How to hide cote's socket to client
rsegecin opened this issue · 4 comments
Since cote's socket is not ciphered yet I'd like to have a BFF (back end for front end) to expose only the necessary endpoints that would be consumed by a user. Unfortunately, I'm unable to hide cote's socket and I've tried to "create" another server by doing const coteServer = require('http').Server(); and using coteServer to deal with the cote's socketio but without much success. Does any of you guys could please show how I can manage to hide cote's socket to be accessible from the client?
Thank you very much.
Hello! How do you mean by hiding cote's socket? You can make use of respondsTo configuration in your responders to indicate which messages they should respond to that are coming through the sockend. Have you tried looking into https://github.com/dashersw/cote-workshop? There are examples that use respondsTo to selectively respond to messages.
Hi @dashersw, I have the workshop up and running and I did notice the repondsTo on the Responder, but would it expose the socket's network that's not ciphered? putting the microservices behind a BFF wouldn't be more cautious or do you think it's not necessary? and anyhow is there a way to do it?
Thank you for your reply.
I am not sure what you mean by exposing the socket's network that's not ciphered. It's definitely opening up a websocket server that lives on the same memory space with cote, but there's no imminent attack surface. Even if there were, a cipher wouldn't help. On the workshop you also have the example of an express proxy here: https://github.com/dashersw/cote-workshop/blob/master/admin/server.js . Would that work for your use case?
My concern was how cote implements the node iosocket if it would leave the other services that are not declared on repondsTo opened and that's why I wanted to put it behind a bff. I'm about to create a commercial web service and I wanted to make using at least node and typescript until I came across your solution to microservices. It seems really good, good job and thank you for your response =D