lite-http-tunnel icon indicating copy to clipboard operation
lite-http-tunnel copied to clipboard
verified publisher icon web-tunnel

Suggestions for supportng multiple client applications & API key based authentication

Open madhub opened this issue 3 years ago • 4 comments

Suggestions for supporting multiple client applications & API key based authentication

Currently server uses jwt token for authentication of web socket request from the tunnel client. It would be nice if you use simple API key based authentication , where list of valid API key's can be configured via environment variable.

Multiple API keys can use . Below example shows a API keys per application.

export API_KEYS="apikey1:myapp1,apikey2:myapp2"
node server.js

On the client side API key & application name are send in the initial WebSocket connection, server will check the API key & app name from the lookup parsed from API_KEYS environment variable. If matches it maintains the Tunnel connection with appname as key

When external clients wants to send request to application , it can pass application name in the URL.

Example : If the tunnel server is running on endpoint https://example.com & a request for app1 & app2 looks as follows https://example.com/app1 https://example.com/app2 Tunnel Server can extract the application name from the URL & lookup TunnelConnection map & route request to proper web socket connection.

madhub avatar Sep 26 '22 18:09 madhub

Hi @madhub this is good idea to support multiple clients based on path. Let me add it into backlog.

embbnux avatar Sep 28 '22 14:09 embbnux

Great , what about using simpler API key's via environment variable for authentication ?, Any comment ?

I made working changes on my fork with API key & app name . on the client side , I am using the profile has the application name . See the details in below link

NOTE: I have not updated the documentation

Working sample image

madhub avatar Sep 29 '22 12:09 madhub

Hi @madhub Sorry for missing this message. It is great that you have implement it in your fork. It is good to support authorization by app keys. And I would like to support base JWT and app keys.

And it is appreciated if you can send pull request to this project. So we can have more discussion at that PR.

embbnux avatar Oct 10 '22 14:10 embbnux

I can raise the pull request for the existing implementation in my fork However I have only kept API key for simplicity , I don't have JWT in my fork and I have not updated the client side documentation ( readme.md). Is this OK ?

madhub avatar Oct 11 '22 01:10 madhub