codingtomato05/03/2022, 2:28 PM
rp05/03/2022, 2:29 PM
codingtomato05/03/2022, 2:32 PM
rp05/03/2022, 2:34 PM
as usual. During each even fire, you can auth the user in two ways: - Method 1: Create a JWT using
function and provide the user's ID in the payload. You can then pass this JWT to the frontend and verify it in each socket event. - Method 2: Send the session's sessionHandle to the frontend and send that on each socket event. You can then query the supertokens core to get info (like the userID) from the session handle. Method 1 is much faster since it's stateless verification, but method 2 is more secure since revoking a session will terminate the socket connection auth immediately.
codingtomato05/03/2022, 2:36 PM