RTCForge API Reference v1.1.1
    Preparing search index...

    Type Alias AuthFunction

    AuthFunction: (token: string) => Promise<AuthPayload>

    Application-supplied hook that verifies a client's connection token and resolves the peer's identity.

    Type Declaration

      • (token: string): Promise<AuthPayload>
      • Parameters

        • token: string

          The opaque credential presented by the connecting client.

        Returns Promise<AuthPayload>

        The authenticated peer's room, id, role, and optional metadata.

    Configured via SignalingServerOptions.auth. The server passes the token extracted from the incoming WebSocket upgrade request (query string or Authorization header). Resolve to an AuthPayload to admit the peer; reject (throw) to deny it — the connection is then closed with CloseCode.PolicyViolation and CloseReason.AuthFailed, and an auth_errors metric is emitted. This is the single trust boundary for the server: room membership, role, and metadata are all derived from what this function returns, so it must not be omitted in production.

    When the token is invalid or the client is not authorized to join.

    const auth: AuthFunction = async (token) => {
    const claims = await verifyJwt(token) // your verifier
    return {
    roomId: claims.room,
    peerId: claims.sub,
    role: claims.role,
    metadata: { name: claims.name },
    }
    }
    const server = new SignalingServer({ port: 3000, auth })