在C#asp.net核心2.1中通过用户名和密码在MQTT服务器上验证MQTT客户端
[英]Authenticating MQTT client on the MQTT server by username and password in C# asp.net core 2.1
问题描述
I want to check username and password of MQTT client in MQTT server then allow its connection. 
我想在MQTT服务器中检查MQTT客户端的用户名和密码,然后允许其连接。 I implemented a server and send data from a device. 我实现了一个服务器并从设备发送数据。 I get the data but the problem is the authentication does not work properly because I need to get the client information from DB based on the topic that the client sent. 我得到了数据,但问题是身份验证无法正常运行,因为我需要根据客户端发送的主题从DB获取客户端信息。 What did I do so far is as below: 到目前为止我做了什么如下:
public async Task Received()
{
var options = new MqttServerOptions();
var mqttServer = new MqttFactory().CreateMqttServer();
mqttServer.ApplicationMessageReceived += (sender, eventArgs) =>
{
var path = eventArgs.ApplicationMessage.Topic;
var device= GetDevice(path);
options.ConnectionValidator = p =>
{
if (p.Username != device.username || p.Password != device.password)
{
p.ReturnCode = MqttConnectReturnCode.ConnectionRefusedBadUsernameOrPassword;
}
};
};
mqttServer.ClientConnected += (s, e) => { };
mqttServer.ClientDisconnected += (s, e) => { };
mqttServer.ClientSubscribedTopic += (s, e) => { };
mqttServer.ClientUnsubscribedTopic += (s, e) => { };
mqttServer.Started += (s, e) => { };
mqttServer.Stopped += (s, e) => { };
await mqttServer.StartAsync(options);
}
and this code is in my startup 这段代码在我的创业公司
app.UseMqttServer(server =>
{
server.Started += async (sender, args) => await myClass.Received();
});
I can get the requests in my method but I have difficulty to check the username and password. 我可以在我的方法中获取请求,但我很难检查用户名和密码。
1 个解决方案
解决方案1
3 已采纳 2019-01-10 12:52:43
You can implement this by disconnecting the client when it attempts to publish/subscribe to an invalid topic. 您可以通过在尝试发布/订阅无效主题时断开客户端来实现此目的。
This means using authorisation instead of authentication to enforce your policy. 这意味着使用授权而不是身份验证来强制执行您的策略。 Authentication can only be done using the parameters that are available in an MQTT connect message eg client id, password. 只能使用MQTT连接消息中可用的参数(例如客户端ID,密码)来完成身份验证。
So to do this the ConnectionValidator event handler needs to be setup when the server starts. 因此,要执行此操作,需要在服务器启动时设置ConnectionValidator事件处理程序。 It can record the client id and password that the client attempts to connect with and always allow the connection to proceed. 它可以记录客户端尝试连接的客户端ID和密码,并始终允许连接继续。
The ApplicationMessageReceived event handler will be invoked when the client publishes/subscribes to a topic. 当客户端发布/订阅主题时,将调用ApplicationMessageReceived事件处理程序。 This event handler can verify the client id and password that were passed in when the client connected against the one in your database (using the topic as you require). 此事件处理程序可以验证客户端与数据库中的客户端连接时传递的客户端ID和密码(根据需要使用主题)。 If the path, client id and password are invalid then you need to explicitly disconnect the client. 如果路径,客户端ID和密码无效,则需要明确断开客户端。
The client can be explicitly disconnected by finding the client in the list of all sessions on the server using mqttServer.GetClientSessionsStatus() . 通过使用mqttServer.GetClientSessionsStatus()在服务器上的所有会话列表中查找客户端,可以显式断开客户端。 Then invoke DisconnectAsync() on the client session. 然后在客户端会话上调用DisconnectAsync() 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.