how to setup pubnub on rails/javascript to authenticate subscribing to a channel

StackOverflow https://stackoverflow.com/questions/22796622

Pregunta

I have a rails app with Users and Customers. A user has_many customers. What I want to do is setup pubnub to publish serverside and subscribe client side. I got everything working but I'm not sure how to make sure a user can subscribe to a specific channel. For example, if I'm subscribing to a specific channel client-side (example: channel = "customer-3") I also need to make sure the current_user should have access to customer-3. How do i do that server side with pubnub while subscribing client-side?

¿Fue útil?

Solución

There are various layers of security you could implement here.

In a vanilla configuration, any subscriber can subscribe to any channel anyone is publishing on, you just need to know the channel name. No restrictions on this config...

Next, you could implement the builtin PubNub AES message encryption. For this config, you'd need to be sure the entity that is publishing (your ruby client) has shared the cipher key with everyone subscribing to him (your javascript client). In this config, you'd need to be sure that they both are using the same cipher key.

At an even higher, more granular level, you could implement PAM (PubNub Access Manager). This lets you grant and revoke access at global, channel, and user levels.

More on PAM here: http://www.pubnub.com/docs/javascript/overview/security.html

You can also implement PAM with encryption, for additional security.

If you still need more info on how to implement this in your own app, please drop us an email at support@pubnub.com, so we can get a better idea of your app, and provide you with appropriate code snippets as needed.

geremy

Licenciado bajo: CC-BY-SA con atribución
No afiliado a StackOverflow
scroll top