Lorawan application server devlopment documentation

--- title: 'Lorawan application server devlopment documentation ' disqus: hackmd --- LoRaWAN IOT Dash === This project is aim to develop a user friendly and user/data management front end for chirpstack application server. This project initiated by OPENIOT Team , International Centre for Free and Open Source Software (ICFOSS) ## Table of Contents [TOC] ## Idea We see that LoRaWAN is one of the major techs that revolutionary made a change in the IoT industry making Open Network for IoT. Such a case we commonly heard about The things network or ChirpStack, open-source LoRaWAN® for LoRaWAN network both one is Network Server stack in case of TTN network, both paid and community version was community version as it's own limitations and its implementation is too hard for a common people if the user needs to host there own LoRaWAN network. --- So we commonly use Chripstack LoRaWAN Network stack because of easiness of installation and configuration deep level control on both network and application server but it did not have user-friendly user end for manage device and application and users so this project provides an additional web interface on the top of chirpstack application server the have following features Features --- * User Management. * Self Registration to network. * Gateway Add/remove /watch option. * Gateway management. * Application add/remove/watch option. * Device provisioning. * Default device profile management. * Device data uplink /downlink management. * Device access key generation for data integration. * ~~Data Sense (AI /algorithm for filter out unwanted data)~~ * Devcie endpoints support (REST API,MQTT,HTTP,DATABASES) * Device/gateway failure detection and warning. ## Requirements 1. Organizational Users An organizational users is a regular user in the network how allowd only to add/remove/moniter there own application,device and gateways.also capable of add new user to there organization. - [ ] Self registration portal The self-registration portal is for an organizational user, how willing to register and use our network or how like to add a new public gateway to our network can register through this portal. default registered user will be an admin for that organization. - [ ] ACLs for organizational users If an organizational user add a new user to there account then they can make him/her as:- - [ ] Admin Admin privileges same as current admin for that organization. - [ ] Viewer Only able view application /device that allowd by admin to view.They also capable of access API for that application /device allowed . - [ ] Editor Able to alter or add new device to a appplication that allowd by admin.Able to alter or add new device a appplication that allowd by admin. - [ ] Account recovery - [ ] Recover account if forgot password. - [ ] Maintain delete account for 30 days. 2. Super admin user - [ ] Super admin user is capable of doing every thing in the system - [ ] capable to limit data traffic of each user - [ ] add/remove new organization - [ ] ACLs for super admins of levels - [ ] maintainer Maintainer responsible for maintaining the network servers, how capable of adding a new network server to the system also responsible to update network infrastructure. - [ ] monitor Monitor responsable for gateway monitoring that add by super admin.Also he can watch all the user online status ,device ping status,gateway ping status - [ ] super viewer Super viewer can acess to all the applictions and device add to the network and capable of decoding the packet from devices. - [ ] super editer To support organizational users super editor is capable of edit/update applications and device added by organizational users. also responsible for limit traffic for each user according to the daily/no of the frame method 2. User Dasboard - [ ] Admin, Organisational user. - [ ] Gateway registration, logging and remote configuration (Packet forwarder) - based on exiting LoRa App Server features - [ ] Device registration and management - based on exiting LoRa App Server features - [ ] Gateway remote management(only there own gateways) - [ ] get current status - [ ] network traffic status - [ ] internal temperature status - [ ] service running status - [ ] remote software update - [ ] remote ssh access - [ ] Payload conversion of well-known payload formats(new feature) - [ ] Payload conversion using custom JavaScript functions- based on exiting LoRa App Server features - [ ] API generation and mangement - [ ] api for each application - [ ] api for each device - [ ] Organisational user registeration. - [ ] Downlink Scheduling In this user can schedule downlink to queue for a time/date/year - [ ] Multi Broadcast to one or more application - [ ] Multicast-groups:- based on LoRa App Server features - [ ] FAULT DETECTION - [ ] gateway :-set a maximum limit for down time/failer count to get failure alert. - [ ] device :-maximum reach of tx/rx limit alert and set a maximum limit for down time/failer count to get failure alert for each device. 3. API - [ ] HTTP - [ ] HTTP Webhooks API Using POST method to push the device data to a http end point. - [ ] MQTT Each topic of mqtt is access only by token.and each topic represent a application and sub topic will be device per appllication - [ ] Authentication - [ ] Subscription and Publication - [ ] REST API - [ ] Standard API calls - [ ] Provide a organizational user to access to ther account with out using web interface. - [ ] For super admin has access to respective REST API for ther use. - [ ] Authentication using application generated access tokens 4. FAULT DETECTION - [ ] Gateway Detect and alert to Organizational Users and super admin with monitor perivillage. - [ ] End device - [ ] maximum reach of tx/rx limit alert - [ ] bad link to gateway alert - [ ] Data frame missing alert - [ ] Network server - [ ] services down alert - [ ] network connectivity alert ## Systems architecture ![](https://i.imgur.com/F9sdVAr.png) ## User level ![](https://i.imgur.com/ivZY9kM.png) ## ACL level > R - **R**ead any > RO - **R**ead only their **O**wn > W - **W**rite any > WO - **W**rite only their **O**wn > U - **U**pdate any > UO - **U**pdate only their **O**wn > A - **A**dd any > AO - **A**dd only their **O**wn > D - **D**elete any > DO - **D**elete only their **O**wn > NA - **N**o **A**ccess <style type="text/css"> .tg {border-collapse:collapse;border-spacing:0;} .tg td{border-color:black;border-style:solid;border-width:1px;font-family:Arial, sans-serif;font-size:14px; overflow:hidden;padding:10px 5px;word-break:normal;} .tg th{border-color:black;border-style:solid;border-width:1px;font-family:Arial, sans-serif;font-size:14px; font-weight:normal;overflow:hidden;padding:10px 5px;word-break:normal;} .tg .tg-imry{background-color:#fffe65;border-color:inherit;font-weight:bold;text-align:center;vertical-align:middle} .tg .tg-2uq0{background-color:#f8a102;border-color:inherit;font-weight:bold;text-align:center;vertical-align:middle} .tg .tg-efol{background-color:#c0c0c0;border-color:inherit;font-weight:bold;text-align:center;vertical-align:middle} .tg .tg-22n5{background-color:#fe996b;border-color:inherit;font-weight:bold;text-align:center;vertical-align:middle} .tg .tg-h42r{background-color:#fffc9e;border-color:inherit;font-weight:bold;text-align:center;vertical-align:middle} .tg .tg-h46r{background-color:#f55cff;border-color:inherit;font-weight:bold;text-align:center;vertical-align:middle} .tg .tg-qzkb{background-color:#ffcc67;border-color:inherit;font-weight:bold;text-align:center;vertical-align:middle} .tg .tg-fymr{border-color:inherit;font-weight:bold;text-align:left;vertical-align:top} .tg .tg-9qwi{background-color:#fd6864;border-color:inherit;font-weight:bold;text-align:center;vertical-align:middle} .tg .tg-7btt{border-color:inherit;font-weight:bold;text-align:center;vertical-align:top} .tg .tg-jqxo{background-color:#9aff99;border-color:inherit;font-weight:bold;text-align:center;vertical-align:middle} .tg .tg-70yv{background-color:#ffcb2f;border-color:inherit;font-weight:bold;text-align:center;vertical-align:middle} .tg .tg-0pky{border-color:inherit;text-align:left;vertical-align:top} @media screen and (max-width: 667px) {.tg {width: auto !important;}.tg col {width: auto !important;}.tg-wrap {overflow-x: auto;-webkit-overflow-scrolling: touch;}}</style> <div class="tg-wrap"><table class="tg"> <thead> <tr> <th class="tg-fymr">USER</th> <th class="tg-qzkb" colspan="4">ORGANIZATIONAL USERS</th> <th class="tg-9qwi" colspan="5">SUPER ADMIN USERS</th> </tr> </thead> <tbody> <tr> <td class="tg-7btt" rowspan="10">FEATURES<br></td> <td class="tg-efol"> ACLS </td> <td class="tg-22n5">ADMIN</td> <td class="tg-jqxo">VIEWER</td> <td class="tg-imry">EDITER</td> <td class="tg-h42r">MAINTAINER</td> <td class="tg-h46r">MONITOR</td> <td class="tg-70yv">SUPER VIEWER</td> <td class="tg-2uq0">SUPER EDITER</td> <td class="tg-9qwi">SUPER ADMIN</td> </tr> <tr> <td class="tg-0pky">DEVICE MANGEMENT</td> <td class="tg-0pky">RO-WO-UO-DO-AO</td> <td class="tg-0pky">RO</td> <td class="tg-0pky">RO-WO-UO</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">R</td> <td class="tg-0pky">R-U-W</td> <td class="tg-0pky">R-U-W-D-A</td> </tr> <tr> <td class="tg-0pky">GATEWAY MANGEMENT</td> <td class="tg-0pky">RO-WO-UO-DO-AO</td> <td class="tg-0pky">RO</td> <td class="tg-0pky">AO-UO</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">R</td> <td class="tg-0pky">R-U-W</td> <td class="tg-0pky">R-U-W-D-A</td> </tr> <tr> <td class="tg-0pky">REST API</td> <td class="tg-0pky">RO-WO</td> <td class="tg-0pky">RO</td> <td class="tg-0pky">RO-WO</td> <td class="tg-0pky">RO</td> <td class="tg-0pky">R0</td> <td class="tg-0pky">RO-WO</td> <td class="tg-0pky">R-W</td> <td class="tg-0pky">R-W-D-U</td> </tr> <tr> <td class="tg-0pky">MONITORING SERVICE</td> <td class="tg-0pky">RO-AO-D0</td> <td class="tg-0pky">RO</td> <td class="tg-0pky">RO</td> <td class="tg-0pky">R-A-D</td> <td class="tg-0pky">R-A-D-U-W</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">R-A-D-W</td> </tr> <tr> <td class="tg-0pky">USER MANGEMENT</td> <td class="tg-0pky">AO-DO-U0</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">A-D-U-R-W</td> </tr> <tr> <td class="tg-0pky">NETWORK SERVER MANAGEMENT</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">R-W-A-D-U</td> <td class="tg-0pky">NA</td> <td class="tg-0pky">R</td> <td class="tg-0pky">R-U</td> <td class="tg-0pky">R-W-A-D-U</td> </tr> </tbody> </table></div> ## Programming platform(Suggestion) - [ ] Django(backend) - [ ] React(front end) - [ ] node js(backend) - [ ] Angular js(front end) - [ ] vu js (front end) - [ ] Falcon Web Framework(rest services) - [ ] Flask Framework(rest services) - [ ] mongodb(database) - [ ] LevelDB(database) - [ ] postgresdb(database) ## References [1] https://forum.chirpstack.io/t/rest-api-authorization-per-application/5321 ## Appendix and FAQ :::info **Find this document incomplete?** Leave a comment! ::: ###### tags: `LoRawan` `openiot` `icfoss`