I'll preface by saying i'm not totally new to Nodejs. I was able to reason through the documentation of the other libraries and i've got my implementation down how i would like it. I'm unsure of how to proceed, because the documentation stops immediately short of providing enough details to implement this, especially to people unfamiliar with socketio idioms and such.

Here's what i have so far:

var app = require('express')(),
    fs  = require('fs'),
    http = require('http').createServer(app),
    io = require('socket.io').listen(http),
    ioauth = require('socketio-auth'),
    redis = require("redis").createClient({host:'127.0.0.1',port:6379}),
    serializer = require('php-unserialize'),
    r = require('rethinkdb'),
    db = require('./db'),
    config = fs.readFileSync('./config.json','utf-8');


ioauth(io, {
    authenticate: function (socket, data, callback) {

        var key = data.key || false;
        var s_id = data.s_id || false;//to retrieve user_session
        var token = data.token || false;//the authenticate the user as the valid owner of the session.

        if(key && !s_id && !token){
            //backend process connecting to update data
            return callback(null,config.serverKey == key);
        }
        else if(s_id && token && !key){
            //user connecting from front end.
            redis.get('PHPREDIS_SESSION:'+s_id,function(err,reply){
                if(data == null){
                    return callback(null,false);
                }
                var session = serializer.unserializeSession(reply);
                socket.client.user = session.user || { token: false };
                return callback(null,token == user.token);
            })
        }
        else{
            return callback(null,false);
        }

    }
});

I'm sort of wondering how i should proceed from here to listen for connected clients (only authenticated clients).

I see that socket io listens like io.on('connection',..) but i'm wondering what i should do with this library, since i will have to wait for the client to be authenticated. obviously there is no way i can guarantee that redis returns data in a given time frame, so does this library perhaps emit a authenticated event, as in the client is now authenticated, i can do stuff with the connection now?

Hi @r3wt, sorry for the delayed answer. I think there are several ways to tackle what you request, I guess I'd need more context to tell which one would be the most simple/elegant way to do it, but you could consider:

• listening to the 'authenticated' event of the socket (this is what you use in the client, but you could use it in the server too)
• defining a postAuthenticate function, which gets called right after your client authenticates (see the README). That way you define your listeners only for already authenticated clients.
• using vanilla socket.io listeners after connection, but check that socket.auth is true before doing anything.

Hope it helps.

alright @facundoolano thank you for the tips. is really helpful.