Is there a way to verify the username and password send by ffmpeg in one of the events like onConnect / onPreConnect but I can't find where they are

[iongion]

I am using this script to push to nms

DEMO_VIDEO="demo.mp4"
DESTINATION1="rtmp://streamer:a_real_password@localhost:1935/live/demo"
ffmpeg -loglevel debug -re -i "$DEMO_VIDEO" \
    -c:v libx264 -preset veryfast -b:v 3500k -maxrate 3500k -bufsize 7000k -g 60 -pix_fmt yuv420p \
    -c:a aac -b:a 128k -ar 44100 -ac 2 \
    -f flv "$DESTINATION1"

I wasn't able to find where the ffmpeg sent username and password can be picked up and validated

The original RTMP clients made in flash had this

https://helpx.adobe.com/adobe-media-server/ssaslr/application-class.html#application_onconnect

   application.onConnect = function (newClient, userName, password) { 
       // Do all the application-specific connect logic. 
       if (password == "XXXX"){ 
           newClient.writeAccess = "/" + userName; 
           this.acceptConnection(newClient); 
       } else { 
           var err = new Object(); 
           err.message = "Invalid password"; 
           this.rejectConnection(newClient, err); 
       } 
   };

 
 I am using this
 

    const nms = new NodeMediaServer(config);
    nms.on("preConnect", (id, args) => {
      console.debug(">> PRE CONNECT", id, args);
    });
    nms.on("connect", (id, stream, args) => {
      console.debug(">> CONNECT", id, stream, args);
    });
    nms.on("doneConnect", (id, stream, args) => {
      console.debug(">> DONE CONNECT", id, stream, args);
    });
    nms.on("prePublish", async (id, streamPath, args) => {
      console.debug(">> PRE PUBLISH", id, args);
    });
    nms.run();

And what I see is this

  8/8/2025 23:08:22 818792 [INFO] Node Media Server v2.4.7
  8/8/2025 23:08:22 818792 [INFO] Node Media Rtmp Server started on port: 1935
  8/8/2025 23:08:22 818792 [INFO] Node Media Http Server started on port: 8000
  8/8/2025 23:08:22 818792 [INFO] Node Media WebSocket Server started on port: 8000
  8/8/2025 23:08:22 818792 [INFO] There is a new version 4.0.20 that can be updated
  >> PRE CONNECT T66W14W2 {
    app: 'live',
    type: 'nonprivate',
    flashVer: 'FMLE/3.0 (compatible; Lavf60.16.100)',
    tcUrl: 'rtmp://localhost:1935/live'
  }
  8/8/2025 23:08:25 818792 [INFO] [rtmp connect] id=T66W14W2 ip=127.0.0.1 app=live args={"app":"live","type":"nonprivate","flashVer":"FMLE/3.0 (compatible; Lavf60.16.100)","tcUrl":"rtmp://localhost:1935/live"}
  >> PRE PUBLISH T66W14W2 [Object: null prototype] {}
  8/8/2025 23:08:25 818792 [INFO] [rtmp publish] New stream. id=T66W14W2 streamPath=/live/demo streamId=1
  8/8/2025 23:08:25 818792 [INFO] [rtmp publish] Handle video. id=T66W14W2 streamPath=/live/demo frame_type=1 codec_id=7 codec_name=H264 1280x720
  8/8/2025 23:08:25 818792 [INFO] [rtmp publish] Handle audio. id=T66W14W2 streamPath=/live/demo sound_format=10 sound_type=2 sound_size=1 sound_rate=3 codec_name=AAC 44100 2ch
  8/8/2025 23:08:26 818792 [INFO] [rtmp publish] Close stream. id=T66W14W2 streamPath=/live/demo streamId=1
  8/8/2025 23:08:26 818792 [INFO] [rtmp disconnect] id=T66W14W2
  >> DONE CONNECT T66W14W2 {
    app: 'live',
    type: 'nonprivate',
    flashVer: 'FMLE/3.0 (compatible; Lavf60.16.100)',
    tcUrl: 'rtmp://localhost:1935/live'
  }

Where are those username and password that ffmpeg is sending ?

I have found this ticket maybe related as it is exactly the same need #70

[illuspas]

NMSv2 does not support this kind of verification method.
Passing the parameters as a query in the URL is the way it supports.

ffmpeg -re -i demo.mp4 -c copy -f flv "rtmp://localhost:1935/live/demo?user=streamer&pass=a_real_password"

2025/8/9 08:27:31 3999 [INFO] Node Media Server v2.4.7
2025/8/9 08:27:31 3999 [INFO] Node Media Rtmp Server started on port: 1935
2025/8/9 08:27:31 3999 [INFO] Node Media Http Server started on port: 8000
2025/8/9 08:27:31 3999 [INFO] Node Media WebSocket Server started on port: 8000
2025/8/9 08:27:33 3999 [INFO] There is a new version 4.0.20 that can be updated
>> PRE CONNECT 177PTWV6 {
  app: 'live',
  type: 'nonprivate',
  flashVer: 'FMLE/3.0 (compatible; Lavf61.7.100)',
  tcUrl: 'rtmp://localhost:1935/live'
}
2025/8/9 08:27:37 3999 [INFO] [rtmp connect] id=177PTWV6 ip=::1 app=live args={"app":"live","type":"nonprivate","flashVer":"FMLE/3.0 (compatible; Lavf61.7.100)","tcUrl":"rtmp://localhost:1935/live"}
>> PRE PUBLISH 177PTWV6 [Object: null prototype] { user: 'streamer', pass: 'a_real_password' }
2025/8/9 08:27:37 3999 [INFO] [rtmp publish] New stream. id=177PTWV6 streamPath=/live/demo streamId=1
2025/8/9 08:27:37 3999 [INFO] [rtmp publish] Handle video. id=177PTWV6 streamPath=/live/demo frame_type=1 codec_id=7 codec_name=H264 854x480
2025/8/9 08:27:37 3999 [INFO] [rtmp publish] Handle audio. id=177PTWV6 streamPath=/live/demo sound_format=7 sound_type=1 sound_size=1 sound_rate=0 codec_name=G711A 8000 1ch
2025/8/9 08:27:41 3999 [INFO] [rtmp publish] Close stream. id=177PTWV6 streamPath=/live/demo streamId=1

Then you can perform some verifications here.

nms.on("prePublish", async (id, streamPath, args) => {
    console.debug(">> PRE PUBLISH", id, args);
    if (args.pass !== 'xxx') {
        let session = nms.getSession(id);
        session.reject();
    }
});