the threads for this topic are all over the place. Which was the main reason to create this discussion board ^^
So I’m afraid the following links won’t be too helpful:
https://github.com/yjs/y-websocket/issues/7 - Winston Fasset modified the y-websocket server to authenticate clients. I think eventually he adapted the protocol and added an authentication event message. So in any case you need to modify the y-websocket server.
https://github.com/yjs/y-websocket/issues/14 - Everything you need to know about how to persist data is here: https://github.com/yjs/yjs#Document-Updates - but again, you probably want to implement this by yourself using the database you are using. Important: Don’t be tempted to store the document in JSON encoding or text (if you are making a text editor collaborative). The best approach is to simply store the Yjs model in a database.
Authorization, you guessed it, is also something that is too application-specific to be included in Yjs. My suggestion is to work with random document keys that identify the document. Only clients with the correct key have access to the document. This is also how room.sh and many public notepads work. For more fine-grained control you need to implement something on your own.
https://github.com/yjs/yjs/issues/170 another helpful thread. A user shared his y-leveldb implementation. You could make use of it. Eventually (this is discussed here) I’d like to have a maintained y-leveldb implementation.