Setup WSSSet-up a web-socket server between your app and OpenPassport.
Context
Web-socket are used to communicate between OpenPassport mobile app and web browser SDK. OpenPassportQRcode component is using by default OpenPassport one.
We encourage you to deploy and manage your own WSS.
This web-socket server is designed to run on a linux server with Node.js installed.
You can run it with PM2 , any process manager or simply with node.
Installation
Clone the repository:
Copy git clone https://github.com/zk-passport/websocket-server
Install dependencies:
Copy cd websocket-server
yarn install
Usage
Start the server:
Nginx Configuration example
To ensure secure communication between the mobile application and the websocket server, it is necessary for the server to have an HTTPS
endpoint.
Redirect your domain to the server ip address and setup ssl with certbot.
Here is an example of an Nginx configuration that sets up an HTTPS endpoint for the websocket server:
Copy user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
server {
listen 443 ssl;
server_name <your-domain> www.<your-domain>;
ssl_certificate /etc/letsencrypt/live/<your-domain>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<your-domain>/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
location /websocket {
proxy_pass http://localhost:3200;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
}
```
Last updated 3 months ago