Skip to content

include websocket header for authentication

Philipp S. Sommer requested to merge websocket-header into master

This MR implements the --header attribute for the messaging connection. It can be used to authenticate the backend module and the subscriber. One possibility is, for instance, to use a token (see dasf-broker-django!4) and authenticate the consumer via

python ExampleMessageConsumer.py --websocket-url ws://127.0.0.1:8000/ws/ --header '{"authorization": "Token <the-token-you-obtained>"}' -t test-topic listen

The header.authorization key is excluded when using the generate command to generate the client stub. To authenticate the client stub, one can use it as environment variable, i.e.

DE_BACKEND_HEADER='{"authorization": "Token <the-token-you-obtained>"}' python ExampleMessageProducer.py

I wonder whether one could make this easier, but as the authentication scheme is defined by the message broker, it's pretty much impossible to come up with something that works for all platforms. Another option one could support is the http_proxy_auth for the websocket connection, if the authentication happens on the reverse proxy rather than on the message broker itself. I would implement this as well, what do you think @daniel-eggert?

Merge request reports

Loading