NiekHoekstra
commented
8 years ago disclaimer: I am not part of the Open mHealth organisatie and not a part of the Shimmer project
It can be done in a crude and insecure manner because Shimmer does not provide a security model (issue #28).
If you know the UserID, you can query any user that is registered in shimmer.
http://<host>:8083/data/{shim}/{endPoint}?username={userId}&dateStart=yyyy-MM-dd&dateEnd=yyyy-MM-dd&normalize={true|false}
I recommend against exposing shimmer to the world, because you can brute force data requests with random usernames. This could become a serious data leak.
If you want to do this securely, you would need a proper authentication server. Then you would need a system where one user can give access rights to another. The server (not Shimmer) would authenticate users and proxy (and authenticate) data requests to Shimmer based on their access rights.
Hi,
I have a scenario here and I would like to know the possible solutions that Open mHealth can offer here in handling the scenario.
I am building an android application which will try to fetch the health data from the Runkeeper application. It makes use of Open mHealth in order to get the normalised data. Now, I have a scenario where Device A (a smartphone running my android application) of User A wants to access the normalised health data of Device B (another smartphone running my android application) of User B which is offered by Open mHealth. Is there a possibility to achieve the same ?
I understand that Open mHealth has an one to one relationship with the third party health API (like runkeeper, Google Fit, etc) installed in the user's device. That is, based on the user account logged in the third party health API, the corresponding user's health data is retrieved by Open mHealth and displayed to the user. But in my scenario as mentioned above, User A also needs the data of the other user. Is there any way this can be achieved through Open mHealth ?
@emersonf , can you please share your perspective in regards to this scenario.
Thanks, Viswa