I'm working on a backend system to manage device data storage and server-side control of device functions.
We require the following:
- Store historic device data
- Control customer devices from our server (invoke Particle functions)
I'm currently using simple authentication, however I understand the recommended method for this sort of setup is to use two-legged.
I'd really like to continue using simple authentication if possible, as I think in a lot of ways Particle does a great job of the login / authentication process while allowing you to store notes about customer devices etc. on the cloud. (Why re-invent this, especially when paying for the higher tiers).
However, using simple authentication creates difficulty when my server needs to invoke functions on my customers devices. One option would be to send the customer access token to my server API when the customer logs in, however this will expire if the customer doesn't login again within a set period, at which case my server will cease to be able to control the device.
Is there any way to get around this? Perhaps I miss the point but I don't quite understand why Particle promotes customer management etc. as a value proposition for the scaled tiers, however doesn't seem to have set it up or recommend it for any use past basic prototyping. I could use Amazon Cognito, but again it seems that I'm reinventing the wheel a bit!
@jeiden do you have any thoughts on this one?