I’d like to run two extensions and manage cooldowns for user actions.
I suspect the answer to this question is: No, dummy thats what it means to be anonymous.
But I’ll ask anyway.
Is there any way to know whether the opaque user id from two extensions on the same channel id are in fact running on the same browser?
Obviously, once they grant permissions to know their identity, then its all good and I know who’s who. But I’d prefer to let anonymous users access the functionality and not gate the extension behind the grant.
I’ve seen some clever tricks examining the headers and stuff in the wss:// messages I’m getting from the extensions on my back end that could infer which messages originate from the same client. But I guess my second question is whether pursuing that kind of trick is violating the user privacy policies?
No
The opaqueID is essentially a sessionID
And sessions are not “leaked” between different extensions.
If you want to indentify the user then you ask the user to identify
Not try to “Track them” without permission.
From a privacy standpoint you shouldn’t do this (and can’t)
So you should ask the user to login to perform actions. Aside from compiling with the moderation guidelines in the extension guidelines its better practice.
It’s also worth considering that having Two extensions for the same thing is also bad practice as it “Eats” two of the streamers slots. (when they only have 3 panel 2 comp and 1 overklay in the first place)
Thank you for the prompt reply and good points to consider.
For now I think I’ll make the anonymous user cooldown heavier than the known user cooldown and try to make that clear. So anyone can use the systems (and the extensions are sufficiently different to warrant separation), but if they grant their identity it will be better integrated and they have shorter cooldowns.