search

poelstra / mhub

Simple, flexible message hub using websockets
MIT License
9 stars 7 forks source link

Node/Topic specific authentication #12

Closed idanstark42 closed 7 years ago

idanstark42 commented 7 years ago

An authentication with username and password with rights to specific nodes/ topic patterns. A configuration would look like this (copied and edited from readme.md): `{ // Either specify the users 'inline' as such: "users": { "martin": "somePassword" },

// Or, put that object in a file, and reference it like:
// "users": "users.json",

"rights": {
    "": { // Anonymous/guest
        "subscribe": {
              "node1": true, // allow this operation (in this case subscribe) to the entire node
              "node2": "topPattern" // allow this operation to topics matching the pattern
         },
        "publish": {
             "node1": "topicPattern", //using a topic pattern as a filter
             "node2" false
        }
    },
    "martin": {
        "subscribe": true, //still supports the current true/false values for all nodes
        "publish": {
        }
    }
}

}`

How it would look, for example, in the FLL tools use case: { // Either specify the users 'inline' as such: "users": { "admin": "adminPassword", "referee": "refereePassword", "scoreKeeper": "skPassword" }, "rights": { "": false, "admin": true, "referee": { "subscribe": { "score": true, "clock": false, "schedule": true }, "publish": { "score": "score:enter", "clock": false, "schedule": false } }, "scoreKeeper": { "subscribe": { "score": true, "clock": true, "schedule": true }, "publish": { "score": "score:[update|publish]", "clock": true, "schedule": true } } } }

poelstra commented 7 years ago

Thanks, @idanstark42! As discussed, will look at it when I return from holiday.

idanstark42 notifications@github.com schreef op 20 juni 2017 22:39:56 CEST:

An authentication with username and password with rights to specific nodes/ topic patterns. A configuration would look like this (copied and edited from readme.md): `{ // Either specify the users 'inline' as such: "users": { "martin": "somePassword" },

// Or, put that object in a file, and reference it like: // "users": "users.json",

"rights": { "": { // Anonymous/guest "subscribe": { "node1": true, // allow this operation (in this case subscribe) to the entire node "node2": "topPattern" // allow this operation to topics matching the pattern }, "publish": { "node1": "topicPattern", //using a topic pattern as a filter "node2" false } }, "martin": { "subscribe": true, //still supports the current true/false values for all nodes "publish": { } } } }`

How it would look, for example, in the FLL tools use case: { // Either specify the users 'inline' as such: "users": { "admin": "adminPassword", "referee": "refereePassword", "scoreKeeper": "skPassword" }, "rights": { "": false, "admin": true, "referee": { "subscribe": { "score": true, "clock": false, "schedule": true }, "publish": { "score": "score:enter", "clock": false, "schedule": false } }, "scoreKeeper": { "subscribe": { "score": true, "clock": true, "schedule": true }, "publish": { "score": "score:[update|publish]", "clock": true, "schedule": true } } } }

-- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/poelstra/mhub/issues/12

poelstra commented 7 years ago

This has been implemented in 0.9.0. See https://github.com/poelstra/mhub#access-control for more information.