I am using Symfony2 in an example chat app to serve the website and to do registering and authentication stuff. Node.js as communication server and backbone.js as client provide the chat functionality.
The question is now how I could secure the node.js api (socket.io, REST).
My first thought was just to share the session in a redis db for node.js and symfony2 but this would tie them together and I couldn't use node as standalone api (for other projects).
So my question is if there are better strategies (maybe sent the credentials with each header) so that the api and php are more decoupled.
Regards