We should add the authentication of the regular API to the WebSocket implementation, so we can verify what user is allowed to make edits.

We should possibly switch to JWT , so we don't have to store sessions and it might be easier to integrate with the WebSockets