When it comes to pushing realtime messages using WebSocket Software as a Service (SaaS) libraries, I love Pusher App and PubNub. While both services provide the same basic features, I had thought that only PubNub allowed client-to-client events (ie. events published directly from one client to another client without using your server as a proxy). Yesterday, however, I happend to be setting up a new demo app in Pusher and I noticed that Pusher now allows for client-to-client realtime messages (which you have to explicitly enable, per app). I don't know when this was introduced, but it's wicked awesome! So, naturally, I had to give it a try.
Because client-initiated events are more susceptible to security threats, Pusher mandates that all client-to-client events take place over private channels. This ensures that each client is a valid user of your application, and therefore, limits the exposure-threat of your realtime app key.
In the demo below, I'm not really implementing any tight security; but I do supply the necessary authorization end-point (authEndpoint) that is required for all private and presence channels. Hopefully, I can talk more about channel-based security in an upcoming post.
There are other restrictions that are applied to the client-events, such as a 10-event-per-second max; but, let's just get to the code already! In the following demo, I'm simply tracking the mouse-movements across the various clients that are connected to the ColdFusion application.
There's not too much to explain here; each event carries the unique userID and the x/y position of the user's mouse. When the event is pushed to the various clients, the event is rendered as a dot on the screen. It's pretty cool. Pusher App is really becoming one of my absolute favorite services!
Want to use code from this post? Check out the license.
I'm not sure if it supports this the same way that it can in AS3, but perhaps you could use the Greensock tweening library to tween between event positions. That way even though the position "keyframes" are limited to 10 "fps" the tween engine will smooth out the motion.
Excellent question - animation is definitely one of the weakest parts of my development knowledge-base. I started out with jQuery-based animations... then, I started to learn a little bit about some CSS3 transitions... and that's about all I really know. And, by "know", I mean that I can sort of get it to work. I haven't looked into any animation-frame stuff or even the events that are triggered upon transition-end things.
Maybe someone else will have some better answers.
Well, Greensock AS3 has a plugin called dynamicProps that essentially had a property in a continual tween until it reached its target. I'm thinking that JS may get this "feature" automatically by virtue of it being a runtime interpreted language where everything is always dynamic anyhow. I would really look at the greensock library over jQuery animate, as its performance blows most other JS animation and tweening library out of the water.
I just did a Google search and came across this Jump-Start demo of Greensock:
Looks pretty cool. Thanks for the tip - I'll dig more deeply.
Hello Ben !
Do You have a comparison of PubNub vs. Pusher ?
Cheers and Tschüss
Wie geht es dir? I don't really have any great comparison to call upon. I've played around with both and they seem to be solid. I've started to learn more towards Pusher App because it has a mechanism that allows me to authenticate a user, server-side, before they subscribe to a private (and now Client) channel. When I was doing some earlier research, I believe PubNub still relied on channel-name obfuscation to implement that kind of security.
Is Pusher's approach to authorizing channel subscription significantly better? I can't say; but, the fact that they have built that in just gives me an extra little bit of comfort knowing that they are truly thinking about security in a holistic manner.
Also, the Pusher documentation is better and easier to follow. When I was researching the PubNub service, I found it very difficult to find help articles and info on how things should be implemented.
That said, both services do seem really solid and I think you'd be happy going with either.