#28 — Add WebSocket auth into Facade

Repo: Twill-AI/facade State: closed | Status: done Assignee: Unassigned

Created: 2024-07-03 · Updated: 2025-09-15

Description

Blocked by #12 .

Due to WebSocket authentication differs from HTTP authentication we need to handle it differently. See https://ably.com/blog/websocket-authentication for options. https://devcenter.heroku.com/articles/websocket-security#authentication-authorization explains the chosen approach.

AC:

“Ticket”-based approach is implemented. In details POST /llmchats request should create “ticket” in memory of the Facade replica which expires in 5 seconds and returns new unique ID of ticket in response. If client sends “wss://twillpayments.com?ticketId={ticketId}” during this time then WebSocket connection is instantiated, all other WebSocket connections are rejected.

Add implementation notes, blockers, and context here

Add wikilinks to related people, meetings, or other tickets