00:00:16  <mdedetrich>oh yeah, from a security POV, thats shitting your pants scary
00:26:21  <paulbjensen>has this been tested against other WS libraries/services?
00:34:42  <ArxPoetica>interested in this
00:35:01  <ArxPoetica>paulbjensen — are you behind ss-engine.io then?
00:35:11  <paulbjensen>yep
00:35:49  <paulbjensen>It's essentially a fork of ss-sockjs, but with reconnection code
00:38:42  * joshsmithquit (Quit: joshsmith)
00:39:01  <paulbjensen>plus the benefit of engine.io's approach to establishing a reliable connection
01:03:12  * joshsmithjoined
01:13:08  * paulbjensenquit (Quit: paulbjensen)
01:49:10  * jzjoined
01:49:34  * jzchanged nick to Guest96300
01:51:09  * hipertrackerquit (Ping timeout: 260 seconds)
01:51:21  * Guest96300changed nick to hipertracker
02:05:31  * mal``quit (Ping timeout: 252 seconds)
02:07:09  * mal``joined
02:34:28  * joshsmithquit (Quit: joshsmith)
02:49:27  <ArxPoetica>mdedetrich — so did you decide on a transport layer? It sounds like you leveled on ss-engine.io?
02:49:58  <mdedetrich> ArxPoetica: I havn't tested it in production, so don't quite me on it yet
02:50:09  <mdedetrich>but ss-enginio does seem better (and it supports reconnection)
02:50:15  <ArxPoetica>i see
02:50:25  <ArxPoetica>I'm trying to find it...
02:50:28  <mdedetrich>the main advantage of ss-engine.io is engine-io's main goal, taken from their website
02:50:30  <ArxPoetica>do you have a link?
02:50:48  <mdedetrich>sec
02:51:00  <mdedetrich>The main goal of Engine is ensuring the most reliable realtime communication. Unlike the previous socket.io core, it always establishes a long-polling connection first, then tries to upgrade to better transports that are "tested" on the side.
02:51:01  <mdedetrich>During the lifetime of the socket.io projects, we've found countless drawbacks to relying on HTML5 WebSocket or Flash Socket as the first connection mechanisms.
02:51:02  <mdedetrich>Both are clearly the right way of establishing a bidirectional communication, with HTML5 WebSocket being the way of the future. However, to answer most business needs, alternative traditional HTTP 1.1 mechanisms are just as good as delivering the same solution.
02:51:28  <mdedetrich>so the main point of engine.io is to make sure that it works NO MATTER WHAT
02:51:36  <ArxPoetica>i see
02:51:38  <mdedetrich>ArxPoetica: main link https://github.com/LearnBoost/engine.io
02:51:41  <ArxPoetica>awesome thx
02:52:08  <mdedetrich>ArxPoetica: thats the plugin for SS https://github.com/Anephenix/ss-engine.io
02:52:20  <ArxPoetica>right
02:52:36  <mdedetrich>so the thing is, sockjs was good because unlike socket.io, it appeared to work in every browser
02:52:48  <mdedetrich>problem with sock.js is it never reconnected, which is really annoying in dev mode
02:52:58  <ArxPoetica>hmm
02:53:13  <ArxPoetica>this was why I couldn't find it: https://github.com/paulbjensen
02:53:25  <ArxPoetica>I was looking at his personal account — not the organization :)
02:53:29  <mdedetrich>engine.io seems to work everywhere (by seems I mean that I havn't tested it in production, but their main goal is to make it work everywhere without problems) and has reconnect
02:54:04  <ArxPoetica>reconnect meaning an event for when sockets come back up
02:54:12  <mdedetrich>yeah, when you shutdown the server
02:54:14  <mdedetrich>and start it again
02:54:16  <ArxPoetica>right
02:54:18  <mdedetrich>with cients still open
02:54:20  <mdedetrich>*clients
02:54:40  <ArxPoetica>hey — the other day, when you were talking with owenb about some session bug or something like that
02:54:42  <mdedetrich>the thing is, engine-io is getting a lot of attention
02:54:45  <ArxPoetica>I might be seeing something similar
02:54:55  <mdedetrich>ArxPoetica: I am 95% sure its the default cookie time
02:54:57  <mdedetrich>which is set to 30 days
02:55:01  <ArxPoetica>ah...
02:55:04  <mdedetrich>I had websites running for longer than that
02:55:12  <ArxPoetica>gotcha.
02:55:14  <mdedetrich>so you have to set the cookie expiry to be longer
02:55:22  <mdedetrich>because you can
02:55:28  <mdedetrich>*because you can't see to catch that error
02:55:54  <ArxPoetica>so how do you set it longer?
02:56:25  <mdedetrich>ArxPoetica: read this https://groups.google.com/forum/?fromgroups=#!topic/socketstream/AMDJ80w9Hzo
02:56:30  <ArxPoetica>okay cool
02:56:33  <mdedetrich>ss.session.options.maxAge = 8640000; // one day in milliseconds
02:56:41  <ArxPoetica>right
02:56:46  <ArxPoetica>I've seen that magic number
02:56:58  <ArxPoetica>31557600000 = one year
02:57:07  <mdedetrich>maxAge: 30 * 24 * 60 * 60 * 1000
02:57:11  <mdedetrich>yeah so standard practise
02:57:16  <mdedetrich>would be to set it to something like 40 years
02:57:37  <ArxPoetica>interestig
02:58:35  <ArxPoetica>Oh yeah, I remember this thread.
02:58:45  <ArxPoetica>someone though it was redis
03:01:18  <mdedetrich>the thing is, the proper way to do this is to create another cookie, however there isn't any way to catch this error
03:01:46  <ArxPoetica>right
03:02:14  <ArxPoetica>have you set up your own servers? Or do you use something like nodejitsu?
03:02:22  <mdedetrich>nodejitsu
03:02:30  <ArxPoetica>i c
03:02:36  <ArxPoetica>yeah, I'm on there.
03:02:55  <ArxPoetica>Oh that's right — I'm remembering, you helped me out early on. :P
03:04:23  <mdedetrich>yeah I just asked in nodejitsu
03:04:27  <mdedetrich>*I mean node.js
03:04:37  <mdedetrich>the standard practise is to extend the cookie (i.e. create a new one)
03:05:01  <mdedetrich>the problem with ss is it just throws the error, there is no way to catch it and do something like (if cookie doesn't exist -> create new one)
03:05:55  <mdedetrich>you should probably ask owen to fix this when you get a chance to
03:06:06  <mdedetrich>since I never seem to catch this
03:06:16  <mdedetrich>ArxPoetica: well either 'fix' or tell us how to deal with expired cookies
03:06:37  <ArxPoetica>right
03:06:53  <ArxPoetica>I'll open a ticket at least so we remember.
03:07:03  <mdedetrich>there needs to be a way to regenerate the session (which goes through a cookie) should the cookie expire
03:07:40  <ArxPoetica>https://github.com/socketstream/socketstream/issues/319
03:07:45  <ArxPoetica>looks like there's one open.
03:08:09  <ArxPoetica>er. no nevermind.
03:08:15  <ArxPoetica>similar though maybe
03:08:23  <mdedetrich>https://github.com/socketstream/socketstream/blob/master/doc/guide/en/sessions.md
03:08:29  <mdedetrich>all it says is how to set the session
03:08:37  <mdedetrich>* set the session max age
03:09:24  <ArxPoetica>right
03:09:57  * joshsmithjoined
03:10:44  <mdedetrich>tl;dr, you need a way to deal with expired cookies instead of SS just throwing an error while its running
03:14:22  <ArxPoetica>all right, I posted something over here: https://github.com/socketstream/socketstream/issues/319
03:14:33  <ArxPoetica>feel free to update if you think it needs correcting
03:26:09  * lluadquit (Read error: Connection reset by peer)
03:29:54  * lluadjoined
03:32:18  * hedgiejoined
03:33:14  <hedgie>is anyone around? I have a question regarding middleware (with express) in relation to sessions - I've read through this thread- https://groups.google.com/forum/?fromgroups=#!topic/socketstream/GI-7PPTAWyA
03:35:14  <ArxPoetica>hey
03:35:46  <ArxPoetica>what's the question?
03:35:50  <hedgie>hey Arx, thanks for your help
03:36:18  <hedgie>so i'm trying to do an "admin" interface - to do this i'm setting up a new route, and trying to use a basic authentication middleware in my /admin router
03:36:28  <ArxPoetica>sure
03:36:31  <ArxPoetica>in the RPC?
03:36:45  <hedgie>i'm not doing it as an RPC, i'm trying to do it in the router:
03:36:45  <ArxPoetica>sorry, not the RPC, router
03:36:50  <hedgie>app.get('/admin', require('./server/middleware/admin').actions(ss).check, function(req, res) {
03:37:06  <ArxPoetica>this is all ss?
03:37:33  <hedgie>i'm using express as well... that .actions(ss) thing is kind of weird because i was trying to get it to work but i guess that shouldn't be there ideally
03:37:35  <ArxPoetica>or is that an express route?
03:37:40  <hedgie>that's an express route
03:37:47  <ArxPoetica>yeah gotcha
03:37:55  <hedgie>so the problem is, it gets to the middleware
03:38:05  <hedgie>but req.session is only holding the ... express session?
03:38:11  <hedgie>not the connect session
03:38:14  <ArxPoetica>so…one problem w/ coupling ss w/ express is it doesn't really share middleware.
03:38:37  <ArxPoetica>so if it's an express route, the req won't hold the session quite like that.
03:38:55  <hedgie>okay
03:39:01  <ArxPoetica>I'm trying to remember all the details. But I ran into the same problem once.
03:39:10  <ArxPoetica>Let me see if I can go find my solution.
03:39:21  <hedgie>yeah, i'm not super 100% sold on using express - the problem is i'm just not sure how to use a middleware at the route-level without using express?
03:39:38  <hedgie>i looked around and it seemed easy for RPC calls but couldn't find anything with socketstream routes
03:40:29  <mdedetrich>hedgie: I use latest version of express with SS fine
03:41:04  <mdedetrich>hedgie: put this into your app app.js/app.coffee (AFTER you do ss.start)
03:41:08  <mdedetrich>hedgie: app.stack = ss.http.middleware.stack.concat(app.stack)
03:41:20  <ArxPoetica>Yeah, I'm wrong — it does share session
03:41:29  <ArxPoetica>I was thinking of a different problem.
03:41:35  <hedgie>yeah! i was reading through the webpage and that's what i've had since the very beginning
03:41:45  <hedgie>i looked through the socketstream tour...
03:41:57  <hedgie>so i'm very confused why the session isn't being shared
03:42:02  <hedgie>maybe i have an older version of express
03:42:08  <mdedetrich>hedgie: can you read coffeescript?
03:42:14  <hedgie>yes
03:43:24  <hedgie>okay - yes, i'm using 3.0.3 Express atm
03:44:02  <ArxPoetica>I remember the problem I had.
03:44:07  <ArxPoetica>It was different, yes.
03:44:19  <ArxPoetica>Bascially, sessions can be shared.
03:44:27  <mdedetrich>hedgie: https://gist.github.com/e6c5141771eae4630fb1
03:44:37  <ArxPoetica>I was trying to share middleware between express and ss, which isn't always 1 to 1.
03:44:45  <mdedetrich>hedgie: just read that, it should be self explanatory
03:44:49  <mdedetrich>hedgie: im using latest version of SS
03:45:26  <mdedetrich>hedgie: and latest version of express
03:45:42  <hedgie>okay, thank you
03:45:45  <hedgie>let me check it out...
03:45:48  <mdedetrich>hedgie: you can use your req.session in your express as normal
03:46:09  <mdedetrich>hedgie: however you have to remember to do req.session.save(cb) when you are saving something to session
03:46:16  <ArxPoetica>but session is definitely shared.
03:46:32  <mdedetrich>hedgie: sessions do not save automatically when the route throws a response, unlike normal express
03:46:36  <hedgie>okay, i'm not doing that!
03:46:37  <ArxPoetica>what is cb, mdedetrich?
03:46:43  <mdedetrich>callback
03:46:49  <ArxPoetica>ah right
03:47:06  <ArxPoetica>yeah — that needs to be documented, because I got hung up on the .save bit too.
03:47:28  <mdedetrich>hedgie: thats an example of a route https://gist.github.com/8649cf29d64bd9d417f9
03:48:04  <hedgie>okay - so i need to add that req.session.save(cb) in the RPC call that saves the admin state
03:48:12  <hedgie>let me try that real quick - thank you for your help
03:49:01  <ArxPoetica>thanks for throwing this up, mdede — I can see also how you did your transport layer :P
03:49:15  <hedgie>okay yeah that was the problem!
03:49:17  <hedgie>thanks a lot!
03:49:19  <ArxPoetica>btw, that conig.get stuff has been a real life saver
03:49:31  <ArxPoetica>hedgie you in here a lot?
03:49:40  <hedgie>this is my first time being in here...
03:49:49  <ArxPoetica>cool well come back :P
03:49:50  <hedgie>only been using SS for a few days \:
03:49:52  <mdedetrich>I have even used SS without even using sockets
03:49:53  <hedgie>really cool technology!
03:50:08  <mdedetrich>just combined it with express and commented out the sockets in entry.js
03:50:21  <ArxPoetica>that's interesting...
03:50:42  <mdedetrich>I just used SS due to automatic coffeescript, client side modules and automatic packing
03:50:43  <mdedetrich>and whatnot
03:50:48  <ArxPoetica>so sort of half real-time
03:50:59  <ArxPoetica>that's hilarious
03:52:05  <mdedetrich>hedgie: also if you like coffeescript
03:52:18  <mdedetrich>hedgie: SS can use coffeescript transparently in both server and client
03:52:36  <mdedetrich>hedgie: you don't have to worry about compiling coffeescript at all
03:54:04  <ArxPoetica>mdedetrich so for the engine.io transport layer
03:54:10  <ArxPoetica>you have to pass the port?
03:54:18  <mdedetrich>yah
03:54:25  <ArxPoetica>i see that in your example
03:54:29  <mdedetrich>I just use the same port that the webserver runs on
03:54:42  <mdedetrich>I think technically speaking it should be 89
03:54:51  <mdedetrich>*80
03:54:54  <hedgie>yeah i've been using the coffeescript for my normal application code
03:54:58  <hedgie>it's really convientent!
03:55:07  <mdedetrich>I would also recommend jade for html scripting
03:55:12  <mdedetrich>you can use jade both on client and server
03:55:17  <ArxPoetica>jade for the win
03:55:22  <hedgie>i used to use now.js - and program in coffeescript and it was a pain to have to constantly compile it back
03:55:36  <hedgie>- i have started using Jade since i used SS. i used to use CoffeeKup
03:55:36  <mdedetrich>hedgie: yeah compilation here is completely automatic
03:55:42  <hedgie>but Jace is a little bit nicer imo
03:55:57  <mdedetrich>hedgie: and when you submit your app to production, SS will compile it down and pack down the JS
03:56:09  <mdedetrich>never heard of jace, I mean you can use jace if you want
03:56:15  <mdedetrich>you just have to make the plugin yourself
03:56:15  <hedgie>haha - i meant Jade
03:56:16  <hedgie>type
03:56:18  <ArxPoetica>:P
03:56:22  <hedgie>*typo ...
03:56:59  <hedgie>yeah - i think that SS is a very powerful framework! it's a lot nicer than that Java world which is where i come from
03:57:09  <hedgie>i mean i used to think that Struts was the most amazing thing... so naive
03:57:17  <ArxPoetica>mdedetrich with ss-engine — it's just a wrapper, right? I mean, there's nothing else I need to do other than include it?
03:57:48  <mdedetrich>ArxPoetica: yup
03:57:54  <ArxPoetica>sweet
03:57:59  <mdedetrich>ArxPoetica: just put this line into your app.coffee/app.js
03:58:03  <mdedetrich>ss.ws.transport.use(require('ss-engine.io'),client:{host:'localhost', port:config.get('port') || 8080});
03:58:08  <ArxPoetica>right
03:58:15  <mdedetrich>obviously make sure that ss-engine,io is in your package.json
03:58:20  <ArxPoetica>right too
03:58:43  <ArxPoetica>I think I'm just surprised the switch is so easy.
03:58:47  <ArxPoetica>But that's node for ya.
04:00:24  * lluadquit (Quit: lluad)
04:00:46  <mdedetrich>well thats how SS was designed
04:00:48  <mdedetrich>thankfully
04:02:17  <ArxPoetica>oh also
04:02:35  <ArxPoetica>host: 'localhost' <— I'm assuming that should be a config setting
04:02:37  <ArxPoetica>like
04:02:53  <ArxPoetica>host: config.get('DOMAIN')
04:02:55  <mdedetrich>well the thing is, you can run sockets
04:02:58  <mdedetrich>on different domains
04:03:06  <mdedetrich>localhost will run the socket on the same machine
04:03:13  <mdedetrich>that the webserver is run on
04:03:15  <ArxPoetica>errr...
04:03:24  <ArxPoetica>that's interesting
04:03:33  <mdedetrich>localhost always points to currently running machine
04:03:38  <ArxPoetica>right
04:03:46  <ArxPoetica>so it's safe
04:03:47  <ArxPoetica>ok
04:03:48  <mdedetrich>its the host, not the domain
04:03:53  <mdedetrich>those are different things
04:04:05  <ArxPoetica>yeah, my bad
04:04:21  <ArxPoetica>host: config.get('HOST')
04:04:24  <ArxPoetica>:P
04:04:41  <ArxPoetica>But i see how localhost is safe
04:04:47  <ArxPoetica>hadn't really thought that through
04:04:50  <mdedetrich>I think thats how its meant to be
04:04:58  <mdedetrich>I havn't actually tested this on nodejitsu
04:05:02  <mdedetrich>probably should sometime
04:05:23  <ArxPoetica>well, sounds like we'll both find out :P
04:10:24  <ArxPoetica>works like a charm
04:19:59  * zenoconjoined
04:48:48  * ArxPoeticaquit (Quit: Leaving.)
05:02:56  * zenoconquit (Remote host closed the connection)
05:03:30  * zenoconjoined
05:08:02  * zenoconquit (Ping timeout: 256 seconds)
05:10:13  * hedgiequit (Quit: Page closed)
07:01:46  * joshsmithquit (Quit: joshsmith)
07:15:02  * mdedetrichquit (Quit: Computer has gone to sleep.)
08:08:29  * ins0mniajoined
08:52:14  * ins0mniaquit (Ping timeout: 240 seconds)
09:49:43  * ins0mniajoined
10:17:52  * mdedetrichjoined
10:22:27  * mdedetrichquit (Ping timeout: 252 seconds)
10:27:16  * mdedetrichjoined
11:19:21  * mdedetrichquit (Ping timeout: 240 seconds)
11:20:43  * mdedetrichjoined
11:49:54  * ins0mniaquit (Ping timeout: 240 seconds)
12:19:00  * mdedetrichquit (Ping timeout: 248 seconds)
12:21:10  * mdedetrichjoined
12:41:57  * vguerrajoined
12:52:02  * ArxPoeticajoined
13:00:37  * ins0mniajoined
13:03:34  * ArxPoeticaquit (Ping timeout: 240 seconds)