ux4iot
Search…
Azure Function using Javascript
The following is an example implementation of a custom security backend using Azure Functions and Node.js
1
const ux4iotAdmin = require('ux4iot-admin');
2
ux4iotAdmin.init({
3
connectionString: "HostName=...;Key=secret";
4
});
5
6
module.exports = async function (context, req) {
7
8
// This is *your* custom authentication approach
9
const bearerToken = req.headers('Authentication');
10
const {userId} = await evaluateBearerToken(bearerToken);
11
12
if (!userId) {
13
14
context.res = {
15
body: "Unauthorized",
16
status: 401
17
};
18
19
} else {
20
21
// All users can subscribe to telemetry events that are visible for them
22
// using *your* custom access control scheme, which defines which users
23
// have access to which IoT devices.
24
if (req.body.type === 'subscribeToTelemetry'
25
&& isDeviceVisibleForUser(req.body.device, userId)) {
26
27
ux4iotAdmin.grant(req.body);
28
context.res = {
29
status: 204
30
};
31
} else {
32
context.res = {
33
body: "Forbidden",
34
status: 403
35
};
36
}
37
}
38
39
context.done();
40
}
Copied!
In this example isDeviceVisibleForUser is a custom method that implements the access control mechanism of your app. evaluateBearerToken is a custom method that implements your authentication scheme (e.g. using OAuth2).
As you can see, you have full flexibility when it comes to determine which users may perform which actions.
Copy link