-
Notifications
You must be signed in to change notification settings - Fork 5
regn_login
The user management concerns users who wish to register an account with Sakura. This constitutes client-side validation of data, and server-side registration and authentication of user credentials.
The client-side validation of user data is done by making use of two forms combined in a single modal window. The two forms are used for User account registration and User login authentication and are invoked by clicking on the Sign In Link on the top right side of the home page.
The New Account form is shown here.
Each field entry as shown above is validated with respect to the semantics of the field and constraints on the data format.
For instance
- obligatory fields are checked for empty values
- the field for email only allows legal email addresses
- the password is not validated if it is not confirmed with the same value.
We show two instances of the form below each with invalid data and with valid data.
- The invalid fields have a highlighted red background which turns green with a valid value.
- The reasons for not validating the data appear below each input field.
All the fields have been validated and ready for submission. However, please note that the field values auto-filled by the browser appear with a yellow background.
We make use of parsley.js library (MIT License) to validate the form data.
A new user will be registered with all the credentials entered.
The new user upon registration has to login with his email and password in the Sign In form.
The Sign In form as shown below validates the field entries and allows user login only after successful authentication of the user credentials from the server-side.
The User table schema related to user information is as follows.
On the client side we make use of the crypto-js library from https://cdnjs.com/libraries/crypto-js with an MIT license from https://spdx.org/licenses/MIT.html
On the server side we primarily make use of the hashlib library in python(v3.4 onwards) and use the password-based key derivation function together with robust hashing functions to ensure secure password authentication.