API Reference - @liveblocks/node

You can use the Liveblocks API in test mode, which does not affect your live data. The API key you use to authenticate the request determines whether the request is live mode or test mode.

authorize

If the current user has access to the provided room, call this function from your authorization endpoint and returns the result as a http response.

Optionally, you can also pass a userId and userInfo to add information about the current user that will not change during the session. This information will will be accessible in the client to all other users in Room.getOthers. It can be helpful to implement avatars or display the user’s name without introducing a potential impersonification security issue.

  • userId cannot be longer than 128 characters.
  • userInfo cannot be longer than 1024 characters once serialized to JSON.

Example using Next.js

import { authorize } from "@liveblocks/node";
// Replace this key with your secret key provided at// https://liveblocks.io/dashboard/projects/{projectId}/apikeysconst secret = "sk_prod_xxxxxxxxxxxxxxxxxxxxxxxx";
export default async function auth(req, res) { /** * Implement your own security here. * * It's your responsibility to ensure that the caller of this endpoint * is a valid user by validating the cookies or authentication headers * and that it has access to the requested room. */ const room = req.body.room; const response = await authorize({ room, secret, // Optional, corresponds to the UserMeta[id] type defined in liveblocks.config.ts userId: "123", groupIds: ["456"], // Optional userInfo: { // Optional, corresponds to the UserMeta[info] type defined in liveblocks.config.ts name: "Ada Lovelace", color: "red", }, }); return res.status(response.status).end(response.body);}

Example using Express.js

const express = require("express");const { authorize } = require("@liveblocks/node");
// Replace this key with your secret key provided at// https://liveblocks.io/dashboard/projects/{projectId}/apikeysconst secret = "sk_prod_xxxxxxxxxxxxxxxxxxxxxxxx";
const app = express();
app.use(express.json());
app.post("/api/auth", (req, res) => { /** * Implement your own security here. * * It's your responsibility to ensure that the caller of this endpoint * is a valid user by validating the cookies or authentication headers * and that it has access to the requested room. */ authorize({ room: req.body.room, secret, userId: "123", // Optional userInfo: { // Optional name: "Ada Lovelace", color: "red", }, }) .then((authResponse) => { res.send(authResponse.body); }) .catch((er) => { res.status(403).end(); });});

WebhookHandler

The WebhookHandler class is a helper to handle webhook requests from Liveblocks.

It’s initialized with a signing secret that you can find in your project’s webhook page.

const webhookHandler = new WebhookHandler(process.env.WEBHOOK_SECRET);

verifyRequest

Verifies the request and returns the event.

const event = webhookHandler.verifyRequest({  headers: req.headers,  rawBody: req.body,});

Example

import { WebhookHandler } from "@liveblocks/node";
// Will fail if not properly initialized with a secretconst webhookHandler = new WebhookHandler(process.env.WEBHOOK_SECRET);
export default function webhookRequestHandler(req, res) { try { const event = webhookHandler.verifyRequest({ headers: req.headers, rawBody: req.body, });
// do things with the event of type `WebhookEvent`
if (event.type === "storageUpdated") { // do things with the event of type `StorageUpdatedEvent` } else if (event.type === "userEntered") { // do things with the event of type `UserEnteredEvent` } else if (event.type === "userLeft") { // do things with the event of type `UserLeftEvent` } } catch (error) { console.error(error); return res.status(400).end(); }
res.status(200).end();}
© 2023 Liveblocks Inc.Edit this page