Eg i have a chat application,
however, i realised that for my application, as long as you have the link to the chat, you can enter. how do I prevent that, and make it such that only members of the group chat can access the chat. Something like password protected the url to the chat, or perhaps something like whatsapp. Does anyone have any suggestion and reference material as to how I should build this and implement the function? Thank you!
I am in the exact same condition as you.What I am thinking of doing is
Store group_url
and the respective user_ids
(which we get from django's authentication) in a table(with two columns group_url
and allowed_user_ids
) or in Redis
Then when a client connects to a channel,say chat/1234
(where 1234 is the group_url
),we get the id of that user using self.scope['user'].id
and check them in the table.
If the user_id
is in the respected group_url
,we accept the connection.Else reject the connection. I am new to this too.Suggest me if you find a better approach