how to authorize the `join` command?

[smeijer]

I can't find any persistent/session data on the the authorizer request beyond the CONNECT command. How are we supposed to authorise subsequent commands like join?

The connect is authorize-able by providing an argument, like localhost:3000/ws?key=${token}. But that param doesn't make it to the join command, and I can't find anything else, like a cookie with session-id, or custom header, either.

[smeijer]

In v2 the key got carried over from the CONNECT to the SUBSCRIBE action, so I guess it's either a regression, or we need some migration docs to move from v2 to v3. 🙂