Skip to content

PATTERN Cited by 1 source

Single-socket enforcement

Intent

Ensure that each authenticated user has at most one active persistent connection to the server at any time. When a new connection from the same user arrives, the server closes the previous connection before accepting the new one.

Problem

Network disruptions (mobile network switch, Wi-Fi dropout, ISP flap) can cause a client to lose its WebSocket connection without the server detecting it immediately (the TCP RST may never arrive if the connection was dropped by an intermediary). The client reconnects and authenticates a second time. Without single-socket enforcement, the server now holds two open connections for the same user — one alive, one stale but not yet timed out.

Consequences of split-socket state: - State divergence: game state updates go to the stale connection and are lost. - Resource waste: the stale connection occupies memory, connection slots, and may count against per-user quotas. - Message duplication: if the server broadcasts to all user connections, the new client receives duplicates.

Solution

The server maintains a mapping of user_id → active_connection. On new authenticated connection: 1. Look up existing connection for the same user_id. 2. If found, close the existing connection (send WebSocket close frame, free resources). 3. Register the new connection in the mapping.

Canonical instance

Nakama's single_socket: true configuration (2026-06-29 AWS reference architecture). When a player opens a second connection after a network drop and reconnect, the server closes the first connection. This guarantees that a player's Nakama state is never split across two concurrent connections.

(Source: sources/2026-06-29-aws-dual-token-authentication-for-nakama-game-servers)

Composes with

  • patterns/ping-pong-keepalive-under-nlb — detects dead connections fast (20s), but single-socket handles the case where the old connection is still technically alive (TCP not yet timed out) and a new one arrives.
  • Session token expiry at connect time — rejects reconnection with expired tokens.

Seen in

Last updated · 562 distilled / 1,660 read