There doesn't seem to be a way to catch a 403 Forbidden error opening a
websocket with JavaScript, so this commit changes the behaviour to this:
open the websocket normally, send one "kick" message, close the
websocket.
This should eliminate the possibilty of the websocket-closing background
task closing a newly opened websocket that hasn't yet ponged our ping
(if we have even sent a ping yet).
We now time the interval between consecutive tasks. This is more precise
than using the constant interval the task is supposed to run at since
there is some drift on each run (~0.004s).
Also adds "visibility: hidden;" to `disappear`. It would replace
"opacity: 0;" but Firefox acts weird with only visibility set, it only
half works until you switch between desktop and mobile view. IDK this
isn't that important.
This commit adds a unix socket on which you can receive internal events
as they happen. Currently the only supported event is a chat message
being added. Intended for external applications that depend on chat
messages, e.g. text-to-speech or Twitch Plays Pokémon.
As opposed to just the broadcaster token. This makes the broadcaster
username/password login mandatory, which previously was only mandatory
in the `auth_required` wrapper, but not elsewhere (so for example
leaving comments as the broadcaster was possible with the token only). A
less safe alternative to this would be to compare tokens in `check_auth`
once the Authorization header didn't match.