JWT による認証を使用した Node.js および WebSocket ベースのアプリケーション用のカスタム バイナリ プロトコルの開発

WBOY
リリース: 2024-08-26 21:47:32
オリジナル
444 人が閲覧しました

Introduction

Developing efficient and secure applications requires not only a well-thought-out API, but also the right choice of data transfer protocol. Web applications usually use text-based formats such asJSONorXML, but for high-performance systems that requireminimal latencyand low data transfer volume, it can be advantageous to use binary protocols. In this article, we'll walk through how to develop a custom binary protocol forNode.jsandWebSockets-based applications, add authorization viaJWT, and explore the advantages of a binary protocol over other data formats.

Developing a custom binary protocol for Node.js and WebSockets based applications with authorization via JWT

Why a binary protocol?

Advantages of the binary protocol:

  • Efficiency:Binary protocols are more compact than text-based formats (e.g. JSON). They allow data to be transmitted in a more compressed form, which reduces the amount of traffic transmitted.

  • Performance: With less data and no need to parsing text formats, binary protocols save resources on the client and server side.

  • Security:Binary data is harder to analyze on the fly compared to textual data, making binary protocols less vulnerable to attack.

  • Flexibility:In binary protocols, data formats can be more precisely controlled to accommodate specific data types (e.g., floating point numbers, strings, byte arrays, etc.).

System Architecture:

We will develop a system consisting of the following components:

  • A server onNode.jsthat usesWebSocketsto communicate with clients.

  • AJavaScript clientthat connects to the server and uses a binary protocol to transfer data.

  • Authorization using JWT(JSON Web Token) to securely connect clients to the server.

Server implementation on Node.js

Dependency Installation

First, let's install the necessary dependencies:

npm init -y npm install ws jsonwebtoken
ログイン後にコピー

wsis a library for working withWebSocketon the server side, andjsonwebtokenis for working with JWT.

Simple Server Code:

const WebSocket = require('ws'); const jwt = require('jsonwebtoken'); // Our JWT Secret Key const SECRET_KEY = 'your_secret_key'; // Create a new WebSocket Server const wss = new WebSocket.Server({ port: 8080 }); // JWT Verification Function function verifyJWT(token) { try { return jwt.verify(token, SECRET_KEY); } catch (e) { return null; } } // WebSocket Connection wss.on('connection', (ws, req) => { // Get Token from Headers const token = req.url.split('token=')[1]; const user = verifyJWT(token); // User is not Verified if (!user) { ws.close(4001, 'Unauthorized'); return; } console.log(`User ${user.username} connected`); ws.on('message', (message) => { // Here we looking at message type. It must be a binary buffer if (message instanceof Buffer) { // Work with binary message const messageType = message.readUInt8(0); // First Byte - Message Type if (messageType === 1) { // If Message type is 1 const textLength = message.readUInt16BE(1); // Get Message Length const text = message.toString('utf-8', 3, 3 + textLength); console.log(`Received message from ${user.username}: ${text}`); } else if(messageType === 2) { // Work with your message types } } }); ws.on('close', () => { console.log(`User ${user.username} disconnected`); }); }); console.log('WebSocket server started on ws://localhost:8080');
ログイン後にコピー

Code Explanation:

  • JWT authorization:The server checks the JWT token passed by the client on connection. If the token is invalid, the server closes the connection with an authorization error.

  • Binary data processing:This example assumes that the client sends binary data. The server parses the message by reading the data byte by byte. For example, the first byte of the message can be used as the message type, followed by the message length and the data itself.

  • WebSocket server:Thewslibrary is used to manage connections and messages.

Client Implementation

Client code

To implement the client, we use pure JavaScript.

// Create Socket with our JWT Token const socket = new WebSocket('ws://localhost:8080?token=your_jwt_token'); // Open Connection socket.addEventListener('open', () => { console.log('Connected to server'); // Binary Message example const message = "Hello, Binary World!"; const buffer = new ArrayBuffer(3 + message.length); const view = new DataView(buffer); view.setUint8(0, 1); // Message type view.setUint16(1, message.length); // Message length for (let i = 0; i < message.length; i++) { view.setUint8(3 + i, message.charCodeAt(i)); } socket.send(buffer); }); // Get Response from server socket.addEventListener('message', (event) => { if (event.data instanceof Blob) { event.data.arrayBuffer().then(buffer => { const view = new DataView(buffer); const messageType = view.getUint8(0); if (messageType === 1) { // Type 1 - Text Message const textLength = view.getUint16(1); const text = String.fromCharCode(...new Uint8Array(buffer.slice(3, 3 + textLength))); console.log(`Received message: ${text}`); } }); } }); // Close Connection socket.addEventListener('close', () => { console.log('Disconnected from server'); });
ログイン後にコピー

Code Explanation:

  • Server Connection:The client connects to theWebSocketserver by passing a JWT token via a request string.

  • Sending binary data:To send binary data, an ArrayBuffer is created, in which the message type and text data are written.

  • Receiving messages:The client expects binary data from the server and parses it using a DataView to read the bytes.

JWT token creation and validation

An example of creating a JWT token on the server side:

const jwt = require('jsonwebtoken'); // Secret Key const SECRET_KEY = 'your_secret_key'; // Example of JWT Token Generation const token = jwt.sign({ username: 'user1' }, SECRET_KEY, { expiresIn: '1h' }); console.log(token);
ログイン後にコピー

This token can be used to connect the client.

Conclusion

Using a binary protocol in combination withWebSocketsand authorization viaJWTallows for an efficient and secure system for client-server communication. Binary protocols, despite their complexity in implementation, provide significant performance and data reduction benefits. They are particularly relevant for highly loaded and resource-intensive applications where minimizing latency and network utilization are important.

This approach can be useful for game development, real-time systems, financial applications, and other systems that require high performance and reliability.

And of course, thanks for reading.


Vous pouvez également soutenir la rédaction de tutoriels, d'articles et voir des solutions toutes faites pour vos projets :

Mon Discord|Mon blog|Mon GitHub|Achetez-moi une bière

BTC :bc1qef2d34r4xkrm48zknjdjt7c0ea92ay9m2a7q55

ETH :0x1112a2Ef850711DF4dE9c432376F255f416ef5d0

以上がJWT による認証を使用した Node.js および WebSocket ベースのアプリケーション用のカスタム バイナリ プロトコルの開発の詳細内容です。詳細については、PHP 中国語 Web サイトの他の関連記事を参照してください。

ソース:dev.to
このウェブサイトの声明
この記事の内容はネチズンが自主的に寄稿したものであり、著作権は原著者に帰属します。このサイトは、それに相当する法的責任を負いません。盗作または侵害の疑いのあるコンテンツを見つけた場合は、admin@php.cn までご連絡ください。
人気のチュートリアル
詳細>
最新のダウンロード
詳細>
ウェブエフェクト
公式サイト
サイト素材
フロントエンドテンプレート
私たちについて 免責事項 Sitemap
PHP中国語ウェブサイト:福祉オンライン PHP トレーニング,PHP 学習者の迅速な成長を支援します!