How do you pass php session data to socket.io?

Question

I'm writing an application where a user can be logged in from several browsers at once, with a connection being established to socket.io on the server when the page loads.

I want to keep track of all client socket id's, socket.id, in a redis set whose key would look like userId:???:socketClientIds for that logged in user. I want to SADD the socket client id to the redis set after an php script is called via ajax.

Since I keep the user id in a php session variable $_SESSION['userId'], what is a safe/practical way I can communicate the value of this user id to socket.io so I can add the client id to the set?

client.sadd("userId:???:socketClientIds", socket.id)

I can't trust the client to provide an accurate value for a userId because it might be forged.

Answer 1

If you are using the default session handler in PHP, you could parse the user's session file in node using groan. Otherwise you might look into using MySQL, memcached, or Redis for your session storage instead so that it's more easily accessible from both PHP and node.