Getting Started
Authentication
Private/presence channel authorization and user signin flow.
Channel Authorization (Private/Presence)
For private-* and presence-* channels, Sockudo validates the same signature format as Pusher:
auth = "<app-key>:HMAC_SHA256(socket_id:channel_name[:channel_data], app_secret)"
- Private channel: sign
socket_id:channel_name - Presence channel: sign
socket_id:channel_name:channel_data
channel_data must contain at least:
{
"user_id": "user-123",
"user_info": { "name": "Alice" }
}
Minimal Node Auth Endpoint
server.ts
import express from "express";
import Pusher from "pusher";
const app = express();
app.use(express.json());
const pusher = new Pusher({
appId: "app-id",
key: "app-key",
secret: "app-secret",
host: "127.0.0.1",
port: 6001,
useTLS: false,
cluster: "mt1",
});
app.post("/pusher/auth", (req, res) => {
const { socket_id, channel_name } = req.body;
if (channel_name.startsWith("presence-")) {
const presenceData = {
user_id: "user-123",
user_info: { name: "Alice" },
};
return res.send(pusher.authorizeChannel(socket_id, channel_name, presenceData));
}
return res.send(pusher.authorizeChannel(socket_id, channel_name));
});
Client Configuration
client.ts
import Pusher from "@sockudo/client";
const pusher = new Pusher("app-key", {
cluster: "mt1",
wsHost: "127.0.0.1",
wsPort: 6001,
forceTLS: false,
channelAuthorization: {
endpoint: "http://127.0.0.1:3000/pusher/auth",
transport: "fetch",
},
});
User Signin (pusher:signin)
If enable_user_authentication is enabled on the app, client-side user signin uses:
auth = "<app-key>:HMAC_SHA256(socket_id::user::user_data, app_secret)"
@sockudo/client exposes:
pusher.signin();
with userAuthentication.endpoint (default /pusher/user-auth).
Common Failures
- Missing
authfor private/presence subscription. - Invalid JSON in
channel_data. - Missing
user_idin presencechannel_data. - Clock skew on signed HTTP API requests (more than 10 minutes).