v4 old version server api entrance
To access the White SDK and develop a complete real-time interactive whiteboard, you not only need to develop a client (front-end) App, but also a server-side application. In addition to carrying other services, this server-side application also needs to manage the room and distribute Tokens for authentication to the client (front-end) App.
A complete real-time interactive whiteboard application includes two parts: client (front-end) and back-end. The two ends cooperate with each other to create rooms, distribute Tokens, join rooms, and participate in interaction.
Netless real-time interactive whiteboard manages permissions through Room Token. You can use the server-side API provided by Netless to generate Room Tokens with different role for a specific room. The roles provided by Netless, from low to high, are reader, writer, and admin. What a low-level role can do, a high-level role can do, but the reverse is not true.
In particular, in the server-side API, the SDK Token can be used as the Room Token of the admin role in any room.
You need to design your own business logic based on the Room Token mechanism provided by Netless, combined with the business user system and authority management.
Although you can write the SDK Token to the client (front end) and call the Netless server API through the front end to achieve a complete business process. However, we strongly do not recommend you to do this.
If you decide not to write a server application, there will be two obvious problems.
Any operation based on the Netless server API must be initiated by the SDK Token. SDK Token is an important asset of the company and team. If it is held by the client (front-end), others can steal the SDK Token through decompilation and packet capture. Once the SDK Token is leaked, it will cause serious security problems.
Netless cloud does not know your user system, nor your authentication logic. The authority management of your user system needs a carrier, and this carrier is the business server. The business server needs to translate the authentication logic you designed into a Room Token that Netless can understand.