The EuroCMS Login Controller
| author | date | status |
|---|---|---|
| Imri Paloja | 11-2023 | acceptance |
Manages logins. This will also be used to view who has logged in, instead of the previous $_SESSION["USER_ID"].
DataBase table
Ponder:
- group_id: Log the entire group into something??
- uname: no need to query the uname in the users table?
- $_SESSION: Save all this information in session? The new one is going to be private and optionally encrypted. And DataBase as storage(MariaDB/Redis/SQLite)
| login_id | domain_id | user_id | login_start_time | login_end_time | ip | sess_id | auth_method_used | login_token | permissions | status |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | 1 | 1 | microtime(true) | 127.0.0.1 | {PHP SESS ID} | ldap | ECMS-{-SHA512SUM-} | 1,2,3,4,5,6 | active | |
| 2 | 2 | 4 | microtime(true) | 127.0.0.1 | {PHP SESS ID} | creds,email,telegram | ECMS-{-SHA512SUM-} | 1,2,3,4,5 | processing | |
| 3 | 2 | 54 | microtime(true) | 127.0.0.1 | {PHP SESS ID} | creds,email | ECMS-{-SHA512SUM-} | 1,2,3,4 | inactive | |
| 4 | 1 | 35 | microtime(true) | microtime(true) | 127.0.0.1 | {PHP SESS ID} | creds,telegram | ECMS-{-SHA512SUM-} | 1,2,3 | expired |
| 5 | 1 | 2 | microtime(true) | microtime(true) | 127.0.0.1 | {PHP SESS ID} | creds | ECMS-{-SHA512SUM-} | 1,2 | terminated |
| 6 | 1 | 6 | microtime(true) | microtime(true) | 127.0.0.1 | {PHP SESS ID} | creds,email,pword | ECMS-{-SHA512SUM-} | 1 | concluded |
- login_id: auto incremented, there will be no dual logged in IDs
- domain_id: The users logged in to the current domain
- user_id: The user id of the currently logged in user.
- date: The logged in date. If the session log in time is 30 minutes, this will be used as a basis.
- IP: The logged in users IP.
- sess_id: The PHP Session ID.
- auth_method_used: The authentication method used: LDAP,creds,email,...
- login_token: The sha512 login token. The content of the following columns is used as it's value:
domain_id,user_id,date,ip,sess_id,auth_method_used,permissions,status.. Example output isECMS-ABC12-ABC12-ABC12-ABC12-...-.... - permissions: The logged in users loaded permissions
- status: The status of the logged in user
Permissions
The feature login_add is hard-coded in the login controller, as it's the only controller that should be able to start the logged in process.
No delete and or modify features are present. For security purposes, so that people will always know who logged in at what time.
All of these features are domain aware! meaning everything is saved in the current domain.
| name | description | value | value description | value example |
|---|---|---|---|---|
| login_list | List all of the logged in users (In the current domain, and within its own change of command) | null | No value needed. It will list all of the logins in the current domain | null |
| login_add (ponder this) | Add a new user in the login process. | int $domain_id, int $user_id, int $date,string $ip, string $sess_id, string $auth_method_used, string$login_token, string $permissions, string $status | ||
| login_set_status | Set the status of the user in the login process. Available options are: active,processing,inactive,expired,terminated,concluded | |||
| login_get_status | Get the status of the currently logged user. |
login_list
| name | |
|---|---|
| data type | |
| custom filtering |
login_add
| name | $domain_id | $user_id | $date | $ip | $sess_id | $auth_method_used | $login_token | $permissions | $status |
|---|---|---|---|---|---|---|---|---|---|
| data type | int | int | string | string(valid IP) | string | string | string | string | string |
| custom filtering | none | none | Numeric value with a dot. | validate_ip | alpha numeric value | csv output. | custom ECMS validator | csv | one of: active, processing, inactive, expired, terminated, concluded |
login_set_status
| name | $status |
|---|---|
| data type | string |
| custom filtering | String needs to be one of: active, processing, inactive, expired, terminated, concluded |
| expected value |
| expected value | description |
|---|---|
| active | The user logged in successfully |
| processing | The user hasn't yet passed all of the validation methods |
| inactive | The user hasn't been active in X amount of minutes. |
| expired | The user was inactive and it passed the session expiration time. |
| terminated | The user's session was terminated by someone with login_set_status privileges. |
| concluded | The user has logged himself out. |
- active: The user logged in successfully
- processing: The user hasn't yet passed all of the validation methods
- inactive: The user hasn't been active in X amount of minutes.
- expired: The user was inactive and it passed the session expiration time.
- terminated: The user's session was terminated by someone with login_set_status privileges.
- concluded: The user has logged himself out.
login_get_status
| name | $status |
|---|---|
| data type | string |
| custom filtering | String needs to be one of: active, processing, inactive, expired, terminated, concluded |