ClientFactory
Opened this issue · 2 comments
Implement the soundstage ClientFactory so that I can add custom authentication and authorization logic.
The list below is not intended for you to necessarily develop, simply documenting that the final goals of the custom ClientFactory are:
Authenticate users
- Ensure that user has sufficient rights to connect to the space (varies by user/instance/event)
- Limit connections to ensure we are within a given spaces capacity limit (this varies by "world" for example nightclub vs outdoor festival)
Authorization
- Secure admin actions
- Secure stage control actions
Pushed to main branch.
ClientFactory has three methods:
https://github.com/jalmasi/vrspace/blob/master/server/src/main/java/org/vrspace/server/core/ClientFactory.java
Specify custom factory by implementing the interface, overriding method(s) you want, like this:
https://github.com/jalmasi/vrspace/blob/master/server/src/main/java/org/vrspace/server/core/DefaultClientFactory.java
Then this default factory can be replaced by specifying new factory in configuration property, like
https://github.com/jalmasi/vrspace/blob/master/server/src/test/java/org/vrspace/server/core/FactoryPropertyTest.java
or by overriding a factory configuration, like
https://github.com/jalmasi/vrspace/blob/master/server/src/test/java/org/vrspace/server/core/FactoryConfigTest.java
Note HTTP headers available to factory methods.
JWT is typically passed as Authorization header, cookies also can be found there, etc.