OH, HI
I create chat app with server written with node.js and faye.
/messages/newMessages going that way:
client --[publish to /messages]--> server side client --[publish to /messages/new]--> all clients
But if I'm a Anonymus H4x0r I can edit client js file and make my client publish messages not on /messages, but on /messages/new. Messages will pass over the server side client and go directly to clients.
I want messages to go via server side client, cause server do magic: validates token, saves message in redis database and logs
Question
How to disable specific channel for publish by clients?
Should I write custom engine? I didn't find any channels configuration in Faye server. Let me know, if you want to see some code, dunno what to show you.
Note
createServer = ->
server = http.createServer()
server.listen settings.serverPort
bayeux = new faye.NodeAdapter ##################################
mount: '/faye' # This is "server side client"
timeout: 45 # lol
bayeux.attach server ##################################
fayeClient = bayeux.getClient()
log "listening on port #{settings.serverPort}..."
return [fayeClient, bayeux]
Edits
NoteDamn, I'm dumb.
Every message goes through server extensions, after that is send to listeners (other clients).
My code:
incoming: (message, callback) ->
# validate, if message has been sent by server
if message.channel == channels.newMessages # /messages/new
# I added token for server side client
if message.data.token != settings.serverToken
return # if message token is incorrect, don't run callback
callback(message) # send message to all listeners