I'm using ActinCable on my application, and I have an issue with authorization. Currently actioncable tries to authorize every single person live on the site, repeatedly as-well.
This returns a constant stream of An unauthorized connection attempt was rejectedin my log. Now that's because people visiting that aren't signed in, are also attempted to gain access.
My connection.rb looks like this:
module ApplicationCable
class Connection < ActionCable::Connection::Base
identified_by :current_user
def connect
self.current_user = find_verified_user
end
protected
def find_verified_user
if current_user = User.find_by(id: cookies.signed[:user_id])
current_user
else
reject_unauthorized_connection
end
end
end
end
now I'm wondering if I can make it so that only people that are signed in, try to become authorized by connnection.rbinstead of every visitor using the site. I am too unfamiliar with ActionCable to know how to limit this - and the documentation for ActionCable are still in their early days.