Session data in AuthMiddlewareStack #1727
Unanswered
flabbyThoroughbred
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
I'm using OpenId Connect to authenticate users and I want to ensure that socket connections are coming from an authenticated user.
It appears that AuthMiddleware layer does find a session but as its passed up the stack through SessionMiddleware and Cookiemiddleware the session does not persist.
Is this intended? In order to confirm the user I need to verify the oidc key that is in the session data.
The other alternative is to confirm in the consumer accept method. Is there a downside to handling connection authenticity in the consumer's accept?
Thanks!
Beta Was this translation helpful? Give feedback.
All reactions