I want to develop real time chat with channels and these are my needs:
- PHP backend to manage site
- Redis as session and data primary storage
- Pub/Sub to send messages only to channel’s interested users
- one WebSocket connection with which the messages will be send and received.
- (optional) NodeJS to use great npm packages like timesync or socket.io
I see two different architectures to achieve this:
- with Socket.io
- with Crossbar.io
These are my questions:
- Which architecture I should choose and why?
- The key is the user id cannot be obtained from client, because it can be malformed. So in the first architecture I think on every socket message I should attach PHPSESSID value from cookie and on sever-side retrieve PHP session from Redis. Am I right or there is better way to get user id?
- I wonder if getting user id in second architecture can be done differently?
I choosed Crossbar.io, cause it is very powerful and allows to communicate many different language applications in real time. After studying examples, I come up with this:
- On every login user have generated secret key in database.
PHP client (Thruway) connect to Crossbar server and register custom WAMP-CRA authenticator
User’s browser connect to Crossbar server and is challenged. Secret and auth_id (user id) are loaded from DB with page load, so it
can accomplish challenge and send response.
PHP authenticator search in DB for user with provided secret and id equal to auth_id. If there is, then it successfully authenticate
session. Now we can trust that auth_id is real user id.
These are my question:
- How I can get auth_id on subscribe?
I also added cookie authentication and browser is remembered after authentication. But when I look in Chrome DevTools there is any cookie nor value in local storage. Even after clearing cache my browser is still remember by Crossbar. I wonder how it is possible?