secure websocket help
Unanswered
Pteromalid wasp posted this in #help-forum
Pteromalid waspOP
i guess it's a general question but anyone have advice / blog posts / resources for doing secure connections to a websocket and preventing unauthed users / spoofed requests? using nextjs to connect to a websocket server on website load for each new user but also don't want ppl to just spoof the request to get the data the websocket sends
3 Replies
The logic I use is, generate an otp before connecting to websocket and while connecting, send that otp which the websocket server will verify and keep the connection running
else it will send an error and close the connection
@Yi Lon Ma The logic I use is, generate an otp before connecting to websocket and while connecting, send that otp which the websocket server will verify and keep the connection running
Pteromalid waspOP
how would i ensure it's only being sent from the browser/my domain tho? i can use puppeter / playwright / other to capture that otp and make the request myself in that instance