[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"academy-blog-translations-none":3,"academy-blogs-en-1-1-all-advanced-websocket-security-authentication-jwt-secure-handshake-all--*":4},{},{"data":5,"meta":74},[6],{"categoryId":7,"collectionId":8,"collectionName":9,"content":10,"createBy":11,"createDate":12,"created":13,"description":14,"expand":15,"group":66,"id":66,"image":67,"imageAlt":68,"imagePath":69,"keywordIds":70,"langId":62,"publishDate":36,"scheduleDate":12,"slug":71,"status":28,"title":68,"updateBy":11,"updated":72,"views":73},"wqxt7ag2gn7xcmk","sclblg987654321","school_blog","\u003Cp>When your WebSocket server starts handling a large number of users or is used for critical, sensitive data, such as:\u003C\u002Fp>\u003Cul>\u003Cli>Chat & Collaboration Systems\u003C\u002Fli>\u003Cli>Financial \u002F Trading Platforms\u003C\u002Fli>\u003Cli>IoT & Device Control\u003C\u002Fli>\u003Cli>Multiplayer Games\u003C\u002Fli>\u003Cli>Internal Enterprise Systems\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Cp>The most important question is no longer: “How fast is it?” But instead:❗ “Is it secure enough for production?”\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Cp>This article takes you deep into real-world WebSocket security, covering patterns and practices used in enterprise and large-scale production systems.\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch2>🎯 What You Will Learn\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Cp>After reading this article, you will understand:\u003C\u002Fp>\u003Cul>\u003Cli>How to implement proper WebSocket authentication\u003C\u002Fli>\u003Cli>How to use JWT and token strategies securely\u003C\u002Fli>\u003Cli>How to prevent WebSocket hijacking\u003C\u002Fli>\u003Cli>How to design a secure, production-ready handshake\u003C\u002Fli>\u003Cli>Why Authentication ≠ Authorization in real-time systems\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Ch2>🧠 Common Misconceptions About WebSocket Security\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Cp>Many developers still believe:\u003C\u002Fp>\u003Cp>❌ “WebSocket is already secure because it starts from HTTP”\u003Cbr>❌ “Checking the user once during connection is enough”\u003Cbr>❌ “Cookie-based authentication works just like normal web apps”\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch3>The Reality\u003C\u002Fh3>\u003Cul>\u003Cli>WebSocket is a long-lived connection\u003C\u002Fli>\u003Cli>One successful connection can stay alive for hours\u003C\u002Fli>\u003Cli>WebSocket does not enforce Same-Origin Policy like fetch\u002FXHR\u003C\u002Fli>\u003Cli>If authentication fails at the handshake → the entire session is compromised\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Cp>🔥 An incorrectly authenticated WebSocket is like leaving the door open all day\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch2>🔑 WebSocket Authentication The Right Way\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Ch3>❌ What You Should Never Do\u003C\u002Fh3>\u003Cul>\u003Cli>Send username\u002Fpassword via WebSocket messages\u003C\u002Fli>\u003Cli>Authenticate after the connection is established\u003C\u002Fli>\u003Cli>Trust client-side data\u003C\u002Fli>\u003Cli>Rely solely on cookies\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Ch3>✅ The Correct Approach\u003C\u002Fh3>\u003Cul>\u003Cli>Authenticate during the handshake\u003C\u002Fli>\u003Cli>Reject the connection immediately if authentication fails\u003C\u002Fli>\u003Cli>Use token-based authentication\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Ch2>🪪 JWT & Token Strategy for WebSocket\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Ch3>Recommended Flow (Best Practice)\u003C\u002Fh3>\u003Col>\u003Cli>Client logs in via REST API\u003C\u002Fli>\u003Cli>Server returns a short-lived JWT\u003C\u002Fli>\u003Cli>Client uses the JWT when connecting to WebSocket\u003C\u002Fli>\u003C\u002Fol>\u003Cp> \u003C\u002Fp>\u003Ch3>Passing the Token\u003C\u002Fh3>\u003Cp>Via Query String\u003C\u002Fp>\u003Cpre>\u003Ccode class=\"language-plaintext\">wss:\u002F\u002Fapi.example.com\u002Fws?token=JWT_TOKEN\n\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp> \u003C\u002Fp>\u003Cp>Via Header\u003C\u002Fp>\u003Cpre>\u003Ccode class=\"language-plaintext\">Authorization: Bearer <JWT>\n\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp> \u003C\u002Fp>\u003Cp>✅ Header-based auth is preferred when supported by your Load Balancer \u002F Ingress\u003Cbr>⚠️ Query strings require caution due to logging and monitoring tools\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch2>🧩 JWT Validation During Handshake (Go Example)\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Cpre>\u003Ccode class=\"language-plaintext language-go\">func authenticate(r *http.Request) (*User, error) {\n\ttoken := r.URL.Query().Get(\"token\")\n\tif token == \"\" {\n\t\treturn nil, errors.New(\"missing token\")\n\t}\n\n\tclaims, err := validateJWT(token)\n\tif err != nil {\n\t\treturn nil, err\n\t}\n\n\treturn &User{\n\t\tID:   claims.UserID,\n\t\tRole: claims.Role,\n\t}, nil\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp> \u003C\u002Fp>\u003Cp>❗ If authentication fails → reject the connection immediately\u003C\u002Fp>\u003Cp>Never open a WebSocket and validate later.\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch2>⏳ Token Expiration & Refresh Strategy\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Ch3>Real-World Problem\u003C\u002Fh3>\u003Cul>\u003Cli>WebSocket connections are long-lived\u003C\u002Fli>\u003Cli>JWTs should be short-lived\u003C\u002Fli>\u003Cli>Tokens can expire during an active session\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Ch3>Production-Proven Strategy\u003C\u002Fh3>\u003Cul>\u003Cli>Use short-lived JWTs\u003C\u002Fli>\u003Cli>Refresh tokens via REST API\u003C\u002Fli>\u003Cli>Send a \u003Ccode inline=\"\">reauth_required\u003C\u002Fcode> event through WebSocket\u003C\u002Fli>\u003Cli>Gracefully disconnect if re-authentication fails\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Cp>❌ Never solve this by issuing long-lived JWTs\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch2>🧨 What Is WebSocket Hijacking?\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Ch3>Common Attack Scenario\u003C\u002Fh3>\u003Col>\u003Cli>Attacker injects malicious JavaScript\u003C\u002Fli>\u003Cli>Browser automatically sends cookies\u003C\u002Fli>\u003Cli>Attacker opens a WebSocket as the victim\u003C\u002Fli>\u003Cli>Server believes it’s a legitimate user\u003C\u002Fli>\u003C\u002Fol>\u003Cp> \u003C\u002Fp>\u003Cp>⚠️ WebSocket connections are not protected by Same-Origin Policy\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch2>🛡️ How to Prevent WebSocket Hijacking (Mandatory)\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Ch3>1. Always Validate the Origin\u003C\u002Fh3>\u003Cpre>\u003Ccode class=\"language-plaintext language-go\">func checkOrigin(r *http.Request) bool {\n\torigin := r.Header.Get(\"Origin\")\n\treturn origin == \"https:\u002F\u002Fyourdomain.com\"\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp> \u003C\u002Fp>\u003Cp>❗ Never return \u003Ccode inline=\"\">true\u003C\u002Fcode> unconditionally in production.\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch3>2. Never Use Cookie-Only Authentication\u003C\u002Fh3>\u003Cul>\u003Cli>Cookies are sent automatically\u003C\u002Fli>\u003Cli>Vulnerable to CSRF and hijacking\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Cp>✅ Use token-based authentication only\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch3>3. Bind Tokens to Context\u003C\u002Fh3>\u003Cp>Bind JWTs with additional context such as:\u003C\u002Fp>\u003Cul>\u003Cli>\u003Ccode inline=\"\">user_id\u003C\u002Fcode>\u003C\u002Fli>\u003Cli>\u003Ccode inline=\"\">device_id\u003C\u002Fcode>\u003C\u002Fli>\u003Cli>\u003Ccode inline=\"\">session_id\u003C\u002Fcode>\u003C\u002Fli>\u003Cli>\u003Ccode inline=\"\">ip\u003C\u002Fcode> (optional)\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Cp>This helps prevent token replay attacks\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch2>🤝 Secure Handshake Design (Enterprise Grade)\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Cp>A secure handshake should include:\u003C\u002Fp>\u003Cul>\u003Cli>JWT validation\u003C\u002Fli>\u003Cli>Origin check\u003C\u002Fli>\u003Cli>Rate limiting per IP\u003C\u002Fli>\u003Cli>Permission check\u003C\u002Fli>\u003Cli>Rejection of unknown protocols\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Ch3>Recommended Flow\u003C\u002Fh3>\u003Cpre>\u003Ccode class=\"language-plaintext\">Client → Handshake\n       → Validate JWT\n       → Check Origin\n       → Check Permission\n       → Accept \u002F Reject\n\u003C\u002Fcode>\u003C\u002Fpre>\u003Cp> \u003C\u002Fp>\u003Ch2>🚨 Rate Limiting & Brute-force Protection\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Ch3>Threats to Defend Against\u003C\u002Fh3>\u003Cul>\u003Cli>Connection flooding\u003C\u002Fli>\u003Cli>Token brute-force attacks\u003C\u002Fli>\u003Cli>Reconnect spam\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Ch3>Production Solutions\u003C\u002Fh3>\u003Cul>\u003Cli>Limit connections per IP\u003C\u002Fli>\u003Cli>Redis-based rate limiter\u003C\u002Fli>\u003Cli>Exponential backoff on the client side\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Ch2>🔐 Authorization Inside WebSocket (Critical)\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Cp>Authentication ≠ Authorization\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch3>Common Vulnerabilities\u003C\u002Fh3>\u003Cul>\u003Cli>User sending messages to admin-only rooms ❌\u003C\u002Fli>\u003Cli>User subscribing to restricted events ❌\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Ch3>Correct Approach\u003C\u002Fh3>\u003Cul>\u003Cli>Check role and permissions for every event\u003C\u002Fli>\u003Cli>Validate every message\u003C\u002Fli>\u003Cli>Never trust client-side event types\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Ch2>🧪 Production Security Checklist\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Cp>✅ Use WSS:\u002F\u002F only\u003Cbr>✅ Validate JWT during handshake\u003Cbr>✅ Check Origin\u003Cbr>✅ Enforce token expiration\u003Cbr>✅ Never send sensitive data in plain text\u003Cbr>✅ Rate limit connections\u003Cbr>✅ Log security events\u003Cbr>✅ Monitor reconnect anomalies\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Ch2>🚀 Challenge: WebSocket Security Audit\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Cp>Try auditing your own system:\u003C\u002Fp>\u003Cul>\u003Cli>Remove cookie-based auth\u003C\u002Fli>\u003Cli>Enforce JWT validation at connect time\u003C\u002Fli>\u003Cli>Attempt connections from other domains\u003C\u002Fli>\u003Cli>Test expired tokens\u003C\u002Fli>\u003Cli>Flood reconnect attempts\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Cp>If your system survives all of these → you’re approaching enterprise-grade WebSocket security 🔐\u003C\u002Fp>\u003Cp> \u003C\u002Fp>\u003Chr>\u003Cp> \u003C\u002Fp>\u003Ch2>🔮 What’s Next EP.125 TLS \u002F WSS & Certificate Management for WebSocket\u003C\u002Fh2>\u003Cp> \u003C\u002Fp>\u003Cp>In the next episode, we will dive into:\u003C\u002Fp>\u003Cul>\u003Cli>HTTPS vs WSS\u003C\u002Fli>\u003Cli>TLS Handshake\u003C\u002Fli>\u003Cli>Certificate Rotation\u003C\u002Fli>\u003Cli>Let’s Encrypt & Production Setup\u003C\u002Fli>\u003Cli>Zero-downtime Certificate Renewal\u003C\u002Fli>\u003C\u002Ful>\u003Cp> \u003C\u002Fp>\u003Cdiv class=\"raw-html-embed\">\u003Cdiv style=\"margin:0 0 6px 0; font-weight:700;\">Read more:\u003C\u002Fdiv>\n\u003Cul style=\"list-style:none; padding:0; margin:0; line-height:1.4;\">\n  \u003Cli style=\"margin:0;\">\u003Ca href=\"\u002Fen\u002Fblogs\u002Fcategories\u002FGolang\" title=\"Golang The Series\">Golang The Series\u003C\u002Fa>\u003C\u002Fli>\n  \u003Cli style=\"margin:0;\">\u003Ca href=\"\u002Fen\u002Fblogs\u002Fcategories\u002FJS2GO\" title=\"JS2GO\">JS2GO\u003C\u002Fa>\u003C\u002Fli>\n  \u003Cli style=\"margin:0;\">\u003Ca href=\"\u002Fen\u002Fblogs\u002Fcategories\u002FTailwind%20CSS\" title=\"Tailwind CSS\">Tailwind CSS\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\u003C\u002Fdiv>\u003Cp> \u003C\u002Fp>\u003Cdiv class=\"raw-html-embed\">\n  \u003Cp style=\"margin:0 0 6px 0;\">\u003Cstrong>Follow Us:\u003C\u002Fstrong>\u003C\u002Fp>\n  \u003Cul style=\"list-style:none; padding:0; margin:0; line-height: 0.4;\">\n    \u003Cli style=\"display:flex; align-items:center; gap:6px; margin:0;\">\n      \n      \u003Csvg width=\"16\" height=\"16\" viewBox=\"0 0 24 24\" fill=\"#1877F2\" aria-hidden=\"true\">\n        \u003Cpath d=\"M22 12.07C22 6.48 17.52 2 11.93 2S2 6.48 2 12.07c0 5 3.66 9.14 8.44 9.93v-7.02H7.9v-2.91h2.54V9.41c0-2.5 1.49-3.88 3.77-3.88 1.09 0 2.24.2 2.24.2v2.46h-1.26c-1.24 0-1.63.77-1.63 1.56v1.87h2.78l-.44 2.91h-2.34V22c4.78-.79 8.44-4.93 8.44-9.93Z\">\u003C\u002Fpath>\n      \u003C\u002Fsvg>\n      \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fsuperdev.academy.th\" target=\"_blank\" rel=\"nofollow noopener\" title=\"Follow Superdev Academy on Facebook\">Facebook: Superdev Academy\u003C\u002Fa>\n    \u003C\u002Fli>\n\n    \u003Cli style=\"display:flex; align-items:center; gap:6px; margin:0;\">\n      \n      \u003Csvg width=\"16\" height=\"16\" viewBox=\"0 0 24 24\" fill=\"#FF0000\" aria-hidden=\"true\">\n        \u003Cpath d=\"M23.5 6.2a3 3 0 0 0-2.1-2.1C19.5 3.5 12 3.5 12 3.5s-7.5 0-9.4.6A3 3 0 0 0 .5 6.2 31.5 31.5 0 0 0 0 12a31.5 31.5 0 0 0 .5 5.8 3 3 0 0 0 2.1 2.1c1.9.6 9.4.6 9.4.6s7.5 0 9.4-.6a3 3 0 0 0 2.1-2.1A31.5 31.5 0 0 0 24 12a31.5 31.5 0 0 0-.5-5.8ZM9.75 15.02V8.98L15.5 12l-5.75 3.02Z\">\u003C\u002Fpath>\n      \u003C\u002Fsvg>\n      \u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002F@SuperdevAcademy\" target=\"_blank\" rel=\"nofollow noopener\" title=\"Watch on YouTube\">YouTube: Superdev Academy\u003C\u002Fa>\n    \u003C\u002Fli>\n\n    \u003Cli style=\"display:flex; align-items:center; gap:6px; margin:0;\">\n      \n      \u003Csvg width=\"16\" height=\"16\" viewBox=\"0 0 24 24\" fill=\"#E4405F\" aria-hidden=\"true\">\n        \u003Cpath d=\"M7 2h10a5 5 0 0 1 5 5v10a5 5 0 0 1-5 5H7a5 5 0 0 1-5-5V7a5 5 0 0 1 5-5Zm10 2H7a3 3 0 0 0-3 3v10a3 3 0 0 0 3 3h10a3 3 0 0 0 3-3V7a3 3 0 0 0-3-3Zm-5 3.5A5.5 5.5 0 1 1 6.5 13 5.5 5.5 0 0 1 12 7.5Zm0 2A3.5 3.5 0 1 0 15.5 13 3.5 3.5 0 0 0 12 9.5Zm5.75-2.75a1.25 1.25 0 1 1-1.25 1.25 1.25 1.25 0 0 1 1.25-1.25Z\">\u003C\u002Fpath>\n      \u003C\u002Fsvg>\n      \u003Ca href=\"https:\u002F\u002Fwww.instagram.com\u002Fsuperdevacademy\u002F?hl=en target=\" _blank\"=\"\" rel=\"nofollow noopener\" title=\"See behind-the-scenes on Instagram\">Instagram: Superdev Academy\u003C\u002Fa>\n    \u003C\u002Fli>\n\n    \u003Cli style=\"display:flex; align-items:center; gap:6px; margin:0;\">\n      \n      \u003Csvg width=\"16\" height=\"16\" viewBox=\"0 0 24 24\" fill=\"#000000\" aria-hidden=\"true\">\n        \u003Cpath d=\"M21 8.12a6.86 6.86 0 0 1-4.8-2V16a6 6 0 1 1-6-6 5.9 5.9 0 0 1 1.63.23V8.05a9.08 9.08 0 0 1-1.63-.15V4.5a6.86 6.86 0 0 0 4.8 2.05V6.5a6.86 6.86 0 0 0 4.8 1.62ZM9.2 12.5A3.5 3.5 0 1 0 12.7 16V9.94a6 6 0 0 1-1.63-.27v3.95a3.5 3.5 0 0 1-1.87 3.17 3.5 3.5 0 0 1-4.78-3.23 3.5 3.5 0 0 1 4.78-3.06Z\">\u003C\u002Fpath>\n      \u003C\u002Fsvg>\n      \u003Ca href=\"https:\u002F\u002Fwww.tiktok.com\u002F@superdevacademy\" target=\"_blank\" rel=\"nofollow noopener\" title=\"Watch short tips on TikTok\">TikTok: @superdevacademy\u003C\u002Fa>\n    \u003C\u002Fli>\n\n    \u003Cli style=\"display:flex; align-items:center; gap:6px; margin:0;\">\n      \n      \u003Csvg width=\"16\" height=\"16\" viewBox=\"0 0 24 24\" fill=\"#111827\" aria-hidden=\"true\">\n        \u003Cpath d=\"M12 2a10 10 0 1 0 10 10A10.01 10.01 0 0 0 12 2Zm6.93 6h-3.26a15.6 15.6 0 0 0-1.39-3.62A8.03 8.03 0 0 1 18.93 8ZM12 4c.73.93 1.7 2.74 2.2 4H9.8C10.3 6.74 11.27 4.93 12 4ZM8.72 4.38A15.6 15.6 0 0 0 7.32 8H4.07a8.03 8.03 0 0 1 4.65-3.62ZM4.07 16h3.25a15.6 15.6 0 0 0 1.4 3.62A8.03 8.03 0 0 1 4.07 16ZM12 20c-.73-.93-1.7-2.74-2.2-4h4.4C13.7 17.26 12.73 19.07 12 20Zm3.28-.38A15.6 15.6 0 0 0 16.68 16h3.25a8.03 8.03 0 0 1-4.65 3.62ZM20 14h-3.54a13.8 13.8 0 0 1-.26-4H20a7.98 7.98 0 0 1 0 4Zm-12.2 0H4a7.98 7.98 0 0 1 0-4h3.54a13.8 13.8 0 0 1-.26 4Zm2 .5h4.4a17.8 17.8 0 0 1-.72-4.5c0-1.58.25-3.1.72-4.5H9.8a17.8 17.8 0 0 1 .72 4.5c0 1.58-.25 3.1-.72 4.5Z\">\u003C\u002Fpath>\n      \u003C\u002Fsvg>\n      \u003Ca href=\"https:\u002F\u002Fwww.superdevacademy.com\u002F\" target=\"_blank\" rel=\"noopener\" title=\"Visit the official website of Superdev Academy\">Official Website: Superdev Academy.com\u003C\u002Fa>\n    \u003C\u002Fli>\n  \u003C\u002Ful>\n\u003C\u002Fdiv>","r8v4zgsahjuwpeb","","2026-03-04 08:44:42.720Z","A deep dive into production-ready and enterprise-grade WebSocket security. Learn how to implement proper authentication, JWT token strategies, prevent WebSocket hijacking, and design a secure handshake for real-world, high-traffic systems.",{"categoryId":16,"keywordIds":30,"langId":57},{"blogIds":17,"collectionId":18,"collectionName":19,"createBy":20,"created":21,"id":7,"image":22,"imageAlt":12,"imagePath":23,"label":24,"name":25,"priority":26,"publishDate":27,"scheduleDate":12,"status":28,"updateBy":20,"updated":29},[],"sclcatblg987654321","school_category_blog","oplnwslvnmx5axc","2026-03-04 08:33:53.210Z","59ty92ns80w_15oc1implw.png","https:\u002F\u002Ftwsme-r2.tumwebsme.com\u002Fsclcatblg987654321\u002Fwqxt7ag2gn7xcmk\u002F59ty92ns80w_15oc1implw.png",{"en":25,"th":25},"Golang The Series",1,"2026-03-16 04:39:38.440Z","Publish","2026-03-17 06:07:59.733Z",[31,38,43,48,52],{"collectionId":32,"collectionName":33,"createBy":12,"created":34,"id":35,"publishDate":36,"scheduleDate":12,"status":28,"title":37,"updateBy":12,"updated":34},"sclkey987654321","school_keyword","2026-03-04 08:44:42.096Z","kr1dmn7sxgv9vxg","2026-01-12 03:40:09.510Z","JWT WebSocket",{"collectionId":32,"collectionName":33,"createBy":12,"created":39,"id":40,"publishDate":41,"scheduleDate":12,"status":28,"title":42,"updateBy":12,"updated":39},"2026-03-04 08:20:11.547Z","ey3puyme01a9bsw","2026-01-28 00:54:28.566Z","Go",{"collectionId":32,"collectionName":33,"createBy":12,"created":44,"id":45,"publishDate":46,"scheduleDate":12,"status":28,"title":47,"updateBy":12,"updated":44},"2026-03-04 08:34:00.920Z","ecac9y661or1xka","2025-01-27 04:42:34.661Z","WebSocket",{"collectionId":32,"collectionName":33,"createBy":12,"created":49,"id":50,"publishDate":36,"scheduleDate":12,"status":28,"title":51,"updateBy":12,"updated":49},"2026-03-04 08:44:42.406Z","julxx94rca568ku","WebSocket Authentication",{"collectionId":32,"collectionName":33,"createBy":12,"created":53,"id":54,"publishDate":55,"scheduleDate":12,"status":28,"title":56,"updateBy":12,"updated":53},"2026-03-04 08:44:13.770Z","ij1u9pugpnctjvk","2026-02-24 02:34:26.075Z","WebSocket Security",{"code":58,"collectionId":59,"collectionName":60,"createAt":61,"id":62,"is_default":63,"language":64,"updateAt":65},"en","pbc_1989393366","locale","2026-01-22 11:00:02.726Z","qv9c1llfov2d88z",false,"English","2026-02-05 10:48:59.032Z","k7qdpibak9otau6","cover_image_ep_2a3e4no299.ionforWebSocket.webp","EP.124 Advanced Security & Authentication for WebSocket (JWT, Token Strategy & Secure Handshake)","https:\u002F\u002Ftwsme-r2.tumwebsme.com\u002Fsclblg987654321\u002Fk7qdpibak9otau6\u002Fcover_image_ep_2a3e4no299.ionforWebSocket.webp",[35,40,45,50,54],"advanced-websocket-security-authentication-jwt-secure-handshake","2026-03-04 08:44:43.010Z",219,{"pagination":75},{"page":26,"pageSize":26,"pageCount":26,"total":26}]