In this step you will:

  • Create a web API.
    • On your website
    • Which can be called by the Luxiflux Zonal tool
    • To authenticate your website
  • Test it.


Step 1.1    Credentials


Once you register for a trial or production version, you can retrieve your credentials (username, password).

These are the credentials you need to authenticate the tool when it is launched.


To retrieve your Luxiflux credentials:

  • Login to your account at www.LightingAnalysts.com.
  • Navigate to the License Portal.
  • Find your Luxiflux license in the licenses list.
  • Select the View Credentials link.
    • If the View Credentials link is disabled you need to have your account administrator login and retrieve the credentials instead.
    • Your account administrator is listed in the License Portal in the Users list.
  • Find your username and password on the View Credential page.

If you have any questions, please email support@luxiflux.com with the subject "Luxiflux Credentials".


Luxiflux credentials:

  • Are only used to authenticate Luxiflux tools.
  • Are never required to login anywhere.
  • Must never be shared with anyone.
  • Must never be used in any client side code or web page.
  • Must be properly secured on the server side of your website (code which runs only on the server, database, encryption, etc).  


If these credentials are acquired by a third party (malicious or otherwise) your account may be disabled (and the tool will cease to function on your website) until the issue is resolved.


Step 1.2    Create a Web API URL


You need to create a web API on your website.

Decide what the URL for the API will be.

Also decide on a URL for a test API.


Example:

https://www.example.com/Luxiflux/Test

https://www.example.com/Luxiflux/Authentication


Step 1.3    Create a Test API on Your Website


You can use any technology you want to create the web API.  Here are two common example scenarios for reference.


Example Test API -- Using NodeJS


AuthenticationExample() {    
    return "Hello World: " + new Date().toString();
}


Example Test API -- Using PHP


<?php
date_default_timezone_set("America/Denver");
echo "Hello World: " . date("Y-m-d H:i:s");
?>


To test your API point your web browser to the API URL you decided on in the previous step.

You should see a response similar to the following in your web browser.


Hello World: Sun Dec 31 2000 23:59:59 GMT-0700 (Mountain Standard Time)
OR
Hello World: 2000-12-31 23:59:59


Step 1.4    Create an Authentication Web API on Your Website


The authentication API will:

  1. Be called from the Luxiflux tool as an HTTPS GET request.
  2. Launch a new POST request.
    1. The POST request is made to https://v1-zonal-api.luxiflux.com/Authenticate
    2. The POST data should consist of the username and password in JSON format.
  3. Receive the response from the POST request (consists of one or more authentication tokens in JSON format).
  4. Return the response from the POST request as the HTTPS response from this API.


You can use any technology you want to create the web API.  Here are two common example scenarios for reference.


Example Authentication API -- Using NodeJS and Axios

Note:  Do NOT use this code on the client side for security reasons.


async AuthenticationExample() {
    const url = "https://v1-zonal-api.luxiflux.com/Authenticate";
    const data = { Username: "YourUsername", Password: "YourPassword" };
    const config = { headers: { "Content-Type": "application/json" } };

    const response = await axios.post(url, data, config);

    response.headers["Access-Control-Allow-Origin"] = "https://v1-zonal-tools.luxiflux.com";
    response.headers["Access-Control-Allow-Methods"] = "GET";
    response.headers["Cache-Control"] = "no-store";

    return response;
}


Example Authentication API -- Using PHP and cURL


<?php

$handle = curl_init();
$options = array(
    CURLOPT_URL            => "https://v1-zonal-api.luxiflux.com/Authenticate",
    CURLOPT_POST           => true,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_POSTFIELDS     => '{"Username": "YourUsername", "Password": "YourPassword"}'
);
curl_setopt_array($handle, $options);
$response = curl_exec($handle);
curl_close($handle);

header("Access-Control-Allow-Origin: https://v1-zonal-tools.luxiflux.com");
header("Access-Control-Allow-Methods: GET");
header("Cache-Control: no-store");

echo $response;

?>


To test your API point your web browser to the API URL you decided on in the previous step.

You should see a response similar to the following in your web browser.


{
  "AccessToken": "abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuvwxyz0123456789"
}


Step 1.5    Test Your API


Point your web browser to:

https://v1-zonal-tools.luxiflux.com


You should get an error indicating the AuthenticationUrl is missing.


Now try it with your authentication API URL attached as a query parameter to the tool URL.


Example:

https://v1-zonal-tools.luxiflux.com/?AuthenticationUrl=https://www.example.com/Luxiflux/Authentication


If you supply an AuthenticationUrl that returns a valid response, you will see a functional demo version of the tool.

If you supply an AuthenticationUrl that is invalid, fails, or does not return an appropriate response you will get an error.