6

What is the best way to pass authentication state of the user to the node.js if user has already authenticated in php?

For example - there is an application written in php which needs to use node.js for real-time updates. But those updates should be restricted to logged in users.

What is the best way to do it? Is there a way to access php session data from node.js?

Leonti
  • 10,400
  • 11
  • 43
  • 68
  • I asked similar [question](http://stackoverflow.com/questions/4636773/long-polling-server-principle-client-authentication) regarding authentication few day ago. Maybe it can help you. – yojimbo87 Jan 14 '11 at 13:16

1 Answers1

4

Why you don't just hold node.js behind php and send request only after checking auth. state by php, in this case? Another way you can use the same session storign technique, e.g. memcache/redis/another db, for both of them and just re-check the session data from node.js after creating it by php or vice versa.

maga
  • 720
  • 3
  • 13
  • I think I will go with checking session with php on localhost. Thanks! – Leonti Jan 14 '11 at 19:09
  • think in this case session hijack would be an bigger threat, I would like to make sure that every message nodeJs gets comes from the one user who sent it, going to check yujimbo87's link right now – Purefan Jan 26 '11 at 09:48