How can I change this code to connect to a channel that doesn't require authentication, while still allowing authentication on some channels?
phoenix.js:701 WebSocket connection to 'ws://localhost:4000/socket/websocket?token=&vsn=1.0.0' failed: Error during WebSocket handshake: Unexpected response code: 403
user_socket.ex
defmodule App.UserSocket do
use Phoenix.Socket
## Channels
channel "collection:*", App.CollectionChannel
## Transports
transport :websocket, Phoenix.Transports.WebSocket
# transport :longpoll, Phoenix.Transports.LongPoll
# Socket params are passed from the client and can
# be used to verify and authenticate a user. After
# verification, you can put default assigns into
# the socket that will be set for all channels, ie
#
# {:ok, assign(socket, :user_id, verified_user_id)}
#
# To deny connection, return `:error`.
#
# See `Phoenix.Token` documentation for examples in
# performing token verification on connect.
@max_age 2 * 7 * 24 * 60 * 60
def connect(%{"token" => token}, socket) do
case Phoenix.Token.verify(socket, "user socket", token, max_age: @max_age) do
{:ok, user_id} ->
{:ok, assign(socket, :user_id, user_id)}
{:error, _reason} ->
:error
end
end
def connect(_params, _socket), do: :error
# Socket id's are topics that allow you to identify all sockets for a given user:
#
# def id(socket), do: "users_socket:#{socket.assigns.user_id}"
#
# Would allow you to broadcast a "disconnect" event and terminate
# all active sockets and channels for a given user:
#
# Style.Endpoint.broadcast("users_socket:#{user.id}", "disconnect", %{})
#
# Returning `nil` makes this socket anonymous.
def id(socket), do: "users_socket:#{socket.assigns.user_id}"
end
collection_channel.ex
defmodule App.CollectionChannel do
use App.Web, :channel
def join("collection:lobby", _params, socket) do
{:ok, socket}
end
end
app.js
import socket from "./socket"
let channel = socket.channel("collection:lobby", {});
channel.join()
.receive("ok", resp => console.log("joined the collection channel", resp))
.receive("error", reason => console.log("join failed", reason));
socket.js
import {Socket} from "phoenix"
let socket = new Socket("/socket", {params: {token: window.userToken}})
To remove authentication, instead of verifying the token, always return a {:ok, socket} tuple inside the connect callback:
def connect(_params, socket) do
{:ok, socket}
end
And make your id callback return nil, since all sockets are anonymous
def id(socket), do: nil
If you want to have both, authenticated and anonymous channels, you will either have to handle authentication in the join/3 callback of your channel, or specify via socket-assigns, if the user is allowed to join the channel.
For example:
def connect(%{"token" => token}, socket) do
case Phoenix.Token.verify(socket, "user socket", token, max_age: @max_age) do
{:ok, user_id} ->
{:ok, assign(socket, :user_id, user_id)}
{:error, _reason} ->
:error
end
end
def connect(_params, socket), do: {:ok, socket}
This will allow anyone to join, but only sets the user_id when he is authenticated
# authenticated_channel.ex
defmodule App.AuthenticatedChannel do
use App.Web, :channel
def join("authenticated:lobby", _params, socket) do
if socket.assigns[:user_id] do
{:ok, socket}
else
{:error, %{reason: "unauthorized"}}
end
end
# unauthenticated_channel.ex
defmodule App.UnauthenticatedChannel do
use App.Web, :channel
def join("unauthenticated:lobby", _params, socket) do
{:ok, socket}
end
end