- Documentation
- In-app Chat
- Guides
- Authentication
Authentication
To avoid unauthorized service access or operations, ZEGOCLOUD uses digital Tokens to control and validate users' login privileges.
The validation process
Before you log in to a room, Your app clients request Tokens from your app server and provide the Token for privilege validation when logging in to a room.
The following diagram shows the process of room login privilege validation:
Generate a Token
For business security, you must generate Tokens on your app server.
To generate a Token, do the following:
- Contact us to obtain the AppID and ServerSecret of the project.
- Use the
token generator
plug-in provided by ZEGO to generate Tokens on your app server.
Language | Supported version | Core function | Code base | Sample code | |
---|---|---|---|---|---|
User identity Token | User privilege Token | ||||
Go |
Go 1.14.15 or later |
GenerateToken04 |
|||
C++ |
C++ 11 or later |
GenerateToken04 |
|||
Java |
Java 1.8 or later |
generateToken04 |
|||
Python |
Python 3.6.8 or later |
generate_token04 |
|||
PHP |
PHP 7.0 or later |
generateToken04 |
|||
.NET |
.NET Framework 3.5 or later |
GenerateToken04 |
|||
Node.js |
Node.js 8 or later |
generateToken04 |
Take Go language as an example, you can do the following steps to generate a Token:
- go get github.com/ZEGOCLOUD/zego_server_assistant
- import "github.com/ZEGOCLOUD/zego_server_assistant/token/go/src/token04"
- Call the
GenerateToken04
method to generate a Token.
The following code shows how to generate a user identity Token:
var appId uint32 = <Your AppId> // type: uint32
userId := <Your userID> // type: string
secret := <ServerSecret> // type: 32 byte length string
var effectiveTimeInSeconds int64 = <Your token effectiveTime> //type: int64; unit: s
token, err := zsa.GenerateToken04(appId, userId, secret, effectiveTimeInSeconds)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(token)
Use the Token
When logging in to a room, you need to pass the Token for validation. Otherwise, the login will fail.
ZIMUserInfo userInfo = new ZIMUserInfo();
userInfo.userID = "YOUR_USER_ID";
userInfo.userName = "YOUR_USER_NAME";
String token = "xxxxxxxxxx"; // The token you get from your app server.
zim.login(userInfo, token, new ZIMLoggedInCallback() {
@Override
public void onLoggedIn(ZIMError error) {
// You can tell by the ZIMErrorCode whether the room login is successful.
......
}
});
Renew the Token
30 seconds before a Token expires, the SDK sends out a notification through the
onTokenWillExpire
callback. (If the period of validity of the Token is less than 30 seconds after a successful room login, the callback triggers immediately. )Upon receiving this callback, you need to get a new Token from your app server first, and then pass the new Token to the
renewToken
method.
@Override
public void onTokenWillExpire(int second){
String token = getToken(); // Request a new Token from app server.
engine.renewToken(token, new ZIMTokenRenewedCallback {
@Override
public void onTokenRenewed(String token, ZIMError error) {
// You can tell by the ZIMErrorCode whether the Token is renewed successfully.
}
});
}