I'm working on a geddy-based application that was using geddy's realtime socket.io. It also uses geddy's passport integration and session cookies to authenticate app users. What I didn't know was that those realtime websocket connections are not being authenticated at all. I solved this in our app by overriding geddy's websocket server implementation and augmenting it with a little authentication. The following gist outlines what I did, in case it helps anyone else:
--
The official community discussion group.
website: geddyjs.org, source: https://github.com/mde/geddy, group: https://groups.google.com/d/forum/geddyjs?hl=en
---
You received this message because you are subscribed to the Google Groups "GeddyJS" group.
To unsubscribe from this group and stop receiving emails from it, send an email to geddyjs+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.