Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Failed to load latest commit information.|
UCL WebKeyPass Description ----------- A simple web application for storing passwords and other pieces of information about servers. The servers and their virtual machines can be categorized (e.g. by operating systems). A hierarchy is displayed in a side panel. Misc nodes can also be added. This can be useful for licenses, web sites, databases or other things. To access the data, a login is necessary. There is a form to create a user. A user can be a normal user or an admin. Admins have access to an admin zone, where they can activate or edit other user accounts, and see a log of logins/logouts by month. Admins can also create the master key and encrypt the master key for other users (more information below). The Symfony 2 PHP web framework is used. This repository contains only a bundle. See the file INSTALL for the installation. Security -------- Each user has a username and a password. The password can be modified at any time. The user passwords are hashed and stored in the database. So far so good. The user must also provide a private key. Initially, when the user account is created, this private key is stored as-is in the database. But this is temporary. An admin must provide the master key, in the admin zone. The master key is then encrypted with the private key of the admin. The admin can also encrypt the master key for other users. Once the master key is encrypted for a certain user, his or her private key field is emptied. Users must provide each time their private key when they log in, to be able to decrypt the master key. The purpose of all this system is to encrypt and decrypt the server passwords with the master key. Shibboleth ---------- Shibboleth is an authentication system used at the UCL. When creating a new user account, WebKeyPass detects if the user is already authenticated with Shibboleth. If yes, some fields of the form are filled (username, name, e-mail, etc.). The private key is taken from Shibboleth too. If a user has created an account with Shibboleth, he or she must enter a username/password to login. If the user is not authenticated with Shibboleth, the user can enter manually his private key. Structure of the code --------------------- The architecture of the code follows mainly the Symfony 2 best practices. There is one difference though: in the Form/ directory, the classes are named *Form.php instead of *Type.php. So when we see the name "Form", we know that it is a form… The Controller/ directory is quite big, but most of the files are really small. There are three types of classes there: - Controller classes. All controlers derives from the MainController. Another important controller is the NodeController, which is the base class for displaying a node. For example, to display a category, the CategoryNodeController is used. - Action classes. Each possible action (which modifies in a certain manner the data) has an associated Action class. Action.php is the base class. For an action involving a form, there is FormAction. To take an example, there is the EditServerAction class for editing a server. The actions have an access to the controller object, to set the successful message, redirect the page, save the data to the database, etc. - Other classes: Icons, MasterKey, PrivateKey, Settings and Shibboleth. To display the tree in the side panel, the JQuery jsTree plugin is used. The size of the icons is 16x16.