The team has discussed and our current thoughts are to add a simple authentication interface to simplify adding authentication and security conductor instances. This will include:
Creating a interface that can be implemented that will have functions that check for authentication on:
-
Check if a client can connect to the conductor instance. This will be done through HTTP headers on the upgrade. The client will send their auth_token along which can be validated if the user can connect to the instance or not. This will also all a simple form of user identification.
-
Binding to a stream. The server can ensure the user has permission to bind and message to a stream.
-
Invite opcode. This is useful in requesting a client bind to a stream and has knowledge of said stream. The difficulty of this opcode will be how to properly deal with the concept of a "user" vs client.
The team has discussed and our current thoughts are to add a simple authentication interface to simplify adding authentication and security conductor instances. This will include:
Creating a interface that can be implemented that will have functions that check for authentication on:
Check if a client can connect to the conductor instance. This will be done through HTTP headers on the upgrade. The client will send their auth_token along which can be validated if the user can connect to the instance or not. This will also all a simple form of user identification.
Binding to a stream. The server can ensure the user has permission to bind and message to a stream.
Invite opcode. This is useful in requesting a client bind to a stream and has knowledge of said stream. The difficulty of this opcode will be how to properly deal with the concept of a "user" vs client.