I opened a ticket in pubnub and also read: https://help.pubnub.com/entries/22251291-Can-I-Hide-my-Application-Keys-
But I still can't understand how can I stop the user from seeing my keys as it is still on client side even after obfuscation.
What I want to do is something I read in this post: PubNub publish message between two Private Channels
- Create a public channel and a private the channel for each user
- Hide the keys from the user
I'm not sure how to create a private channel with custom keys that the user can't see.
EDIT: I was able to understand the flow of auth_key but can't find the php equivalency for the JS crypto lib to grant permission. any idea on how to implement it in PHP?
See Question&Answers more detail:os