Websockets Auth #315

agieocean · 2025-09-18T01:26:13Z

agieocean
Sep 18, 2025

Was wondering if the auth decorator works for websocket handlers so like:

@app.route('/echo')
@with_websocket
@auth
def echo(request, ws):
    ...

Answered by miguelgrinberg

Sep 18, 2025

Yes, that should work. I would put the auth decorator above the websocket one, though, so that the credentials are checked before the websocket handshake. Also keep in mind that on the browser the WebSocket API does not include the option to send custom headers, so not counting hacks that attempt to overcome this big limitation your only option is to use basic auth.

View full answer

miguelgrinberg · 2025-09-18T08:03:26Z

miguelgrinberg
Sep 18, 2025
Maintainer

Yes, that should work. I would put the auth decorator above the websocket one, though, so that the credentials are checked before the websocket handshake. Also keep in mind that on the browser the WebSocket API does not include the option to send custom headers, so not counting hacks that attempt to overcome this big limitation your only option is to use basic auth.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Websockets Auth #315

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Uh oh!

Websockets Auth #315

Uh oh!

agieocean Sep 18, 2025

Replies: 1 comment

Uh oh!

miguelgrinberg Sep 18, 2025 Maintainer

agieocean
Sep 18, 2025

miguelgrinberg
Sep 18, 2025
Maintainer