i-n-g-o
commented
3 years ago authentication:
idea is to prevent un-authorized access to the user inteface. a login-command needs to be handled before any other information is transmitted.
e.g.:
- client connects
- server sends login-command
- client receives login-command and shows a password input field.
- user enters password
- client sends (hashed) password with login command
- server checks password and continues the communication or closes the connection
permissions:
could be: write or read-only access or specific parameter for specific roles or usernames this needs a specialized server able to handle different views for different clients
-> "login" command, send user and password (-> deal with encryption? - no -> use secure layer. e.g.: wss)