0

I am currently experimenting with websockets on NodeJS and am wondering if its possible to protect/secure my websocket. I'd like to be able to prevent others from connecting to my websocket and using the data that is being sent from it. If I have a website that recieves data from this NodeJS websocket, is there anyway to ensure that only my domain (mydomain.com) or website can read this data and not any other client/website? I am currently using the WS module found on NPM. Any help would be greatly appreciated! Thank you!

Server Code:

var WebSocketServer = require('ws').Server
  wss = new WebSocketServer({port: 8000})
  wss.on('connection', function (ws) { })

Client (JavaScript) Code:

 var wss = new WebSocket('wss://mydomain.com'); 
    wss.onmessage = function(e) {
    var data = JSON.parse(e.data); }
ToneCat
  • 1
  • 1
  • The auth token is not hardcoded in your code. Instead, you would usually perform a conventional HTTP authentication to retrieve it first and it would be different for every client/session. – Danziger May 10 '18 at 18:47
  • You can also take a look at https://stackoverflow.com/questions/28965210/configuring-authentication-headers-for-websocket-connection – Danziger May 10 '18 at 18:47
  • 1
    Okay, great, thank you! I will take a look at this. – ToneCat May 10 '18 at 18:53

0 Answers0