Woozle: HyperAdmin
This is my attempt to create a general user administration system for use by other web-based applications (mostly mine) which might need one.
Login Sequence
Major phases
- check what came in (form/cookies); set flags
- inspect the database; set flags
- set cookies and show html
Flow chart
- Phase I: check what came in
- Get user form input (user, pass, possibly extra pass & email)
- If no user given:
- check cookies for user/pass combination:
- If user/pass found in cookies, set $is_revisit flag
- If no user/pass found in cookies:
- set $do_login_screen flag
- set login message to "Please log in"
- ...else (user given):
- If password also given
- If 2nd password given:
- If 2 passwords match set $do_create_user flag
- If 2 passwords don't match:
- set $do_login_screen flag
- set login message to "passwords don't match"
- ...else (no 2nd password):
- set $do_login_attempt flag
- Phase II: check database
- Open database and inspect "users" table.
- If no users yet:
- If $do_create_user:
- Add user to database
- Give user "god" permissions
- Set $login_ok flag
- ...else (not $do_create_user):
- Set login message to "you are the first user; please create a new account"
- ...else if users found:
- If $do_login_attempt:
- Lookup encrypted password for given user
- If encryption of new password matches
- set $login_ok flag
- if previous login was successful (check timestamps), set login attempts to zero
- ...else (password mismatch):
- increment login attempts for this user
- set login message to "invalid user/password"
- if $is_revisit, log a HACK WARNING
- ...else (not $do_login_attempt):
- If $new_pass_valid:
- Create new account
- Set $login_ok flag
- ...else (not $new_pass_valid):
- set $do_login_screen flag
- Phase III: set cookies and show html
- if $do_login_screen:
- Show login screen, login message, and # of login attempts for this user
- ...else if $login_ok
- Set user/pass cookie
- Show control bar, with appropriate applications enabled and user info:
- Time of last successful login
- Time of last unsuccessful login
- Number of failed login attempts
Possible security holes:
- Can $do_login_screen and $login_ok both end up false? In this case, nothing would be displayed.
- Can $do_login_screen and $login_ok both end up true? Is the resulting behavior appropriate?
Tables
- "K" indicates Primary Key fields
- "#" indicates autonumbered fields
Main data tables
- users -- users with access to the admin system
| #K |
ID |
int(4)
|
|
Name |
varchar(32)
|
|
Pass |
text
|
|
Email |
varchar(128) |
email address for password confirmation and such
|
|
WhenGood |
timestamp |
when user last logged in
|
|
WhenBad |
timestamp |
when user last attempted to log in but failed (bad password)
|
|
QtyFails |
int(4) |
number of failed login attempts since last success
|
- groups -- each group has a role to play, and each role requires a particular set of privileges
| #K |
ID |
int(4)
|
|
Name |
varchar(32)
|
|
Descr |
text |
text describing the purpose of this group
|
- privs -- particular privileges; meaning is defined in code
| #K |
ID |
int(4)
|
|
Name |
varchar(32)
|
|
Descr |
text |
text describing this permission
|
Collection/link tables
- users_x_groups -- users in each group / groups to which each user belongs
| K |
ID_User |
int(4) |
users.ID
|
| K |
ID_Group |
int(4) |
groups.ID
|
- groups_x_privs -- privileges each group has / groups having a particular privilege
| K |
ID_Group |
int(4) |
groups.ID
|
| K |
ID_Priv |
int(4) |
privs.ID
|
Logging tables
- log -- logs of login attempts as well as what users did while logged in
| K# |
ID |
int(4)
|
|
ID_User |
int(4) |
users.ID - which user, if any (NULL = unknown user)
|
|
ID_Session |
int(4) |
sessions.ID - more information in case user is unknown
|
|
When |
timestamp |
when this action was taken
|
|
Seq |
int(4) |
Order in which actions were executed, if done at the same time
|
|
Descr |
text |
description of action taken (should be very specific)
|