Websocket is a permanent open connection. You only need to consult once when connecting to the web schedule.
Just send your cookie to login to node.js once and save it on the server with a link to the socket connection. Then process messages only from authenticated users and transmit them only to authenticated users.
The problem is that client-side users can easily fake this cookie as node does not talk to php to make sure it has a valid login cookie.
An example using now .
warning pseudo code
// server.js everyone.now.joinChat = function(cookie) { chat.add(this, cookie); } everyone.now.serverMessage = function(message) { if (chat.hasUser(this)) { chat.broadcast(message); } } chat = (function() { var users = []; return { "add": function(client) { users.push(client); }, "hasUser": function(client) { return users.some(function(user) { return user === client; }); }, "broadcast": function(message) { users.each(function(user) { user.clientMessage(message); }); } } }()); // client.js $(function() { now.joinChat($.cookie("login")); $("#send").click(function() { now.serverMessage($(this).data("message")); }); now.clientMessage = function(message) { $("#messages").append($("<span></span>").text(message)); } });
Raynos
source share