User Management Library

From OWASP
Revision as of 05:41, 18 July 2013 by Rahul Chaudhary (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Contents

Introduction

As the name implies, User Management Library is a collection of functions aiming to manage users in a system. This library works on top of the "User Library" that we have defined in our framework. The basic difference between the two library is that the "User Library" is used to handle individual users. On the other hand, "User Management" is all about managing all those users. This library provides some basic functions such as "login" and "logout" that simplifies the functions in "User Library". On top of that, there are other functions that helps the developer to manage all the users in the database such "getting all users in the database" and "enumerating all the devices that the user is logged in from". So it can be said that this library is a wrapper library for "User Library" and in addition provides more functions to manage them.

Extending User Management Library

We have not provided and do not intend to provide all the functions that can be used with this library. We understand that there might be functions specific to the application that might be needed by the developers. Hence this library can be extended using the PHP's "extends" keyword. The extended class can contain the specific functions needed by the developers.

PHPSEC User Management Implementation

We have created this library in the most simplest sense we could, providing the developers functions that are secure and simple to use. Simple functions make this library more open and transparent. Some common functions in this library are: User Exists: Function to check if a user exists or not in the system.
Create User: Simplified function to create a user.
Delete User: Simplified function to delete a user.
Log-In Status: Function to check if a user is logged in or not.
Devices Logged In: Function to count the number of devices that the user is logged in from.
Log In: Function for user to log-in in the system.
Log Out: Function for user to log-out from the system.
Force Log In: Simplified function to force log-in a user.
Log Out from all devices: Function to log-out from all the devices at once.
Misc Functions: Other functions that provides common functions necessary for this library to work.

Other Helpful Links