Merge pull request #11 from vporton/master

mpaolini · web-flow · commit 83c652d2d265 · 2017-10-05T10:04:58.000+02:00
added cookie-based authentication
diff --git a/README.rst b/README.rst
@@ -60,6 +60,20 @@ The ``user_db.txt`` is a text file with one entry per line::
     user_id:username:user_token
 
 
+Generating messages programmatically
+####################################
+
+To pass a message to a WebSocket client through RabbitMQ you can use `pika` Python module::
+
+    connection = pika.BlockingConnection()
+    channel = connection.channel()
+    channel.basic_publish(exchange='pushpull.ws',
+                          # routing_key='pushpull.ws', # broadcast to all open WebSockets
+                          routing_key=('pushpull.ws.%d' % user_id),
+                          body='{"test": "Test"}')
+    connection.close()
+
+
 
 Build docker image
 ##################
diff --git a/pushpull/config.py b/pushpull/config.py
@@ -5,6 +5,7 @@
 WEBSOCKET_URL = os.environ.get('PUSHPULL_WEBSOCKET_URL', '')
 BROKER_URL = os.environ.get('PUSHPULL_BROKER_URL', '')
 CORS_ALLOWED_ORIGINS = os.environ.get('PUSHPULL_CORS_ALLOWED_ORIGINS', '')
+AUTH_COOKIE = os.environ.get('PUSHPULL_AUTH_COOKIE', '')
 
 
 def get_host_port():
diff --git a/pushpull/websocket/gateway.py b/pushpull/websocket/gateway.py
@@ -17,7 +17,10 @@
 
 
 async def websocket_rabbitmq_gateway(request):
-    authorization = decode_auth_querystring_param(request.GET)
+    if config.AUTH_COOKIE != '':
+        authorization = request.cookies.get(config.AUTH_COOKIE);
+    else:
+        authorization = decode_auth_querystring_param(request.GET)
     try:
         # TODO: reuse amqp channel and maybe share it with the Exchanger
         user_info = await auth.get_user_info(authorization)
