Reputation: 751
How to identify and authenticate different TCP clients (with dynamic IPs) in a Node.js TCP server framework?
I have Node.js TCP server framework which acts as a central TCP server connecting to many TCP clients which are sensors gathering and sending data. This is essentially a machine-to-machine communication where the TCP client establishes a connection and starts sending data. The server has to authenticate and then process the data.
What I want to do? ---> Authenticate each client by identifying them and making sure they are in the users list in the database.
I can identify each incoming client by its ip and port. However, each client has a dynamic IP. This means that I cannot rely on it to compare against a list in my DB.
My goal here is to make sure that each connection is valid and is part of my user database. I was thinking along the lines of implementing an 'application layer' where both the sensor(client) and the TCP server know a string which they match. When the client setups a connection, it sends this string and this is used by the server to compare against a list in the database. This way the client emits a 'keyword' each time it establishes a connection.
If this is a viable method, how can I use the node.js 'NET' module to emit a keyword only when the connection is established? I don't see any such provision.
Also, is there a better way to identify clients in a M-M connections? Any pointers will be helpful.
Upvotes: 0
Views: 1368
Answers (1)
Reputation: 43
Node-RSA Will do exactly this for you.
Else,
use the socket.write function in order to send data. Then if another Node app is listening on the other side you can utilize the socket data event to obtain what the sender has written. If you only want certain machines to connect to yours I'd indeed recommend using a secret key if they IP adresses aren't static. Though beware this is not completely safe as people could perform a bruteforce attack. It is possible to minimize the chance of someone actually guessing your secret key by you guessed it, utilizing a key which is a hashed string. The string could be anything, as long as both of you have it. It's even better to create and share the same function which alters the string every once in a while for a little bit more security. Please note that this isn't as secure as the first option but it is definitely still something.
Upvotes: 0
Related Questions
- How do I get the path to the current script with Node.js?
- How do I pass command line arguments to a Node.js program and receive them?
- How to close TCP and UDP ports via windows command line
- How can I update Node.js and npm to their latest versions?
- How do I completely uninstall Node.js, and reinstall from beginning (Mac OS X)
- How to write a scalable TCP/IP based server
- What is the purpose of Node.js module.exports and how do you use it?