Difference between revisions of "HyperAdmin"

From HypertWiki
Jump to navigation Jump to search
Line 5: Line 5:


==Login Sequence==
==Login Sequence==
# Get user input (user, pass, possibly extra pass & email)
 
# If no user given:
===Major phases===
## set $is_old_user flag
#check what came in (form/cookies); set flags
## check cookies for user/pass combination:
#inspect the database; set flags
### If user/pass found in cookies, set $is_old_user flag
#set cookies and show html
### If no user/pass found in cookies, set $do_login_screen flag
===Flow chart===
# ...else if user given:
*'''Phase I''': check what came in
## If password also given
*# Get user form input (user, pass, possibly extra pass & email)
### If 2 passwords match set $new_pass_valid flag
*# If no user given:
### If 2 passwords don't match, set $do_login_screen flag
*#* set $is_old_user flag
# Open database and inspect "users" table.
*#* check cookies for user/pass combination:
# If no users yet:
*#** If user/pass found in cookies, set $is_old_user flag
## set $is_first_user flag
*#** If no user/pass found in cookies:
# ...else if users found:
*#*** set $do_login_screen flag
(in progress)
*#***set login message to "Please log in"
## If $new_pass_valid:
*# ...else (user given):
### Create new account
*#* If password also given
*#** If 2nd password given:
*#*** If 2 passwords match set $do_create_user flag
*#*** If 2 passwords don't match:
*#**** set $do_login_screen flag
*#**** set login message to "passwords don't match"
*#*** ...else (no 2nd password):
*#**** set $do_login_attempt flag
*'''Phase II''': check database
*# Open database and inspect "users" table.
*# If no users yet:
*#* If $do_create_user:
*#** Add user to database
*#** Give user "god" permissions
*#** Set $login_ok flag
*#* ...else (not $do_create_user):
*#** Set login message to "you are the first user; please create a new account"
*# ...else if users found:
*#* If $do_login_attempt:
*#** Lookup encrypted password for given user
*#** If encryption of new password matches, set $login_ok flag
*#* ...else (not $do_login_attempt):
*#** If $new_pass_valid:
*#*** Create new account
*#*** Set $login_ok flag
*#** ...else (not $new_pass_valid):
*#*** set $do_login_screen flag
*#*** set login message to "invalid user/password"
*'''Phase III''': set cookies and show html
*# if $do_login_screen:
*#* Show login screen and login message
*# ...else if $login_ok
*#* Show control bar, with appropriate applications enabled
 
Possible bugs:
*Can $do_login_screen and $login_ok both end up false? In this case, nothing would be displayed.
*Can $do_login_screen and $login_ok both end up true? Is the resulting behavior appropriate?
 
==Tables==
==Tables==
*"K" indicates Primary Key fields
*"K" indicates Primary Key fields

Revision as of 16:23, 8 August 2005

Woozle: HyperAdmin

This is my attempt to create a general user administration system for use by other web-based applications (mostly mine) which might need one.

Login Sequence

Major phases

  1. check what came in (form/cookies); set flags
  2. inspect the database; set flags
  3. set cookies and show html

Flow chart

  • Phase I: check what came in
    1. Get user form input (user, pass, possibly extra pass & email)
    2. If no user given:
      • set $is_old_user flag
      • check cookies for user/pass combination:
        • If user/pass found in cookies, set $is_old_user flag
        • If no user/pass found in cookies:
          • set $do_login_screen flag
          • set login message to "Please log in"
    3. ...else (user given):
      • If password also given
        • If 2nd password given:
          • If 2 passwords match set $do_create_user flag
          • If 2 passwords don't match:
            • set $do_login_screen flag
            • set login message to "passwords don't match"
          • ...else (no 2nd password):
            • set $do_login_attempt flag
  • Phase II: check database
    1. Open database and inspect "users" table.
    2. If no users yet:
      • If $do_create_user:
        • Add user to database
        • Give user "god" permissions
        • Set $login_ok flag
      • ...else (not $do_create_user):
        • Set login message to "you are the first user; please create a new account"
    3. ...else if users found:
      • If $do_login_attempt:
        • Lookup encrypted password for given user
        • If encryption of new password matches, set $login_ok flag
      • ...else (not $do_login_attempt):
        • If $new_pass_valid:
          • Create new account
          • Set $login_ok flag
        • ...else (not $new_pass_valid):
          • set $do_login_screen flag
          • set login message to "invalid user/password"
  • Phase III: set cookies and show html
    1. if $do_login_screen:
      • Show login screen and login message
    2. ...else if $login_ok
      • Show control bar, with appropriate applications enabled

Possible bugs:

  • Can $do_login_screen and $login_ok both end up false? In this case, nothing would be displayed.
  • Can $do_login_screen and $login_ok both end up true? Is the resulting behavior appropriate?

Tables

  • "K" indicates Primary Key fields
  • "#" indicates autonumbered fields

Main data tables

  • users -- users with access to the admin system
#K ID int(4)
Name varchar(32)
Pass text
Email varchar(128) email address for password confirmation and such
WhenGood timestamp when user last logged in
WhenBad timestamp when user last attempted to log in but failed (bad password)
QtyFails int(4) number of failed login attempts since last success
  • groups -- each group has a role to play, and each role requires a particular set of privileges
#K ID int(4)
Name varchar(32)
Descr text text describing the purpose of this group
  • privs -- particular privileges; meaning is defined in code
#K ID int(4)
Name varchar(32)
Descr text text describing this permission

Collection/link tables

  • users_x_groups -- users in each group / groups to which each user belongs
K ID_User int(4) users.ID
K ID_Group int(4) groups.ID
  • groups_x_privs -- privileges each group has / groups having a particular privilege
K ID_Group int(4) groups.ID
K ID_Priv int(4) privs.ID

Logging tables

  • log -- logs of login attempts as well as what users did while logged in
K# ID int(4)
ID_User int(4) users.ID - which user, if any (NULL = unknown user)
ID_Session int(4) sessions.ID - more information in case user is unknown
When timestamp when this action was taken
Seq int(4) Order in which actions were executed, if done at the same time
Descr text description of action taken (should be very specific)