Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>




I am using a Node.js based https server that authenticates using HTTP Basic (which is fine as the data are sent over the SSL encrypted connection).

Now I want to provide a connection which should be

  1. encrypted and
  2. for authenticated users only.

The question is how to do this. I already found out that I need to specify { secure: true } in the client JavaScript code when connecting to the socket, but how do I force on the server-side that socket connections can only be run over SSL, and that it works only for authenticated users?

I guess that the SSL thing is the easy part, as the server is bound to the https server only, so it should run using SSL only, and there should be no possibility to run it over an (additionally) running http server, right?

Regarding the other thing I have not the slightest idea of how to ensure that socket connections can only be established once the user successfully authenticated using HTTP Basic.

Any ideas?

Problem courtesy of: Golo Roden


Although the answer by Linus is basically right, I now solved it in a more easy way using the - which basically does the same thing, but with way less custom-code to write.

Solution courtesy of: Golo Roden


View additional discussion.

This post first appeared on Node.js Recipes, please read the originial post: here

Share the post



Subscribe to Node.js Recipes

Get updates delivered right to your inbox!

Thank you for your subscription