ux4iot
  • Introduction
  • Quickstart
  • Concepts
  • How Ux4iot works
  • REST API Reference
  • Configuration Options
  • Create your ux4iot Instance
  • EventHub / IoTHub
    • Configure your existing IoT Hub
    • Create IoT Hub and linked ux4iot
    • Using a separate Event Hub
  • ux4iot-react
    • Initialization
    • Hooks
    • Grant Request Function
    • Tutorial using create-react-app
  • Implementing your custom security backend
    • Introduction
    • Security Backend
    • Security Backend Example - Azure Function
    • ux4iot-admin-node
  • Resources
    • Pricing
    • Performance
    • Limitations
    • Known Bugs & Nice to know's
    • Changelog
  • Made with ❤️ at Device Insight
Powered by GitBook
On this page

Was this helpful?

  1. Implementing your custom security backend

Security Backend Example - Azure Function

The following is an example implementation of a custom security backend using Azure Functions and Node.js

const ux4iotAdmin = require('ux4iot-admin');
ux4iotAdmin.init({
    connectionString: "HostName=...;Key=secret";
});

module.exports = async function (context, req) {

    // This is *your* custom authentication approach
    const bearerToken = req.headers('Authentication');    
    const {userId} = await evaluateBearerToken(bearerToken);

    if (!userId) {

        context.res = {
            body: "Unauthorized",
            status: 401
        };

    } else {

        // All users can subscribe to telemetry events that are visible for them
        // using *your* custom access control scheme, which defines which users 
        // have access to which IoT devices.
        if (req.body.type === 'subscribeToTelemetry' 
            && isDeviceVisibleForUser(req.body.device, userId)) {
            
            ux4iotAdmin.grant(req.body);
            context.res = {
                status: 204
            };
        } else {
            context.res = {
               body: "Forbidden",
               status: 403
            };
        }
    }

    context.done();    
}

In this example isDeviceVisibleForUser is a custom method that implements the access control mechanism of your app. evaluateBearerToken is a custom method that implements your authentication scheme (e.g. using OAuth2).

As you can see, you have full flexibility when it comes to determine which users may perform which actions.

PreviousSecurity BackendNextux4iot-admin-node

Last updated 1 year ago

Was this helpful?