You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be awesome to pair apps/devices/clients without the need of credentials.
For that a simple pairing system could be implemented:
Logic:
// pairing process
// client = device/app/software thats want to pair
// server = openhaus backend
// user = admin user with valid token
//
// client: [post] /auth/pairing/<uuid v4>
// server: 201, clients need check via polling for a token
// user: receives notfication for pairing
// user: "accepts" or "decline" request
// user: [post] /auth/pairing/<uuid v4>/accept
// server: 200 with new device token
// user: [put] /auth/pairing/<uuid v4> token as json body
// clients: checks via polling [get] /auth/pairing/<uuid v4>
// server: 202, and token as json body & x-auth-header
Draft (router.auth.js):
constjwt=require("jsonwebtoken");constC_USERS=require("../components/users");constexpress=require("express");const{ version, validate }=require("uuid");module.exports=(app,router)=>{letpairingRouter=express.Router();letpairingClients=newMap();
....pairingRouter.param("uuid",(req,res,next)=>{let{ uuid =null}=req.params;if(version(uuid)!==4||!validate(uuid)){returnres.status(400).end();}req.uuid=uuid;next();});pairingRouter.post("/:uuid",(req,res)=>{// here should be stored more information than just the uuid// - timestamp of this request Date.now()// - 6 digit pin// - timestamp of the pin creation// - pairing result, accept = null (default)/* let request = { created: Date.now(), pin: null, timestamp: null, accepted: null } */// check if server is in pairing modeif(false){returnres.status(401).end();}pairingClients.set(req.uuid,null);res.status(201).end();});pairingRouter.get("/:uuid",(req,res)=>{if(pairingClients.has(req.uuid)){if(!pairingClients.get(req.uuid)){returnres.status(202).end();}else{lettoken=pairingClients.get(req.uuid);pairingClients.delete(req.uuid);returnres.status(200).json(token);}}else{res.status(401).end();}});pairingRouter.post("/:uuid/accept",(req,res)=>{lettoken={uuid: process.env.UUID,user: "foo@example.com"};res.setHeader("x-auht-token",token);res.status(200).json(token);});pairingRouter.post("/:uuid/decline",(req,res)=>{pairingClients.delete(req.uuid);res.status(200).end();});pairingRouter.put("/:uuid",(req,res)=>{pairingClients.set(req.uuid,req.body);res.status(200).end();});router.use("/pairing",pairingRouter);};
A authenticated user could then approve/decline the request and create a new token.
Like plex does this with its devices & accounts.
Note: This could also be done in cloud environments, the logic under /auth/pairing needs just to be outsourced of the backend, and put into a microservice where nginx pass requests to.
The text was updated successfully, but these errors were encountered:
It would be awesome to pair apps/devices/clients without the need of credentials.
For that a simple pairing system could be implemented:
Logic:
Draft (
router.auth.js
):A authenticated user could then approve/decline the request and create a new token.
Like plex does this with its devices & accounts.
Note: This could also be done in cloud environments, the logic under
/auth/pairing
needs just to be outsourced of the backend, and put into a microservice where nginx pass requests to.The text was updated successfully, but these errors were encountered: