To avoid unauthorized service access or operations, ZEGOCLOUD uses digital Tokens to control and validate users' login privileges.
Before you log in to a room, your app clients request Tokens from your app server and provide the Token for privilege validation when logging in to a room.
The following diagram shows the process of room login privilege validation:
For business security, you must generate Tokens on your app server.
Go to ZEGOCLOUD Admin Console, and do the following:
Use the token generator
plug-in provided by ZEGOCLOUD to generate Tokens on your app server.
Language | Supported version | Core function | Code base | Sample code | |
---|---|---|---|---|---|
User identity Token | User privilege Token | ||||
Go |
Go 1.14.15 or later |
GenerateToken04 |
|||
C++ |
C++ 11 or later |
GenerateToken04 |
|||
Java |
Java 1.8 or later |
generateToken04 |
|||
Python |
Python 3.6.8 or later |
generate_token04 |
|||
PHP |
PHP 7.0 or later |
generateToken04 |
|||
.NET |
.NET Framework 3.5 or later |
GenerateToken04 |
|||
Node.js |
Node.js 8 or later |
generateToken04 |
Take Go language as an example, you can do the following steps to generate a Token:
GenerateToken04
method to generate a Token.The following code shows how to generate a user identity Token:
var appId uint32 = <Your AppId> // type: uint32
userId := <Your userID> // type: string
secret := <ServerSecret> // type: 32 byte length string
var effectiveTimeInSeconds int64 = <Your token effectiveTime> //type: int64; unit: s
token, err := zsa.GenerateToken04(appId, userId, secret, effectiveTimeInSeconds)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(token)
Users pass in the relevant Token for authentication when logging in and set the corresponding permissions.
try{
ZIMLoginConfig loginConfig = ZIMLoginConfig();
// The user's nickname, leave it blank if you don't want to modify the nickname
loginConfig.userName = 'userName';
// If using token as the authentication method, please fill in this parameter, otherwise no need to fill in
loginConfig.token = '';
// Whether this login is an offline login, please refer to the offline login documentation for details
loginConfig.isOfflineLogin = false;
await ZIM.getInstance()?.login('zego', loginConfig);
// Login successful, write the business logic for successful login
} on PlatformException catch(onError){
// Login failed
// Error code for login failure, please refer to the error code table in the integration documentation for handling
onError.code;
// Error message for login failure
onError.message;
}
30 seconds before the Token expires, the SDK will send a notification through onTokenWillExpire callback. If the Token's validity period is less than 30 seconds after a successful login, the callback will be triggered immediately.
After receiving this callback, developers need to obtain a new valid Token from their own server and call the renewToken interface provided by the SDK to update the Token.
ZIMEventHandler.onTokenWillExpire = (zim, second) {
ZIM.getInstance().renewToken('new token');
};