Allow users access to a server for a limited time from a website?

ScottishKing

Hi,

I want to create a web app that allows users to log in, pay some money, and then get access to an RDP session on a server for a limited amount of time.

Sort of 'rent-a-server' type thing.

I can create a website with ASP or Django that lets users sign up authenticate, accept payment, have a database tracking how much time they have been allocated.

The question is though, how would I design access to the other server I'm renting?

Can you have dynamic urls that expire after a set amount of time?

Or would you have everything in Azure and use Identity management or something to tie the authenticated users to the server?

Or maybe when you log into the website, it creates the RDP session for you and doesn't allow it to be created after your time has expired?

Thanks :)

1 Week Ago #1

niheel

It should be doable.

Are the server's VMs? If they are VMs you could probably set time limits on the remote desktop session.
It would also be OS dependent.

If you are provisioning a fresh OS for every session, i believe it should be.

Windows:
https://www.ryadel.com/en/remote-des...s-server-2012/

Planning and Deploying Session-based Virtual Desktops

Azure, AWS, GCP make it easier.
I think AWS announced MacOS instances recently, so you can create broad availability of server types to provision.

user account in your app db -> user account on a server -> data & applications states are provisioned at each creation -> you can manage access via the app and AWS/Azure code ( firewalls and combination of simple shutdown/startup of vm instance ).

You could probably programmatically set these.

1 Week Ago #2

dev7060

I want to create a web app that allows users to log in, pay some money, and then get access to an RDP session on a server for a limited amount of time.

Sort of 'rent-a-server' type thing.

I can create a website with ASP or Django that lets users sign up authenticate, accept payment, have a database tracking how much time they have been allocated.

I guess could be achieved via sessions and cookies. Keep track of the user via session-id and store the remaining time in the database. Keep updating the time via asynchronous background calls and destroy the session on completion or alter a session variable value and limit the user access area. Have the data permanently stored in the database to synchronize between modules.

1 Week Ago #3

ScottishKing

Thanks for the answers!

Both are very useful, but I'd lean towards the sessions idea as some of it will be hardware based.

FYI, if you're interested, my friend has bought some expensive industry equipment for a personal project and want to rent online access to it to recoup some of the cost. Sort of like remote lab equipment setup.

1 Week Ago #4

SwissProgrammer

A way to do this could be to use a dynamically created page. It could be created in response to need. After a set time or variable time it could be deleted from the server. See https://duckduckgo.com/?q=dynamicall...es&t=h_&ia=web . One page or multiple pages per customer. Create, use, track activity or not, delete.

4 Days Ago #5