Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Send auth_token for authentication to ActionCable

Tags:

ruby-on-rails-5

actioncable

module ApplicationCable
  class Connection < ActionCable::Connection::Base
    identified_by :current_user

    def connect
      #puts params[:auth_token]
      self.current_user = find_verified_user
      logger.add_tags 'ActionCable', current_user.name
   end

  end
end

I don't use web as end point for action cable, so I want to use auth_token for authentication. By default action cable use session user id for authentication. How to pass params to connect method?

like image 981
alxibra Avatar asked Feb 19 '16 09:02

alxibra

People also ask

How do I send an authentication token when I start a chat?

Follow these steps to send an authentication token when you start a chat: Generate a valid JWT from the JSON payload. More information: setAuthTokenProvider The live chat methods should be invoked after the lcw:ready event is raised.

What is the response to the token?

The response is a JSON string containing the token with the following schema. Exact values are indicated where they should not be changed. Types are indicated for the token values.

How do I get the access token for an Azure AD app?

Set the “Secret” field to the Client Secret of the Azure AD app registration. The HTTP Request action will then take care of handling the OAuth2 flow to get the access token needed for this request and return us back the list of Groups in our tenant. The raw input for the HTTP trigger after the Flow is run looks like this:

How to authenticate a shared mailbox connection using OAuth?

In case of shared mailbox access using OAuth, application needs to obtain the access token on behalf of a user but replace the userName field in the SASL XOAUTH2 encoded string with the email address of the shared mailbox. To authenticate a IMAP server connection, the client will have to respond with an AUTHENTICATE command in the following format:

Video Answer

2 Answers

I managed to send my authentication token as a query parameter.

When creating my consumer in my javascript app, I'm passing the token in the cable server URL like this:

wss://myapp.com/cable?token=1234

In my cable connection, I can get this token by accessing the request.params:

module ApplicationCable
  class Connection < ActionCable::Connection::Base
    identified_by :current_user

    def connect
      self.current_user = find_verified_user
      logger.add_tags 'ActionCable', current_user.name
    end

    protected:
    def find_verified_user
      if current_user = User.find_by(token: request.params[:token])
        current_user
      else
        reject_unauthorized_connection
      end
    end
  end
end

It's clearly not ideal, but I don't think you can send custom headers when creating the websocket.

like image 123
Pierre Fraisse Avatar answered Oct 19 '22 15:10

Pierre Fraisse

Pierre's answer works. However, it's a good idea to be explicit about expecting these parameters in your application.

For instance, in one of your config files (e.g. application.rb, development.rb, etc...) you can do this:

config.action_cable.mount_path = '/cable/:token'

And then simply access it from your Connection class with:

request.params[:token]
like image 21
Yuval Karmi Avatar answered Oct 19 '22 15:10

Yuval Karmi
Sign in to Comment

Related questions

country_select gem wrong number of arguments error
How do I add extra data to join table in factory_bot factories
Rails, Puma, Sidekiq how to calculate total DB connections?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!