I've written a Websocket-API using socket.io.
Let's say that after establishing the connection the server waits for a login
-event with a payload like {username: String, password: String}
.
The server then answers with the events login:accept
or login:deny
.
Only if the login was successful the server then responds to an event tweets:get
with an event tweets
(that has an array of tweets as payload).
Is there a standardized way to document APIs like this one? Do you have any recommendations and experiences?
To create a WebSocket API using the API Gateway consoleSign in to the API Gateway console and choose Create API. Under WebSocket API, choose Build. Under Settings, in the API name field, enter the name of your API, for example, PetStore . Enter a Route Selection Expression for your API, for example, $request.
If you are writing a server, you should make sure to send a close frame when the server closes a client connection. The normal TCP socket close method can sometimes be slow and cause applications to think the connection is still open even when it's not.
close() The WebSocket. close() method closes the WebSocket connection or connection attempt, if any. If the connection is already CLOSED , this method does nothing.
The WebSocket is closed before the connection is established error message indicates that some client code, or other mechanism, has closed the websocket connection before the connection was fully established.
There's AsyncApi node tool to create machine-readable definitions, it's very similar to swagger but for asynchronous APIs, and there are tools to generate HTML such as AsyncApi docgen and widdershins.
You can build your documentation using either yaml
or json
, as an example:
asyncapi: "1.0.0"
topics:
"tweets:get":
publish:
$ref: "#/components/messages/getTweets"
tweets:
subscribe:
$ref: "#/components/messages/tweetsList"
Wheretopics
= events
, publish
= emit
, and subscribe
= on
in socket.io terms
after saying that, authentication using socket.io mostly depends on tokens, the user would send authentication token in the options.query
at the connection initiation time, and you authenticate the token at the backend, then you can disconnect the connection if authentication failed. No need for login:accept
or login:deny
const socket = io('http://localhost?token=abc');
// or
const socket = io({ query: { token: 'cde' } });
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With