Token user id claim

[FZambia]

Proposed changes

Add possibility to use alternative claim in token to extract user ID: token_user_id_claim option. At this moment due to how Centrifugo works with tokens it only supports user_id as alternative claim name. I.e the only possible way to enable the option is:

{
  ...
  "token_user_id_claim": "user_id"
}

Probably, in the future we can extend the option to support any custom claim, but that will require bigger refactoring.

By default Centrifugo uses sub to extract user ID - this is defined in JWT spec and should remain the recommended way to pass user ID, this should be emphasised in the documentation.

Setting alternative user id claim also affects subscription tokens, like any other token options. To use different config for subscription tokens Centrifugo provides separate_subscription_token_config option.

[s00d]

It's a very necessary issue, but I needed it because of anonymous users. Now, it's impossible to pass an ID if the user is anonymous.

[FZambia]

I needed it because of anonymous users. Now, it's impossible to pass an ID if the user is anonymous.

But anonymous users do not have user ID 🤔 That's why they are anonymous... Which user ID you wanted to use for them then? Usually for anonymous users you can use empty sub or use allow_anonymous_connect_without_token option. Probably I am missing sth?

BTW, the motivation here was to support a case when Centrifugo users already have JWT token infrastructure, already have sub inside tokens but it does not correspond to a proper user ID.