found a solution. Correct me if I'm wrong.

Right after web socket connection established, send the token to server. And in Server (in my case django channels) in receive method, I fetch that token and if token is valid, I update the connection information, And if the token is not valid disconnect the connection.

something like this:

js file: 

const socket = new WebSocket('ws://localhost:8001/announcement');

socket.onopen = function open() {
  console.log('WebSockets connection created.');

  let authData = {'token': '<valid-token-here>'}
  socket.send(JSON.stringify(authData));

};

and on server side (django for example): 

def receive(self, text_data=None, bytes_data=None):
    if self.scope['user'].id:
        pass
    else:
        try:
            # It means user is not authenticated yet.
            data = json.loads(text_data)
            if 'token' in data.keys():
                token = data['token']
                user = fetch_user_from_token(token)
                self.scope['user'] = user
        except Exception as e:
            # Data is not valid, so close it.
            print(e)
            pass

    if not self.scope['user'].id:
        self.close()

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question WebSocket connection fails Django-channels Django-channels:chatSocket.onmessage or chatSocket.send does not work How to process messages with django-channels 2? Not Found “/lobby/” django-channels routing error Django Channels WebSocket argument django channels custom token authenticated Websocket keeps disconnecting ERR_CONNECTION_RESET Django channels using secured WebSocket connection - WSS:// Django channels websocket not receiving data sent I have issues with authorization, I am able to login and send the refresh token to cookie and db but cannot save access token to header using axios Django response setting a json as a cookie
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM