diff --git a/.gitignore b/.gitignore index 34095ba..db84080 100644 --- a/.gitignore +++ b/.gitignore @@ -1,8 +1,7 @@ .env -/node_modules +node_modules package-lock.json .DS_Store -/vendor +vendor composer.lock -/config/environment.php -/nbproject +nbproject diff --git a/config/environment.php b/config/environment.php new file mode 100644 index 0000000..cbc3f72 --- /dev/null +++ b/config/environment.php @@ -0,0 +1,12 @@ + diff --git a/dump/database.sql b/dump/database.sql index e7e2df1..9574c32 100644 --- a/dump/database.sql +++ b/dump/database.sql @@ -2,9 +2,9 @@ CREATE DATABASE IF NOT EXISTS `bbox_login` /*!40100 DEFAULT CHARACTER SET latin USE `bbox_login`; -- MySQL dump 10.13 Distrib 5.7.17, for macos10.12 (x86_64) -- --- Host: localhost Database: bbox_login +-- Host: 127.0.0.1 Database: bbox_login -- ------------------------------------------------------ --- Server version 5.6.35 +-- Server version 5.5.5-10.1.29-MariaDB /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */; @@ -26,16 +26,18 @@ DROP TABLE IF EXISTS `bbox_users`; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `bbox_users` ( `id_user` int(11) NOT NULL AUTO_INCREMENT, - `user` varchar(45) CHARACTER SET utf8 NOT NULL, + `user` varchar(45) COLLATE utf8_bin NOT NULL, `user_password` varchar(35) COLLATE utf8_bin NOT NULL DEFAULT 'f5a5d1e505092b674af2e6fe94ec9341b0b', `is_active` tinyint(4) DEFAULT '1', `is_removed` tinyint(4) DEFAULT '0', `dt_last_activity` datetime DEFAULT NULL, `id_creator` int(11) NOT NULL DEFAULT '0', `dt_created` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, + `id_modifier` int(11) DEFAULT NULL, + `dt_last_modifier` datetime DEFAULT NULL, PRIMARY KEY (`id_user`), UNIQUE KEY `user_UNIQUE` (`user`) -) ENGINE=InnoDB AUTO_INCREMENT=92 DEFAULT CHARSET=utf8 COLLATE=utf8_bin; +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin; /*!40101 SET character_set_client = @saved_cs_client */; -- @@ -55,18 +57,21 @@ CREATE TABLE `bbox_users` ( /*!50003 SET @saved_sql_mode = @@sql_mode */ ; /*!50003 SET sql_mode = 'NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION' */ ; DELIMITER ;; -CREATE DEFINER=`root`@`localhost` FUNCTION `RANDOM_ID`() RETURNS text CHARSET utf8 +CREATE FUNCTION `RANDOM_ID`(case_type INT, data_value TEXT) RETURNS int(11) BEGIN - SET @numberRandom = FLOOR(10000 * RAND()); - - SET @numberRandom = ( - SELECT - IF(LENGTH(@numberRandom) > 3, - (MID(@numberRandom,1,3)), - @numberRandom - )); - -RETURN @numberRandom; + DECLARE RANDOM_USER INT DEFAULT 1; + DECLARE SHORT_LAST_NAME INT DEFAULT 2; + + CASE + WHEN case_type = RANDOM_USER THEN + RETURN MID(FLOOR(10000 * RAND()),1,3); + WHEN case_type = SHORT_LAST_NAME THEN + SET @number_random = FLOOR(10 * RAND()) + 1; + WHILE (@number_random < 2 OR @number_random >= LENGTH(data_value)) DO + SET @number_random = SUBSTRING(FLOOR(100 * RAND()),1); + END WHILE; + RETURN @number_random; + END CASE; END ;; DELIMITER ; /*!50003 SET sql_mode = @saved_sql_mode */ ; @@ -83,7 +88,7 @@ DELIMITER ; /*!50003 SET @saved_sql_mode = @@sql_mode */ ; /*!50003 SET sql_mode = 'NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION' */ ; DELIMITER ;; -CREATE DEFINER=`root`@`localhost` FUNCTION `SPLIT_STR_PARAM`(x TEXT, delim VARCHAR(12),pos INT) RETURNS text CHARSET utf8 +CREATE FUNCTION `SPLIT_STR_PARAM`(x TEXT, delim VARCHAR(12),pos INT) RETURNS text CHARSET utf8 RETURN REPLACE (SUBSTRING(SUBSTRING_INDEX(x, delim, pos), LENGTH(SUBSTRING_INDEX(x, delim, pos -1)) + 1), @@ -93,7 +98,7 @@ DELIMITER ; /*!50003 SET character_set_client = @saved_cs_client */ ; /*!50003 SET character_set_results = @saved_cs_results */ ; /*!50003 SET collation_connection = @saved_col_connection */ ; -/*!50003 DROP FUNCTION IF EXISTS `USER_EXIST` */; +/*!50003 DROP FUNCTION IF EXISTS `USER_NO_EXIST` */; /*!50003 SET @saved_cs_client = @@character_set_client */ ; /*!50003 SET @saved_cs_results = @@character_set_results */ ; /*!50003 SET @saved_col_connection = @@collation_connection */ ; @@ -101,11 +106,15 @@ DELIMITER ; /*!50003 SET character_set_results = utf8 */ ; /*!50003 SET collation_connection = utf8_general_ci */ ; /*!50003 SET @saved_sql_mode = @@sql_mode */ ; -/*!50003 SET sql_mode = 'NO_ENGINE_SUBSTITUTION' */ ; +/*!50003 SET sql_mode = 'NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION' */ ; DELIMITER ;; -CREATE DEFINER=`root`@`localhost` FUNCTION `USER_EXIST`(user TEXT) RETURNS text CHARSET utf8 +CREATE FUNCTION `USER_NO_EXIST`(user TEXT) RETURNS tinyint(1) BEGIN - RETURN (select COUNT(*) from bbox_login.bbox_users where SUBSTRING_INDEX(bbox_login.bbox_users.user,'.',2) = user); + IF (SELECT COUNT(*) FROM bbox_login.bbox_users WHERE SUBSTRING_INDEX(bbox_login.bbox_users.user,'.',2) = user) = 0 THEN + RETURN TRUE; + ELSE + RETURN FALSE; + END IF; END ;; DELIMITER ; /*!50003 SET sql_mode = @saved_sql_mode */ ; @@ -122,7 +131,7 @@ DELIMITER ; /*!50003 SET @saved_sql_mode = @@sql_mode */ ; /*!50003 SET sql_mode = 'NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION' */ ; DELIMITER ;; -CREATE DEFINER=`root`@`localhost` PROCEDURE `sp_login_user_get`(IN case_type INT, IN data_value TEXT, IN id_modifier INT) +CREATE PROCEDURE `sp_login_user_get`(IN case_type INT, IN data_value TEXT, IN id_modifier INT) BEGIN DECLARE GET_USER INT DEFAULT 2; @@ -131,19 +140,19 @@ CASE WHEN case_type = GET_USER THEN #This case get username and password, check its existence in bbox.users table, if this exist it returns the id_user, otherwise, nothing SET @user = SPLIT_STR_PARAM(data_value,"|-|",1); SET @pass = SPLIT_STR_PARAM(data_value,"|-|",2); - + SELECT id_user INTO @id_user - FROM `bbox_users` + FROM `bbox_users` WHERE user = @user AND user_password = @pass COLLATE utf8_bin; - + SELECT @id_user as uuid, id_employee as id_employee, id_position as id_position, shortName as name FROM bbox_personnel.e_employee where id_user = @id_user LIMIT 1; - + END CASE; END ;; DELIMITER ; @@ -159,47 +168,90 @@ DELIMITER ; /*!50003 SET character_set_results = utf8 */ ; /*!50003 SET collation_connection = utf8_general_ci */ ; /*!50003 SET @saved_sql_mode = @@sql_mode */ ; -/*!50003 SET sql_mode = 'NO_ENGINE_SUBSTITUTION' */ ; +/*!50003 SET sql_mode = 'NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION' */ ; DELIMITER ;; -CREATE DEFINER=`root`@`localhost` PROCEDURE `sp_login_user_set`(IN case_type INT, IN data_value TEXT, IN id_modifier INT) +CREATE PROCEDURE `sp_login_user_set`(IN case_type INT, IN data_value TEXT, IN id_modifier INT) BEGIN -DECLARE SET_NEW_USER INT DEFAULT 1; +DECLARE INSERT_NEW_USER INT DEFAULT 1; +DECLARE MODIFY_USER INT DEFAULT 2; +DECLARE DELETE_USER INT DEFAULT 3; CASE - WHEN case_type = SET_NEW_USER THEN - SET data_value = LOWER(data_value); + WHEN case_type = INSERT_NEW_USER THEN + SET data_value = REPLACE(LOWER(data_value), ' ',''); SET @name = SPLIT_STR_PARAM(data_value,"|-|",1); SET @middle = SPLIT_STR_PARAM(data_value,"|-|",2); SET @last_name = SPLIT_STR_PARAM(data_value,"|-|",3); SET @second_last = SPLIT_STR_PARAM(data_value,"|-|",4); - IF USER_EXIST(CONCAT(@name,'.',@last_name)) = 0 THEN - SET @shortName = SUBSTRING(CONCAT(@name,'.',@last_name),1,16); - ELSEIF LENGTH(@second_last) && USER_EXIST(CONCAT(@name,'.',@second_last)) = 0 THEN - SET @shortName = SUBSTRING(CONCAT(@name,'.',@second_last),1,16); - ELSEIF LENGTH(@middle) && USER_EXIST(CONCAT(@name,'.', @middle))= 0 THEN - SET @shortName = SUBSTRING(CONCAT(@name,'.', @middle),1,16); - ELSEIF LENGTH(@middle) && USER_EXIST(CONCAT(@middle,'.',@last_name)) = 0 THEN - SET @shortName = SUBSTRING(CONCAT(@middle,'.',@last_name),1,16); - ELSEIF LENGTH(@middle) && LENGTH(@second_last) && USER_EXIST(CONCAT(@middle,'.',@second_last)) = 0 THEN - SET @shortName = SUBSTRING(CONCAT(@middle,'.',@second_last),1,16); - ELSE - SET @shortName = SUBSTRING(CONCAT(@name,'.',LEFT(@last_name, LENGTH(@last_name)-2)),1,16); + SET @name_last = CONCAT(@name,'.',@last_name); + SET @name_second_last = CONCAT(@name,'.',@second_last); + SET @name_middle = CONCAT(@name,'.', @middle); + SET @middle_last = CONCAT(@middle,'.',@last_name); + SET @middle_second = CONCAT(@middle,'.',@second_last); + SET @name_last_2 = CONCAT(@name,'.',MID(@last_name,1,RANDOM_ID(2,@last_name))); + + IF USER_NO_EXIST(@name_last) THEN + SET @shortName = MID(@name_last,1,16); + ELSEIF LENGTH(@second_last) && USER_NO_EXIST(@name_second_last) THEN + SET @shortName = MID(@name_second_last,1,16); + ELSEIF LENGTH(@middle) && USER_NO_EXIST(@name_middle) THEN + SET @shortName = MID(@name_middle,1,16); + ELSEIF LENGTH(@middle) && USER_NO_EXIST(@middle_last) THEN + SET @shortName = MID(@middle_last,1,16); + ELSEIF LENGTH(@middle) && LENGTH(@second_last) && USER_NO_EXIST(@middle_second) THEN + SET @shortName = MID(@middle_second,1,16); + ELSE + SET @shortName = MID(@name_last_2,1,16); END IF; - + IF SUBSTRING(@shortName,16) = '.' THEN - SET @shortName = REPLACE(@shortName,'.',''); + SET @shortName = TRIM(TRAILING '.' FROM @shortName); END IF; - - SET @user = CONCAT(@shortName, '.',RANDOM_ID()); - - WHILE ((select COUNT(*) from bbox_login.bbox_users where user = @user and is_active = 1)>0) DO + + SET @user = CONCAT(@shortName, '.',RANDOM_ID(1,'')); + + WHILE ((SELECT COUNT(*) FROM bbox_login.bbox_users WHERE user = @user AND is_active = 1)>0) DO SET @user = CONCAT(@shortName, '.',RANDOM_ID()); END WHILE; - INSERT INTO bbox_login.bbox_users(user, id_creator) values(@user, id_modifier); + INSERT INTO bbox_login.bbox_users + (user, + id_creator, + id_modifier, + dt_last_modifier) + VALUES + (@user, + id_modifier, + id_modifier, + NOW()); + + SELECT user + FROM bbox_login.bbox_users + WHERE user = @user; + + WHEN case_type = MODIFY_USER THEN + SET @user_id = SPLIT_STR_PARAM(data_value,"|-|",1); + SET @new_password = SPLIT_STR_PARAM(data_value,"|-|",2); + + UPDATE bbox_login.bbox_users + SET + user_password = @new_password, + id_modifier = id_modifier, + dt_last_modifier =NOW() + WHERE id_user = @user_id; + + WHEN case_type = DELETE_USER THEN + SET @user_id = SPLIT_STR_PARAM(data_value,"|-|",1); + + UPDATE bbox_login.bbox_users + SET + is_active = 0, + id_modifier = id_modifier, + dt_last_modifier = NOW() + WHERE id_user = @user_id; END CASE; END ;; @@ -218,4 +270,4 @@ DELIMITER ; /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; --- Dump completed on 2018-02-08 15:27:04 +-- Dump completed on 2018-02-14 13:45:48 diff --git a/package.json b/package.json index 729d73d..a91a5d9 100644 --- a/package.json +++ b/package.json @@ -22,6 +22,7 @@ }, "dependencies": { "beliveo-files": "git+https://github.com/SDBLV/beliveo-files.git", + "bootstrap": "^4.0.0", "font-awesome": "4.7.0", "jquery": "^3.2.1" }, diff --git a/src/client/index.php b/src/client/index.php index e3c998c..00e4476 100644 --- a/src/client/index.php +++ b/src/client/index.php @@ -3,6 +3,8 @@ Beliveo Authentication + + @@ -13,7 +15,8 @@ require '../../config/environment.php'; ?> -
+
+
+
diff --git a/src/client/pages/create-user/index.php b/src/client/pages/create-user/index.php new file mode 100644 index 0000000..f3ffd83 --- /dev/null +++ b/src/client/pages/create-user/index.php @@ -0,0 +1,28 @@ + + + + Beliveo bBox - Powered by people + + + + + +
+
+

CREATE NEW USER


+
+
+
+
+
+
+

+ +
+
+

+ +
+
+
+ diff --git a/src/client/pages/create-user/js/functions.js b/src/client/pages/create-user/js/functions.js new file mode 100644 index 0000000..664d3fc --- /dev/null +++ b/src/client/pages/create-user/js/functions.js @@ -0,0 +1,52 @@ +$(document).ready( + function () { + var api_url = "src/server/public"; + + var create_user = function (e) { + var name = $("#txtName").val() + var middle = $("#txtMiddle").val() + var last = $("#txtLastName").val() + var second = $("#txtSecondLast").val(); + var dataJson = JSON.stringify({name: name, middle: middle,last:last,second:second}); + if (name != "" & last != "" ) { + $.ajax( + { + type: "POST", + contentType: 'application/json', + url: api_url+"/user/create", + dataType: "json", + data: dataJson, + cache: false, + beforeSend: function () {}, + success: function (data, textStatus, jqXHR) { + var response = eval(data); + var code = response.status.code; + var message = response.status.message; + var message_console = response.status.message_console; + + switch (code) { + case 201: + var cun = response.user.user; + $("#txtNewUser").val(cun); + break; + case 500: + alert(message); + console.log(message_console); + break; + default: + console.log(message_console); + } + }, + error: function (jqXHR, textStatus, errorThrown) { + console.log(errorThrown); + } + } + ); + } else { + alert("Name and Last name can not be empty"); + } + } + + $("#btnCreateUser").click(create_user); + } +); diff --git a/src/client/pages/login/css/styles.css b/src/client/pages/login/css/styles.css index 4b12a68..99af53f 100644 --- a/src/client/pages/login/css/styles.css +++ b/src/client/pages/login/css/styles.css @@ -26,7 +26,7 @@ outline: none; background: #fff; display: block; - width: calc(100% - 30px); + width: calc(100%); padding: 10px 15px; border: none; border-radius: 2px; diff --git a/src/server/src/routes/user.php b/src/server/src/routes/user.php index df457c2..a9c780a 100644 --- a/src/server/src/routes/user.php +++ b/src/server/src/routes/user.php @@ -42,3 +42,41 @@ function ( Request $request, Response $response ) { echo json_encode($response_obj); } ); + +$app->post( + '/user/create', function (Request $request, Response $response) { + $case = 1; + $name = $request->getParam("name"); + $middle = $request->getParam("middle"); + $last = $request->getParam("last"); + $second = $request->getParam("second"); + + $data=join('|-|', array($name, $middle, $last, $second)); + $editor = $_SESSION['id_employee']; + $sql = "CALL sp_login_user_set(:case, :data, :editor)"; + $results = getDBData($sql, $case, $data, $editor); + + $user = new stdClass(); + $status = new stdClass(); + $response_obj = new stdClass(); + + $count_results = count($results); + + switch ($count_results) { + case 1: + $user->user = $results[0]->user; + $status->code = 201; + $status->message = 'User created'; + break; + default: + $status->code = 500; + $status->message = 'Server error, user not created'; + break; + } + + $response_obj->user = $user; + $response_obj->status = $status; + + echo json_encode($response_obj); + } +); diff --git a/wiki/W1_User Stories.md b/wiki/W1_User Stories.md deleted file mode 100644 index 253bb36..0000000 --- a/wiki/W1_User Stories.md +++ /dev/null @@ -1,40 +0,0 @@ - # USER STORY - - - - - - - - - - - - - - - - - - - - - - -
-
User Story
- Create a Login System
User Story id:122017-1Extension or modification:N/A
-
Description
- As a general user of bBox, I need a section to login to the platform with username and password, thus be able to have a security package in bBox and login to plataform.
-
Example
-
-
Fig. 1 bBox login example
-
-
Observations
- 1. For the user to access an application must be logged in, otherwise, please redirect to this application.
- 2. A user database must be generated, and communicate it with the application .
- 3. The sending and receiving of passwords must be encrypted. -
-
Status
- - Accepted -
diff --git a/wiki/W2_Technology Used.md b/wiki/W2_Technology Used.md index b5cab6c..b8fcf11 100644 --- a/wiki/W2_Technology Used.md +++ b/wiki/W2_Technology Used.md @@ -4,16 +4,15 @@ |
Tool
|
Used to
| | ------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| **Text Editor** | Text editor of the code to be made ATOM and IDE NetBeans | +| **Text Editor** | Text editor of the code to be made ATOM and Sublime Text | | **CodeSniffer** | Tool that allows to follow good coding practices for the languages.
**Used version:** 3.2.2 by [Squiz](https://github.com/squizlabs/PHP_CodeSniffer) | | **HTML** | Language for the structuring of the web page.
**Version:** from to HTML5. | | **CSS** | Apply styles to pages.
**Version:** from to CSS3. | -| **Hashing** | An encryption method is used for sending, compiling and storing passwords.Used hash:
**pbkdf2** with sha256, own seed, iterations: 100 and length: 35 for user password, from to PHP 5.5.
**base64_encode** encode the password for your shipment, in base 64, from to PHP 4.
**window.btoa** same to base64_encode but in Javascript. | | **Javascript** | Functionality to customer side pages.
**Used version:** ECMAScript 2017. | | **Web Navigator:
Google Chrome** | It allows the visualization of the projects carried out.
**Version:** Ultimate. | | **XAMPP** | Independent web server.
**1. Server API Apache:** from to Apache 2.0 Handler.
**2. Version MySQL:** from to 5.7.
**3. Version PHP:** from to 7.1.0.
| | **NODE.JS** | Provides a server-side execution environment that compiles and executes javascript.
**Version:** from to 8.9 | | **SLIM** | For the creation of web applications and API's.
**Used version:** Slim 3.0 | -| **GITHUB** | Save the general repository and allow download locally to perform tests.
**Used version:** git 2.15. | +| **GITHUB** | Save the general repository and allow download locally to perform tests.
**Used version:** git 2.15.
**Repository link:** https://github.com/SDBLV/beliveo-app-template.git | | **SLACK** | Communication of pending and monitoring of activities. | | **JIRA** | It is used to manage the sprint and planned tasks and it will be able to monitor the development. | diff --git a/wiki/W3_DB Documentation.md b/wiki/W3_DB Documentation.md index ddc2fb7..2df1e15 100644 --- a/wiki/W3_DB Documentation.md +++ b/wiki/W3_DB Documentation.md @@ -11,9 +11,27 @@ ## Stored procedures -|
Name
|
Parameters
|
Description
| -| --------------------- | ------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | -| sp_login_user_get | case_type INT
data_value TEXT
id_modifier INT | Obtain data information from the bbox login app tables; has cases to identify the action to be taken | +Each Stored Procedures contains the next parameters: + +| Name | Type | Description | +| --------------- | --------------------- | ---------------------------------------------------------------------------------------------------------------------- | +| **case_type** |
INT
| Each stored procedures contains 'cases', to identify each action this parameter is used that contains the case number. | +| **data_value** |
TEXT
| Contains all data to process in the SP. | +| **id_modifier** |
INT
| contains the id of the employee who has modified the information. | + +Stored Procedures used: + +#### sp_login_user_get +|
Case
| Id |
Description
|
What's need
|
Return
| +| --------------------- | --- | --------------------------------------------------------- | ---------------------------- | ------------------------------------------------------------------ | +| GET_USER | 1 | Search a selected user, if it exists, it return user data | user and password | id_user, id_employee, id_position and shortName of the select user | + +Search for a selected user, if it exists, return user data + +#### sp_login_user_set +|
Case
| Id |
Description
|
What's need
| +| --------------------- | --- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------- | +| SET_NEW_USER | 1 | Creates a new user with its short name and random number, looks for that it does not exist to insert it in the table, if it exists it continues generating a new user until it is unique. | Not null: Name and Last name. They may not exist: middle name and second last name | ## Functions diff --git a/wiki/img/Software_Development_Process.jpg b/wiki/img/Software_Development_Process.jpg deleted file mode 100644 index fca92d6..0000000 Binary files a/wiki/img/Software_Development_Process.jpg and /dev/null differ diff --git a/wiki/img/login_example.JPG b/wiki/img/login_example.JPG deleted file mode 100644 index 50a4433..0000000 Binary files a/wiki/img/login_example.JPG and /dev/null differ