docs: added websocket authentication #8462
Conversation
There was a problem hiding this comment.
The content of the article looks good, but there is a problem here.
AFAIK, the browser's WebSocket does not provide an API to allow users to set their own initial request headers. It will affect browser users, but not users who build their own clients.
So for browsers, we'd better switch to using the query parameter as authentication to start a WS connection, otherwise it will be difficult for users to use the authentication plugin provided by APISIX in the browser.
Perhaps it would be better to provide a truly dedicated websocket plugin in the future. 😊
|
|
||
| Connect `ws://127.0.0.1:9080/raw` without `key`, APISIX returns `401 Unauthorized` status code. | ||
|
|
||
|  |
There was a problem hiding this comment.
Why is a mosaic used in the picture? 🤔
| 1. Add one header `apikey` with value `this_is_the_key`; | ||
| 2. Connect `ws://127.0.0.1:9080/raw` with `key`, it's successfully. | ||
|
|
||
|  |
|
|
||
| To establish a WebSocket connection, the client sends a WebSocket **handshake** request, for which the server returns a WebSocket handshake response, see below: | ||
|
|
||
| **Client Request** |
There was a problem hiding this comment.
Would it be better to change bolds to H3 heading?
|
|
||
| Apache APISIX supports [WebSocket](https://en.wikipedia.org/wiki/WebSocket) traffic, but the WebSocket protocol doesn't handle authentication. This article guides you on how to configure authentication for WebSocket connections. | ||
|
|
||
| ## WebSocket Protocol |
There was a problem hiding this comment.
All headings should follow sentence case as stated in the style guide: https://apisix.apache.org/docs/general/documentation-style-guide/#formatting-punctuation-and-organization
|
|
||
| When establishing one connection from Client to Server, in the **handshake** phase, APISIX first checks its authentication information, then chooses to proxy this request or deny it directly. | ||
|
|
||
| ### Pre-requisite |
There was a problem hiding this comment.
| ### Pre-requisite | |
| ### Prerequisites |
|
|
||
| ### Key Auth | ||
|
|
||
| #### Create one Route |
There was a problem hiding this comment.
| #### Create one Route | |
| #### Create a Route |
| }' | ||
| ``` | ||
|
|
||
| #### Create one Consumer |
There was a problem hiding this comment.
| #### Create one Consumer | |
| #### Create a Consumer |
| ### Note | ||
|
|
||
| Other authentication methods are similar to this one. |
There was a problem hiding this comment.
Please move this note to the top and use the Docusaurus admonition :::note.
| ## Reference | ||
|
|
||
| 1. [Wikipedia - WebSocket](https://en.wikipedia.org/wiki/WebSocket) |
There was a problem hiding this comment.
We do not generally have separate references section. You can just link it inline as you have done in the first sentence. We can remove this section.
|
This pull request has been marked as stale due to 60 days of inactivity. It will be closed in 4 weeks if no further activity occurs. If you think that's incorrect or this pull request should instead be reviewed, please simply write any comment. Even if closed, you can still revive the PR at any time or discuss it on the [email protected] list. Thank you for your contributions. |
|
I will update this PR because I think @juzhiyuan is busy elsewhere. |
|
Opened new PR to add this tutorial. Closing this one. See: #9369 |
Description
This tutorial uses
key-authto authenticate before connecting to the upstream WebSocket server.Rendered Version: https://github.com/apache/apisix/blob/docs/tutorial-websocket-authentication/docs/en/latest/tutorials/websocket-authentication.md
Checklist