User - RHMAccounting/spring-allacc GitHub Wiki

User Authentication and Registration

A software as the one described here must implement a process of authentication for the user to access a secure interface and access services.

The purpose of this section is to detail the service(s) involved in the authentication and registration process of the main user of a company.

Okta or/and Keycloak will be used to secure access to the whole cloud network using OAuth2 protocol. Upon registration, a user will be given administrative role.

Details of a user within the identity service will be taken into consideration to ease the flow of the User Management System

Use Cases

Following is a Use case diagram describing the authentication system :

** TODO : PICTURE of OAuth2 flow and cloud system

Upon registration, a user will be able to add new users with different right accesses to a company. Basic details of the company are needed.

Sequence diagram

https://github.com/RHMAccounting/DOC/raw/master/DOC/static/images/user-app-auth-reg.png

Class diagram

Let's see the classes involved within the authenticating micro service.

https://github.com/RHMAccounting/DOC/raw/master/DOC/static/images/authentication_class_diagram.jpg

As you have noticed, a user can manage multiple companies with different roles. A logging system which purpose is to track logged in users at any time. This way we can clean up the base when we detect unused access for a certain period of time...

Database

This micro service will run on its own with a dedicated relational database such as PostGresql, Oracle or Mysql. There won't be any user interface for this service. It will provide an API system so it can interact with other services.

API System

We review here the different way to access the service from the outside...

User/Authentication interface

A first-time user of the client interface (react application, Android application) should see the log-in page when he/she opens the application. If the user is not registered, he should ask the manager/administrator to do that.

https://github.com/RHMAccounting/spring-allacc/blob/master/DOC/static/images/login.jpg

Login traces are kept inside the database. The Authentication service (OAuth2 tier service or in house via OpenSource or entirely built) will be configurable by the owner of the service. First time administrator will have to fill up details about the company as follow :

https://github.com/RHMAccounting/spring-allacc/blob/master/DOC/static/images/company-profile.jpg

Once a user is logged in and the company registered, he will be directed to the main page or Control Panel as follow :

https://github.com/RHMAccounting/spring-allacc/blob/master/DOC/static/images/control-panel.jpg

OAuth2 Tier Service

To ease the development of the platform, several external services will be available depending on the administrator.

Okta and Keycloak are selected by default. Okta is a cloud identity solution free of use for a certain amount of clients and Keycloak is an Open Source identity and access management resource.

⚠️ **GitHub.com Fallback** ⚠️