How to secure the websocket

I looked at the tutorial, specifically because I was interested in TinyBase with the synchronizer, however, the websocket is completely unsecured. Shouldn't there be a way to pass on the a clerk token that then is verified first before allowing access to the durable objects?