WebSocket security #144
Description
We need to implement authentication and authorization for WebSocket connections to match the security level of our HTTP routes. Currently, HTTP routes are protected through token-based authentication with RBAC, but WebSocket connections lack any security measures.
The authentication approach mirrors our existing HTTP login pattern but adapted for the WebSocket protocol. Instead of authenticating during the connection handshake, authentication happens through message exchange after the connection is established.