[SOLVED] Juggernaut / Socket.io and authenticating single-user channel subscription

Juggernaut / Socket.io and authenticating single-user channel subscription

I'm new to Node JS and Socket IO, but I've heard a lot of good things about them so I wanted to take a look at them for use as a realtime notification system.

In my scenario, a user will open a socket to listen for notifications that are posted to the user -- each user will open up a connection to their OWN notifications, not a "public" channel.

var jug = new Juggernaut;
var channel = "/user/" + userId + "/notifications";
jug.subscribe(channel, function(data){
    console.log("Got data: " + data);
});

So in almost all cases it will be 1 user subscribing to 1 channel.

I have 2 concerns:

All of the Juggernaut examples I've seen involve multiple clients subscribing to 1 channel -- this makes me think that it's not designed to be used for 1-1 communications.
Is there a way to add authentication so that only specified users will receive the message (IE, the currently logged in user is the only one who can subscribe to his/her notification channel). If there was a way to pass additional data on subscribe it would probably be sufficient (hash the user id and use that as a token maybe?).

Does anyone have any experience with Juggernaut that might have encountered this scenario before?

Solution

All of the Juggernaut examples I've seen involve multiple clients subscribing to 1 channel

What is the difference between many subscribers and one subscriber to the publisher?

Is there a way to add authentication so that only specified users will receive the message

Sure. Require the channel to have authentication and since it's going to be by userid, then you already know the things you need to secure it.

As for how to get juggernaut to do authentication, looks like you can post host headers to handle that for you.