Server with model-, view-clients & authentication



  • Hi everybody,

    I'm working on an application to monitor data coming from a raspberry pi (model) on a smartphone / desktop (view).
    The "view(s)" will be used to connect to the user's account, add new devices, configure these devices, monitor them and receive notifications from them.
    These two clients will be written in Qt C++ and QML respectively.

    I'm trying to find out what the best tools for the server side of all that would be.

    I've looked around quite a bit to find the perfect fit for my needs but no existing project convinced me so far (except maybe disawoed Engin.io).

    Here are the features I'll need :
    · Some kind of user authentication
    · An easy way to store user data/settings - MongoDB or another NoSQL DB seems a good fit
    · Idealy a WebSocket compatible server (with TLS)
    · I'd like to be able to write it in Qt C++ for ease of maintenance

    Since it's finally not that complicated, I thought I might just create it myself.

    However, since networking is not really my area of expertise, I'd love to have your input on the architecture I thought of.

    1. Create a multi-threaded WebSocket server.
    2. Use one QWebSocketServer on port X for the connections from the models.
      One other QWebSocketServer on port Y for the connections from the views.
      cf: https://stackoverflow.com/questions/13566026/server-with-different-clients-in-qt
    3. Connection to MongoDB to load and store user data
    4. Authenticate the user
    5. Create one thread per connected user to handle all the communication between a user's view(s) / models (attach the user's new WebSockets to 'his' thread).
      This should also help avoid users getting data from other accounts, right ?

    That's it !

    Now, it's pretty clear how I would need to do most of this, except part 4) - user authentication.
    I saw this library with a Qt based API: https://gitlab.com/accounts-sso
    which seems to offer pretty complete account/authentication services (developed by Canonical), but I'm open for suggestions.
    At one point I wondered if I could not maybe 'pervert' the QNetworkProxy to use it as authentication system... is that completely crazy ?

    Of course, another solution is to write a complete authentication system, but that seems quite hazardous and time consuming.

    One other solution might also be to use the newly implemented (5.8 RC) Qt Network Authorization classes, but that would mean that I would need to install and configure an OAuth identification server as well.

    Any suggestions ?
    Anything I would be doing plain wrong ?
    Let me know what you think.

    Thanks for your help.

    D

    PS: I did check frameworks like Wt, Cutelyst, Silk, or posts like https://forum.qt.io/topic/63777/looking-for-engin-io-replacement-joining-our-effort-initiative/31 but I'd really like to avoid using another language to develop the server part + avoid being dependent on a cloud platform that might not be around in 2+ years...


  • Lifetime Qt Champion

    Hi and welcome to devnet,

    Are you looking for something like the qhttp project ?

    Even though you wrote that you would like to avoid other languages, doing a full web service from scratch might not be the best idea since you're also not used to network programming and would like to handle SSO, encryption, user management etc. You should consider something like Flask or Django for your backend. Both have related libraries for websocket communication. Django might be easier to get started quickly since you already have the user management part integrated.

    Hope it helps



  • Hi,
    @SGaist thanks for your message and your suggestions !

    The QHttp project can certainly be an good reference regarding a well built server.
    Based on your suggestion I checked Flask and Django out - the latter being very interesting indeed.

    I did also realise that Wt would actually fit my needs as well, since it can actually work with WebSockets and it does include an authentication system. Since this framework is quite similar to Qt, it would still be easier than getting back to Python (haven't touched it in years...).

    At the same time I did also find this library encapsulating an OAuth and OAuth2 client (https://github.com/pipacs/o2) which could be used in conjunction with an oauthd NodeJS server (https://github.com/oauth-io/oauthd) that could easily be setup in a docker image. (Or also with the new Qt Network Authorization module)

    I'll try to take a deeper look and run a few tests this week-end, hopefully.

    Thanks,
    D



  • So, after much reading, discovering & testing, I was about to start writing the server code with Wt but then I finally stumbled upon TreeFrog (http://www.treefrogframework.org/), which is exactly what I was actually looking for !

    A Qt C++ web framework, implementing user authentication, WebSockets and a MongoDB mapper and very nice skeleton generator to help you get started with projects.

    Too bad it took me that long to find it - but it seems like it is not widely known.
    So I hope this post can help someone else looking for a similar solution.

    Cheers,
    D



  • I'm curious why you say you would need to use another language if you were to use Cutelyst or Wt (both are C++)? Cutelyst is even written in Qt, and is a top performer https://www.techempower.com/benchmarks/


  • Lifetime Qt Champion

    Frankly, I forgot about it.

    Then it also depends also on what tools fits best your needs. There's no silver bullet that will cover everything you need.

    Also limiting yourself to only one language is not a good idea in the long run. There are good and bad things in every language thus knowing more than one allows to have a better grasp at what can be done, how easy/hard the maintenance would be etc.



Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.