An Auth Webhook
This example uses Node.js on the server, but this is possible in any language.
When you connect to a room, Room Service will check if that's ok.
If the check isn't successful (the user isn't authorized), this line will throw an error. If that check is successful, the user will have full read-write access to the room.
Need more granular auth? We're working on this and would love to hear from you!
You give Room Service a function to call to make the check.
In the simplest case, this function creates a POST request to an endpoint you setup on your backend. This endpoint can have any structure you'd like, so if you need a custom body or custom headers, that's fine. It's your endpoint.
The request should send the name of the room.
This is how your server will recognize what room this user is trying to access. In this example, params.room
will be "express-minimal"
.
If there's an issue, throw an error.
You can then wrap your service.room
with a try/catch
to catch anything that goes wrong.
On the server, capture the POST request
Setup an endpoint that accepts the request we just sent from the browser. This example is in Node.js with Express, but you can do this in any language.
If unauthorized, send back a 401.
Use whatever system you have currently to determine if a user is logged in and allowed to access this particular room. In this example, we're showing a prototype for cookie auth, but you're free to implement this however you'd like.
To create a token, send a POST request to the /provision
API route.
This route allows a user to access particular resources
. In the simplest case,
we'll just allow this user to access a single room.
This is your user ID.
Whatever you pass in here, we'll send back to you on the client to distinguish users by.
You can send the body of the provisioner back to your client
The provisioner will return a body that looks like this:
{
"user": "your-user-id",
"resources": [{...}],
"token": "tok_123"
}
Return the result of the result of your request from your auth function
Your endpoint needs to send back a user
id, a resources
object, and the token
to the browser client.