I am trying write an native android and ios app which use meteor for backend.
I am using this library for connect to meteor server : https://github.com/delight-im/Android-DDP
I am wondering about connect server websocket to another url. Let me explain about that ;
I can connect localserver with this line =
new Meteor(this, "ws://192.168.1.20:3000/websocket", new InMemoryDatabase());
but think about in deployment. For example; let assume my meteor application ip is ‘188.8.131.52’
and i can connect in android application with like this :
new Meteor(this, "ws://184.108.40.206/websocket", new InMemoryDatabase());
BUT anyone can connect my server and take my datas over DDP with this line.
Can i add authentication for “/websocket” URL or can i change “/websocket” URL?
I’m not talking about Meteor User Login method, i have an application which don’t need users login to see datas, I removed autopublish but i have to show all datas to all users. If i add autopublish, anyone whom know my server ip, will can take my datas.
How can i prevent this?
May i use subscription method with uniq id parameter, which given by my self?