Next.js Discord

Discord Forum

How to prevent auth token from being stolen on the Nextjs client side of socket.io?

Unanswered
Bighead carp posted this in #help-forum
Open in Discord
Bighead carpOP
This is my nodejs server socket.io code:

const io = new Server(server, {
  cors: {
    origin: "*", // Allows connections from any origin
    methods: ["GET", "POST"] // Specify allowed HTTP methods
  }
});


This is my Nextjs client-side socket.io code:

    const authToken = 'your_auth_token'; 
    const newSocket = io('http://localhost:8080', {
      auth: {
        token: authToken,
      },
    });


My authToken is created and stored in Nextjs server-side Http-Only secure Cookie.

My Question:
How do I safely retrieve it to pass to Nextjs Client-side socket.io auth: {....}?

0 Replies