Authentication Server

Authentication-Server validates GCS and units by checking against predefined accounts, and subsequently directs the units to the assigned communication server. The accounts can be stored in various formats such as MySQL database, JSON file or as a single account defined in the server.config file. Nodejs was used to develop the module, resulting in high portability and ease of comprehension and modification.

Source Code: https://github.com/DroneEngage/droneegnage_authenticator


Authentication Sequence Diagram

Settings

Settings is defined in a file called server.config the most important fields are:


server_id: Defines name of the server.
server_ip: Defines ip that is the server is listening to. default:0.0.0.0
server_port: Defines the port that is the server is listening to. default:19408
account_storage_type: Can be [single,file,db]. single means a single constant account, file means a simple JSON file stores names and passwords. db means a separate mysql database.
single_account_user_name: e.g. “single@airgap.droneengage.com” which is a single account when account_storage_type is single
single_account_access_code: e.g. “test” which is the password when account_storage_type is single
db_users: e.g. “./db_users.db” which is the JSON file name of accounts when account_storage_type is file
s2s_ws_target_ip: The listinning ip that Authentication Server listens to waiting for a websocket connection from a Communication Server.
s2s_ws_target_port: This is the port for the same websocket connection between Authentication Server and Communication Server.


{
    "server_id"                 : "AndruavAuth", // server id
    "server_ip"                 : "0.0.0.0",
    "server_port"               : 19408,

    "account_storage_type"   : "single",  //[single,file,db]
    "single_account_user_name"  : "single@airgap.droneengage.com",
    "single_account_access_code": "test",
    "db_users"                  :"./db_users.db",



    "enableLog"                 : false,
    "log_directory"             : "./logs/",
    "log_timeZone"              : "GMT",
    "log_detailed"              : true,


    "s2s_ws_listening_ip"       : "127.0.0.1",
    "s2s_ws_listening_port"     : "19001",

    "enable_SSL"                : true,
    "ssl_key_file"              : "ssl/privkey.pem",
    "ssl_cert_file"             : "ssl/fullchain.pem",


}

Warning

Although above is a JSON file but you can add comments to the code using // and /* */ blocks.


DB_USERS File

When account_storage_type is file then field db_users is used to specify file path and name.

The file is a simple JSON format like in the following example:

{
    "user1@email.com": {
        "sid": 1,
        "pwd": "0001",
        "isadmin": true,
        "prm": "0xffffffff"
    },
    "user2@email.com": {
        "sid": 1,
        "pwd": "drone",
        "isadmin": true,
        "prm": "0xffffffff"
    },
    "user3@email.com": {
        "sid": 3,
        "pwd": "drone",
        "isadmin": true,
        "prm": "0xffffffff"
    },
}

user1 and user2 share the same drones, they are just to logins that can be used via webclient and DroneEngage Communicator. user3 is another user that is separated from then as he/she has a separate SID value.

Important

IP & port are defined in all DroneEngage-Communicator and Webclient because they need to connect to the server.