I have a 2 gateways which connects to the server where user details are logged.
I can think of two ways to log users accessing the server through gateway.
First way: The logging is done on the server side i.e
Server(port 5001) Code:
au:([user:`$()]; tim:`timestamp$()); /- Table to maintain logged users
.z.pw:{`au upsert (x;.z.n); show y; 1b}
Gateway 1:
h:hopen `::5001:a:uts1
Gateway 2:
h: hopen `::5001:b:uts2
Second way: The logging is done from the gateway i.e
Server(port 5001) Code:
au:([user:`$()]; tim:`timestamp$()); /- Table to maintain logged users
Gateway 1:
q)h:hopen `::5001:a:uts1
q)h"`au upsert (`a;.z.p)"
Gateway 2:
q)h: hopen `::5001:b:uts2
q)h"`au upsert (`b;.z.p)"
Hence, is it good to write the user logging code on the server side(Server) or at the client side(Gateway in this case) or is there is better/standard way to do the same?
EDIT - What if we add a middleware(user manager) between multiple gateways and multiple servers, in that case will it be good to write the user logging code on the middleware(user manager) or at the client side(Gateway in this case)?
If users are connecting through a gateway to a number of servers I would implement the logging of users and authentication at the GW level. This would further abstract sensitive data away from potentially unauthorized users, and simplify keeping a master record account activity as all users need to go through the GW. Performing the account activity on the server-side would then need aggregation over multiple servers to get the full picture of system activity.