javascript - Pusher，存在和私有(private)的不同身份验证？

Question

我想知道如何实现专用 channel 和在线 channel 的授权，因为文档指出两者的身份验证不同。

https://pusher.com/docs/authenticating_users#implementing_private_endpoints

我当前在 Laravel 中的身份验证过程是这样的

public function auth(PusherManager $pusher, Request $request)
{
    if(Auth::check())
    {
        echo $pusher->presence_auth('presence-channel', $request->get('socket_id'), Auth::user()->id, Auth::user());
    }
}

我正在初始化 channel ，如下

var pusher = new Pusher('7c1df2e41d3c474d369d');
var presenceChannel = pusher.subscribe('presence-channel');
var notificationChannel = pusher.subscribe('private-notifications-' + me.id);

This is working for the Presence-channel, But when it comes to the Private-notifications channel I get the following error.

Pusher : Error : {"type":"WebSocketError","error":{"type":"PusherError","data":{"code":null,"message":"Invalid signature: Expected HMAC SHA256 hex digest of 52336.206126:private-notifications:{\"user_id\":1,\"user_info\":{\"id\":1,\"name\":\"Miguel Stevens\",\"email\":\"miguel@clouddesign.be\",\"created_at\":\"2015-08-04 20:45:41\",\"updated_at\":\"2015-08-04 20:45:41\"}}, but got c880aa8f9d1337e4972fde05ae76148cd9a2a91e636d4714efbac2dff6d27f4b"}}}

Answer 1

有不同的函数来验证私有(private) channel 和存在 channel ，它们也采用不同的参数。

• socket_auth($channel_name, $socket_id 应用于私有(private) channel :https://pusher.com/docs/authenticating_users#implementing_private_endpoints/lang=wordpress
• presence_auth($channel_name, $socket_id, $user_id, $user_data) 应用于状态 channel :https://pusher.com/docs/authenticating_users#implementing_presence_endpoints/lang=wordpress

因此，您应该检查 $request->get('channel_name') 并根据 private- 或 channel 名称前缀使用适当的方法存在-。这还使您有机会检查当前用户是否拥有所请求 channel 的权限。