Skip to content

Restrict start-stream event to authenticated users #105

New issue
New issue
Open
Open
Restrict start-stream event to authenticated users#105
Labels
enhancementNew feature or requestgood first issueGood for newcomershelp wantedExtra attention is neededsecurity
@shishir-21

Description

@shishir-21
shishir-21
opened on Feb 13, 2026

Summary

Currently, any connected socket can trigger the start-stream event and create a live stream.

Problem

There is no authentication check inside the Socket.IO layer. This allows unauthenticated users to start streams.

Suggested Improvement

Integrate authentication validation into the WebSocket layer so that only logged-in users can initiate start-stream.

Possible approaches:

  • Validate JWT token during socket connection
  • Attach user data to socket.user
  • Check authentication before allowing start-stream

Why This Matters

This improves platform security and prevents unauthorized stream creation.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestgood first issueGood for newcomershelp wantedExtra attention is neededsecurity

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions