A non-traditional access service that leverages websockets to provide user authentication
JavaScript Makefile
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
bin
browser
examples
lib
test
.gitignore
.jshintrc
.npmignore
.travis.yml
Gruntfile.js
LICENSE
Makefile
README.md
config.json
index.js
package.json
todo.md
users.json

README.md

Websocket Access Service


A non-traditional access service that leverages websockets to provide user authentication.

NPM version Build Status Dependency Status

Introduction

The Websocket Access Service uses tokenized gated messaging and shared keys to accept or deny access to resources. It is designed to be used with an existing multi-channel messaging hub like node-messaging-commons but will work with other messaging systems as well.

Installation

Server

	npm install websocket-access-service --save

Client/Browser

The project includes a "browser" folder with enough to create a small authentication page. Once a user enter's their password, it is set then "authenicate" is called. If the backend services are up, then all should work as expected.

Here is a short snippet of the browser code:

<!DOCTYPE html>
<html>
<head>
    <title>test access page</title>
    <script src="browser-messaging-commons.js"></script>
    <script src="hmac-sha256.js"></script>
    <script src="AccessClient.js"></script>
    <script>
        var client;

        var accessClickHandler = function() {
            // set the password as entered by the user
            client.setUserAccessKey( 'fire-fighter3' );

            // start the websocket process
            client.authenticate();
        };

        var startAccessClient = function() {
            // simulate finding a user with an active session
            var opts = {};
            opts.user  = {
                id:'33e2c605f0334ce7a455ec8f6a60e063',
                session:'2a7f543a-5a4e-44db-a150-b653852ed0c0',
                privateChannel:'/44C4UUX'
            };

            // create the access client instance with user object
            client = AccessClient.createInstance( opts );

            // make available for debugging
            window.client = client;
        };
    </script>
</head>

Client Authentication

The AccessClient class does the work of creating the approprate channels and makeing the requests. Here are the steps...

  • prompt for and set the plain text password
  • create consumer access channel
  • create private producer channel
  • wait for access token and send request to listen on private channel
  • broadcast data on private channel
  • wait for response (with timeout)
  • on ready response, send the encoded password (hash)
  • on response, close the private channel
  • on positive response, do action A
  • on negative response, do action B
  • on timeout, exit with error

Server

The project includes a "bin" folder with a run/start/stop and status scripts. The run script is the same as start, but it runs in the forgound. It looks something like this:

	var config = require('./config.json'),
    	AccessService = require('websocket-access-service'),
        service = AccessService.createInstance( config );

    service.start();

If you have a message service running on this port, then this is enough to start the public producer channel to periodically send out access tokens (one per second). To create and start a generic message service, see this commons project.

Configuration

Here is a sample configuration file.

{
    "port":29169,
    "hubName":"/MessageHub",
    "channels":[ "/access" ],
    "algorithm":"sha256",
    "appkey":"b55d91a2-a68f-48a1-8f4b-c4dfc65d60bb"
}

You would want to have a proxy and preferrably HTTPS in front of this but port 29169 works for development.

Sample User List

The project inclues a very basic sample of access users. You would generate and plug in your own keys through some other process.

[
    {
        "id":"33e2c605f0334ce7a455ec8f6a60e063",
        "session":"2a7f543a-5a4e-44db-a150-b653852ed0c0",
        "privateChannel":"/44C4UUX",
        "accessKey":"<key>"
    },
    {
        "id":"c14975621f564f729323f0e5044fb7ee",
        "session":"4b16e31a-0050-4b00-bc1f-acbe855a5dbc",
        "privateChannel":"/55C4xXufg",
        "accessKey":"<key>"
    }
]

Tests

Unit tests include should/specs, jshint and validate-package. Tests can be run from the command line with this:

    make test

    or

    make watch

    or

    grunt mochaTest jshint validate-package

Copyright © 2014-2015, rain city software | Version 0.90.25