with
Project Report on "Improving CDLI Framework"
The main aim of this project was to improve the CDLI framework.
The project focuses on:
- Building an authentication and authorization system for the framework.
- Integrating Elastic Search for Simple Search.
- Optimizing queries for Advance Search.
- Preparing search results (Expanded and Compact format) with data pre-processing.
- Vedant S. Wakalkar - Mentee
- Émilie Pagé-Perron - Mentor
- CakePHP 3
- Elastic Search
- Docker
- Javascript
- HTML
-
-
ByPassing 2FA (TwoFactorAuthentication)
-
Issue/s:
Users were able to bypass Two Factor Authentication, which is a security issue.
-
Solution:
Issue solved by forcing the user to verify 2FA during login or setup 2FA during registration.
Login When the user submits login credentials, he is redirected to verify 2FA.
If the user attempts to bypass 2FA by any means than the user has to resubmit login credentials.Register On successful submission of the register form, the user is redirected to set up 2FA.
If the user attempts to bypass 2FA by any means than the user has to register again.-
Outcome/s:
- The authentication process is made more secure
- 2FA is made mandatory for user accounts.
-
-
Setting up Role based Access System.
-
Issue/s:
To set up role-based access.
-
Solution:
User is assigned different roles according to which functionality can be accessed. Since the access was too granular, the efficient method was to check if the requested functionality can be accessed based on roles assigned to the user.
Psudo Code: // Input : Roles required for specific functionality check_roles_present( roles_required_array ) { // Get roles of current logged in user get_users_roles = getLoggedInUserRole(); // check if user contains roles present in roles_required_array intersect_role = array_intersect(get_users_roles, roles_required_array) // If intersect_role is empty the user cannot access requested fuctionality if (empty(intersect_role)) { return 0; } else { return 1; } }
-
Outcome/s:
Set up Role-based access successfully.
-
-
Strong Password checker.
-
Issue/s:
To implement a password checker to make the password harder to crack and secure.
-
Outcome/s:
Password checker implemented to set up a more secure password.
-
-
Implement Password Retrieval.
-
Issue/s:
No password retrieval functionality present.
-
Solution:
Implemented forgot password functionality with additional 2FA security layer.
-
Outcome/s:
- Password retrieval functionality implemented.
- 2FA verification added before changing password using retrieval link.
-
-
Fix ‘/logout’
-
Issue/s:
Users can add ‘/logout’ to the base URL resulting user gets logged out.
-
Solution:
Previously, the user was able to logout using the GET Request, which possesses a security threat. Fixed by accepting only logout POST REQUEST.
Logout When the user tries to logout using GET Request he is redirected to page with logout form and on submitting the user gets successfully logged out. -
Outcome/s:
Logout restricted to POST requests.
-
-
Making Account Inactive (After inactivity period more than 6 months).
-
Issue/s:
To disable user account when the user is inactive for more than 6 months.
-
Outcome/s:
Database event created to disable a user account.
-
-
-
-
Issue/s:
Upgrade current Simple search to ElasticSearch based search.
Simple Search 1. When the user tries to search india in Collection search category.
2. When the user tries to search using regex expression india* in the same search category.-
Outcome/s:
- Implemented ElasticSearch based Simple Search.
- Supports Pagination.
- 10x times faster than previous Simple Search.
-
-
-
Issue/s:
Optimize current Advanced Search Queries.
-
Outcome/s:
- Re-implemented Advacned Search from scratch.
- Expanded ElasticSearch support for Advanced Search.
- Added filter support for Advacned Search.
- Caching set of results to fetch next set of results.
- Able to retrive 0.3 million results within minutes.
-
-
-
Search Settings
-
Issue/s:
To modify the search results page based on the Search Settings set for filters and results per page.
Search Settings a -
Outcome/s:
Search Settings reflected in the search results page for both Simple and Advanced Search.
-
-
Filters
-
Issue/s:
To develop functionality for an interface that allows users to filter search results quickly based on filter values.
Filters Applying filters to the search results. -
Outcome/s:
Implemented filter functionality successfully.
-
-
Expanded and Compact View
-
Issue/s:
Users must be able to view search results in the expanded and compact version with all information displayed according to view.
Expanded and Compact View The user switching between Expanded view and Compact view. -
Outcome/s:
Support for Expanded and Compact view added.
-
-
-
RocketChat is a free Open Source Solution for team communications. The main aim is to set up RocketChat on own CDLI servers.
-
Outcome/s
RocketChat deployed on the CDLI server for CDLI Developers Community.
-
-
# Objectives Associated Deliverables Status Remarks 1 Authentication (2FA) Established more secure login by enforcing 2FA. ✔️ 2 Authorization Setup (Role-Based) Successfully set up role-based access. ✔️ 3 Simple Search Integrating Elastic Search for fast and accurate search results. ✔️ 4 Advanced Search Optimization Optimized advanced search queries. ✔️ 5 Search Result display a. Expanded & Compact result.
b. Stats for Search Result.
c. Search Filters.
d. Search Setting Page.✔️ Stats for Search Result yet to be addressed. -
# Objectives Associated Deliverables issue(s) Remarks 1 Search Settings A separate setting page for displaying search page and search result according to configuration. ✔️ 2 RocketChat Setup Setting up and deploying RocketChat for CDLI Developers. ✔️
- Add filter support for Simple Search.
- Documentation (Modules to be documented).
- I would like to thank my mentor Émilie Pagé-Perron for helping and guiding throughout the GSoC journey!
- Thanks to other mentees and mentors for collaboration.
- I am thankful to Google Summer Of Code for providing me with an opportunity to work with CDLI.