I am trying to build a chat web application. When the user sends a new message (HTTP Request) to the server, I want to send WebSocket notification to the receiver of the message (Angular Client). When the user logs in to the app it opens a websocket connection with the server. I would like to ask you if my logic is right or I can do something better. I want to intercept the handshake before it gets established and grab the session id of the websocket and the Session JWT cookie of the user, so I can store them in my database. So when a user sends a message, the backend should lookup database if there is active websocket connection or not. ALthough, I find this solution difficult to build as I am not sure a websocket session ID is enough to rebuild the Websocket session object from the start. Is there any better way to solve this?
Thank you in advance!
Related
I am trying to create a chat messaging application, which has text functionality. Right now, when a user sends an SMS message from their phone to a Twilio service number, there is a Twilio webhook which redirects to an endpoint in my backend server: sending HTTP POST request.
However, since it is a chat messaging application, I need the Twilio webhook to establish a Websocket connection (upgrading over HTTP) to my backend server, so that it can send websocket events back to my client.
Is there a way to establish a websocket connection using Twilio webhooks, or even Twilio functions? I can't find any resources online to solve this issue.
I tried Twilio Webhooks, and Twilio Functions, it hasn't worked so far.
WebSockets won't help you in this situation, as the webhook timeout limit is 15 seconds. This means you either need to return a TwiML response within 15 seconds or the request will fail.
It sounds like you want to build a stateful WebSocket connection instead of the stateless API callback. To achieve a stateful session, you either need to handle the state management over multiple incoming messages on your own, or you can use a Studio Flow which comes with state management baked in.
I need to add support for instant messages or reminders to my web application. I was reading that this could be accomplished with websockets.
The idea is that during the time the web app is been used, it could receive messages originated (not as a request response) from the server. For example, the server application might want to remind the user about and unpaid service.
As I understand, when the web app starts it connects to the websocket server through a standard HTTP Request call to announce itself as a client. My question is:
"If I have hundreds of clients connected at the same time, how do I call one in particular?"
Do I need to store every websocket object in an array or something so I can use it to send a message when it is required?
What would be the right approach?
Thanks.
We are using Spring WebSocket. And we have a Channel interceptor and can handle CONNECT and SUBSCRIBE messages to validate and authenticate. The CONNECTED frame is sent from the broker to the client in response to the CONNECT frame. Is there any way to manipulate this frame? It includes a session id that my boss wants me to remove because he thinks it is a security risk.
I have written WebSocket server with token authentication where the client connects as:
socket = new WebSocket("wss://websockets", ["hub", token] )
It uses subprotocol to squeeze auth token within headers.
On the server side I intercept this header key and authorize the request which works great - the client connects ok and keeps the connection open.
When token is not supplied, connection is rejected - great!
So in the typical use case: chat application, the user logins and gets authorization token to open the connection. Once connection is opened the client sends message to the server and the server sends that message to all connected clients.
So, so far I understand that the opening connection to the server and sending message to it is secured. What happens when that message is pushed to all connected clients? I donĀ“t need to be concerned about authorization of incoming messages (to the client) since the client needs to be connected and therefore authorized to receive those messages right?
I am implementing spring boot stomp message broker socket to interact with webclient. i need to send sms to a specific user by username at some application point,means the message will be trigger from server to client. client will subscribe to a topic/queue. i heard #SendtoUser send sms to the perticular user, but here in my case user is just subscribing a topic, then from backend i need to send sms time to time to specific user. user will not send any sms to server.
its just push based sms.
messagingTemplate.convertAndSendToUser(sessionId,"/queue/something", payload,
headerAccessor.getMessageHeaders());
but here from where will i get the session id for the targeted user. here user is just subscribing the topic once.
You can find answer to a similar question (with project exemple) here :
Spring websocket send to specific people
The fact that user is subscribing once is not a problem. One the connection is established, the server can send has much message as needed.