In websockets its not possible to send an authorization header, so I’ve had to resort to sending in the authention token as a query param to the websocket URL. But, is there a directive to handle the authorization, which doesn’t rely on the header? Or another way to authenticate websocket connections?
In websockets its not possible to send an authorization header …
Are you sure about that? I had this old sample of Basic Auth and WebSocket laying around: https://gist.github.com/johanandren/964672acc37b84caca40
Didn’t test it now but I think it should work fine.