How to authenticate Socket.IO with PHP Session ID in domains

Question

How to authenticate Socket.IO with PHP Session ID in domains

I have the installation of node / Socket.IO on node.mydomain.com and the Apache / PHP stack on www.mydomain.com.

I am currently doing authentication with something like this:

Client : when connected, send a custom authorization event that includes PHPSESSID to the server
Server : on authorization , make an api.php call using this cookie to get information about the user, send this identification information to the client.
Client : actions can now be performed using this identifier

This is a bit kludgy since Socket.IO has a place for authentication (on this wiki ) that I would like to use. The problem is that I do not know how to send PHPSESSID cookie information from the client to the server. They are located in different domains, so the browser does not include them in the request.

Any ideas?

+4

authentication php cookies session socket.io

Alexi Kostibas Nov 02 '11 at 10:40

source share

1 answer

Tobias Sjösten · Answer 1 · 2012-04-21T19:59:19+0000

I would recommend switching session processing and using Redis instead, which is also faster than file-based default session processing.

Install Redis server first . After that, you will add the phpredis extension to PHP by first compiling it and then setting up php.ini to use it.

 extension=redis.so session.save_handler = redis session.save_path = "tcp://localhost:6379/"

From Node.js, you can read these sessions using the node_redis module.

How to authenticate Socket.IO with PHP Session ID in domains

More articles: