Restrict access by origin domain and limit the number of connections
programarivm opened this issue · comments
Hello there,
I've been able to successfully implement the cli/workerman/staging.php script which is now running as shown below.
php cli/workerman/staging.php start
Welcome to PHP Chess Server
Commands available:
/accept {"jwt":"<string>"} Accepts an invitation to play online with an opponent.
/draw {"action":["accept","decline","propose"]} Allows to offer a draw.
/heuristics {"fen":"<string>","variant":"<string>"} Returns the heuristics of a chess position.
/leave {"action":["accept"]} Allows to leave a game.
/legal {"position":"<string>"} Returns the legal FEN positions of a piece.
/online_games Returns the online games waiting to be accepted.
/play_lan {"color":"<string>","lan":"<string>"} Plays a chess move in long algebraic notation.
/randomizer {"turn":"<string>","items":"<string>"} Starts a random position.
/rematch {"action":["accept","decline","propose"]} Allows to offer a rematch.
/resign {"action":["accept"]} Allows to resign a game.
/restart {"hash":"<string>"} Restarts a game.
/start {"variant":["960","capablanca","capablanca-fischer","classical"],"mode":["fen","san","play","stockfish"],"settings":{"color":["w","b"],"fen":"<string>","movetext":"<string>","settings":"<string>","startPos":"<string>"}} Starts a new game.
/stockfish {"options":{"Skill Level":"int"},"params":{"depth":"int"}} Returns Stockfish's response to the current position.
/stockfish_eval {"fen":"<string>","variant":"<string>"} Returns Stockfish's evaluation for the given position.
/takeback {"action":["accept","decline","propose"]} Allows to takeback a move.
/tutor_fen {"fen":"<string>","variant":"<string>"} Explains a FEN position in terms of chess concepts.
/undo Undoes the last move.
Listening to commands...
Workerman[cli/workerman/staging.php] start in DEBUG mode
------------------------------------------- WORKERMAN --------------------------------------------
Workerman version:4.1.14 PHP version:8.3.1 Event-Loop:\Workerman\Events\Select
-------------------------------------------- WORKERS ---------------------------------------------
proto user worker listen processes status
ssl standard none websocket://0.0.0.0:8443 1 [OK]
--------------------------------------------------------------------------------------------------
Press Ctrl+C to stop. Start success.
Now I'd want to write a production script called cli/workerman/prod.php to enable some restrictions similarly as with cli/ratchet/prod.php.
Here are two questions.
- Is it possible to limit the number of connections to the chess server?
- How can I restrict access by origin domain?
Thank you for the help, and keep it up.
- No.
- When workerman version <= 4.1
you can see https://www.workerman.net/doc/workerman/appendices/about-websocket.html
<?php
require_once __DIR__ . '/vendor/autoload.php';
use Workerman\Connection\TcpConnection;
use Workerman\Worker;
$ws = new Worker('websocket://0.0.0.0:8181');
$ws->onConnect = function($connection)
{
$connection->onWebSocketConnect = function($connection , $httpBuffer)
{
// This is where you can determine if the connection is from a legitimate source and close it if it is not.
// $_SERVER['HTTP_ORIGIN'] identifies the site from which the page initiated the websocket connection.
if($_SERVER['HTTP_ORIGIN'] != 'https://www.workerman.net')
{
$connection->close();
}
// onWebSocketConnect where $_GET $_SERVER is available.
// var_dump($_GET, $_SERVER);
};
};
Worker::runAll();