Branch: refs/heads/master
Home: https://github.com/conformal/btcd
Commit: 0d40bf901dea5628a591b2867ec0a641e0cd03e1
https://github.com/conformal/btcd/commit/0d40bf901dea5628a591b2867ec0a641e0cd03e1
Author: Dave Collins <[email protected]>
Date: 2014-01-22 (Wed, 22 Jan 2014)
Changed paths:
M rpcserver.go
M rpcwebsocket.go
Log Message:
-----------
Implement alternative auth for websockets.
The previous websocket code required HTTP auth headers to be sent in order
to use the websocket. While this makes sense for most applications, some
use cases such as javascript-based websockets from browsers do no have the
ability to send headers.
This commit modifies the authentication logic to allow an alternative
authentication mechanism when HTTP auth headers can't be sent. In
particular, it introduces a new JSON-RPC command named authenticate which
accepts the username and passphrase for the RPC server. The command is
only required if the connetion has not already been authenticated via HTTP
auth headers and it must be the first command to be received. Sending any
other command will immediately disconnect the websocket.
ok from @owainga and @jrick.
This closes #77.
