* user_id: sequence
name
username (should be a valid email address, used to link internal user record with auth0 user), UNIQUE INDEX
status: unverified, verified (email ok), inactivated (banned), deleted
last_session_date
creation_date
application_quota (default: 5)
roles… as comma separated values or as independant table user_roles...
Max count of appli per user: Users.application_quota !
UserApplications:
application_id
user_id (foreign key = Users.user_id)
application_name VARCHAR(100) NOT NULL,
description VARCHAR(1024) NOT NULL,
organisation VARCHAR(100),
website VARCHAR(100),
token VARCHAR(1024) NOT NULL
status VARCHAR(10): active, banned
user_data_access: RO (default) / RW
origins varchar(512) : hostname hosting the webapp, used to make sure the call to the API is performed from that origin
lastSessionDate
creationDate
Application token:
json web token containing json objects signed with a secret used to make sure content is not modified
the token contains the application_id, token generation timestamp
created on application creation server side (secret kept server side)
Pseudo-code for user token validation (to be implemented by Dan)
decode token
Call API with a token
Get email from token
get user_details from token
get CACHED(username) method getUser(username, user_details)
if user==null
createUser(user_details)
return user
else
return
Pseudo-code for application token validation (to be implemented by Dan)
check token validity (cpu only)
get (CACHED) appli from db and verify not banned (db access)
check if token has origin flag and matches origin header
check if appli has access to user resources and get user details if necessary
set privileges of user or app according to access user resource flag
User drop down in main menu bar
contains options: profile, applications, lists, queries
User page
shows same options asuser menu bar: profile, applications, lists, queries on the left side
My profile view
make name field RW
add save button
on save, confirmation flash message info (green) auto hide
Application list view
Explanations if user application list is empty + button "create first application"
Table with appilcation list
columns: name, key, status & buttons: del, edit
Button "New" after last row allowing to create new application (if quota not reached, otherwise button disabled)
Application form
application_id hidden / readonly (=0 in case of new application)
owner (=users.username), readonly
appli name: text, mandatory
description: textarea, mandatory
organisation: text, optional
website: url, optional
user_data_access: drop down (read-only / read-write) default RO
origins text, optional : hostname(s) hosting the webapp, used to make sure the call to the API is performed from that origin
token: readonly, calculated (empty on new appli, computed oat save time)
button "Regenerate token" : regen token with new timestamp (implies call to API), button is disabled if application is new (application_id=0)
status: readonly (active, banned)
API call example
Language: dropdown with languages (wget, curl, javascript, …), on select, fill text below and fully select content to ease copy / paste user operations
text (contains example in selected language )
label: "type ctrl-c to copy the example
Save button (stays on form)
Back to list (returns to list)
Each field has a HELP bubble
On Save new application
get data from form (json object)
get user from session, add to data
generate token, add to data
save data to db
send back data incl. token created to UI
On GenerateToken
get data from form (json object)
check application exists in db (application_id != 0)
generate token from application_id + current server time
send back data to db to UI
On Save existing application
get data from form (json object)
get user from session, compare with field in form, make sure equals
do not generate token (use the one in data from form) !
save data to db
send back data to UI
On delete application (or update)
...
clear application cache
MCD for users, userProperties, userApplications
Users:
Max count of appli per user: Users.application_quota !
UserApplications:
Application token: json web token containing json objects signed with a secret used to make sure content is not modified the token contains the application_id, token generation timestamp created on application creation server side (secret kept server side)
Pseudo-code for user token validation (to be implemented by Dan) decode token Call API with a token Get email from token get user_details from token get CACHED(username) method getUser(username, user_details) if user==null createUser(user_details) return user else return
Pseudo-code for application token validation (to be implemented by Dan) check token validity (cpu only) get (CACHED) appli from db and verify not banned (db access) check if token has origin flag and matches origin header check if appli has access to user resources and get user details if necessary set privileges of user or app according to access user resource flag
User drop down in main menu bar contains options: profile, applications, lists, queries
User page shows same options asuser menu bar: profile, applications, lists, queries on the left side
My profile view make name field RW add save button on save, confirmation flash message info (green) auto hide
Application list view Explanations if user application list is empty + button "create first application" Table with appilcation list columns: name, key, status & buttons: del, edit Button "New" after last row allowing to create new application (if quota not reached, otherwise button disabled)
Application form application_id hidden / readonly (=0 in case of new application) owner (=users.username), readonly appli name: text, mandatory description: textarea, mandatory organisation: text, optional website: url, optional user_data_access: drop down (read-only / read-write) default RO origins text, optional : hostname(s) hosting the webapp, used to make sure the call to the API is performed from that origin
token: readonly, calculated (empty on new appli, computed oat save time) button "Regenerate token" : regen token with new timestamp (implies call to API), button is disabled if application is new (application_id=0) status: readonly (active, banned)
API call example Language: dropdown with languages (wget, curl, javascript, …), on select, fill text below and fully select content to ease copy / paste user operations text (contains example in selected language ) label: "type ctrl-c to copy the example
Save button (stays on form) Back to list (returns to list)
Each field has a HELP bubble
On Save new application get data from form (json object) get user from session, add to data generate token, add to data save data to db send back data incl. token created to UI
On GenerateToken get data from form (json object) check application exists in db (application_id != 0) generate token from application_id + current server time send back data to db to UI
On Save existing application get data from form (json object) get user from session, compare with field in form, make sure equals do not generate token (use the one in data from form) ! save data to db send back data to UI
On delete application (or update) ... clear application cache