The two main things offered by @liveblocks/node
:
authorize
function, which helps you implement custom
authentication in your backend.WebhookHandler
class, which helps you implement
webhook handlers.The purpose of authorize()
is to help you implement your custom authentication
backend, i.e. the blue "server" part of this diagram:
If the current user has access to the provided room, call this function from your authorization endpoint and return the result as an HTTP response.
When calling the authorize
function, you are telling (!) Liveblocks that the
user you specify is authenticated, for which rooms, and which permissions they
will have.
At the very least, you must pass a userId
and a roomId
. Optionally,
userInfo
can be used to add information about the current user that will not
change during the session. This information will be accessible in the client to
all other users in Room.getOthers
. It can be helpful to implement avatars
or display the user’s name without introducing a potential impersonification
security issue.
userId
cannot be longer than 128 characters.userInfo
cannot be longer than 1024 characters once serialized to JSON.The WebhookHandler
class is a helper to handle webhook requests from
Liveblocks.
It’s initialized with a signing secret that you can find in your project’s webhook page.
Verifies the request and returns the event.