i'm brand-new sse. there plenty of simple/introductory texts on server sent events
but none of them touch on using same sse file multiple different users.
for example:
i have site, users log on. while logged on, can view data unique , private them. i'd each user have live updates while logged in, may or may-not contain sensitive information. implementing server-sent events:
js (straight out of 1 of links)
var source; if (!!window.eventsource) { source = new eventsource("sse.php"); } else { ... } source.addeventlistener("message", function(e) { ... stuff ... }, false); php
header("content-type: text/event-stream"); header("cache-control: no-cache"); header("connection: keep-alive"); while (true) { $data = \\ query db or other source if ($data) { sendmessage($someid, $data); } sleep(2); } function sendmessage($id, $data) { echo "id: $id\n"; echo "data: $data\n\n"; ob_flush(); flush(); } but using way, sending data user opened sse.php source (i.e. each eventsource("sse.php") new, unique connection)? or logged on, has initialized connection, receive same data?
this answer touches on multiple users, using unique events:
echo "event: ping\n"; $msg1="this first user"; echo 'data: {"msg": "' . $msg1 . '"}'; echo "\n\n"; echo "event: notify\n"; $msg2="this second user"; echo 'data: {"msg": "' . $msg2 . '"}'; echo "\n\n"; and listening event:
var evtsource = new eventsource("sender.php"); evtsource.addeventlistener("ping", function(e) { var obj = json.parse(e.data); var r_msg = obj.msg; but hardly seems reasonable. if each user supposed receiving own private feed, method require me hard-code unique event each user. and, original answer mentions, not prevent above-average user intercepting , reading other messages too.
and, on top of all, sse.php file doesn't know user it's gathering data for, have users, time.
how create 1 sse.php file, can handle unlimited number of unique users, , only send data appropriate user? so:
there must way send initialization data (i.e. unique user id) server-side file, ,
there must way 1 particular user receive information gathered
am sending data user opened sse.php source
yes.
or logged on, has initialized connection, receive same data?
no.
if each user supposed receiving own private feed, method require me hard-code unique event each user
luckily no! sse "event" sending different types of events down single connection single user. use-case might facebook wanting use 1 event sending chat updates, event sending friend requests, sending ads show, etc.
in book (data push apps html5 sse, http://shop.oreilly.com/product/0636920030928.do - apologies plug!) argue redundant, , better included part of json object pushing.
and, on top of all, sse.php file doesn't know user ...
cookies sent. typical approach first login user, create cookie authenticates them, call sse script. if using server system sessions support (e.g. php), cookies implementation detail.
post data, , custom headers, cannot sent. if cookies not option you'd have use post authentication id (but note, not best type of security).
