Feature design¶
Feature Info
Feature Name |
Feature description |
Design constraints |
|---|---|---|
提供用户注册功能。注册时除提供必须的用户名外,还可以选择提供邮箱地址。建议填写邮箱地址,便于忘记密码后找回密码时进行验证。 |
注册时提供的用户名、邮箱地址必须是唯一的,如果已存在,则无法成功注册。为了方便用户注册,当前不对邮箱地址进行验证。 |
|
可以通过用户名、邮箱地址登录各应用平台Portal。EdgeGallery采取单点登录方式(Single Sign On),即多个应用平台共用一个登录认证平台,一次登录就可以访问互相信任的其他应用系统。 |
目前单点登录系统适用于开发者平台(Developer Portal)、应用仓库(Application Store)、管理系统(MEC Manager)、应用测试认证平台(ATP Portal)。 |
|
After users log in to each application platform, they can enter the user center through “My Account”. You can view/modify personal information and modify passwords in the user center. |
目前不支持修改用户名,只能修改邮箱地址。 |
|
如果用户注册时提供了真实有效的邮箱地址(或者在用户中心修改个人信息时提供),当忘记密码时可以通过邮箱地址重置密码以完成密码找回。通过邮箱地址找回密码时需要进行邮箱验证,验证通过后才可以重置密码。 |
只有当EdgeGallery平台开启了邮箱服务才可以通过邮箱地址找回密码 |
|
The guest is a GUEST account built into the system, and it is automatically logged in when visiting the homepage. When a guest logs in, the user can view most of the functions of the system, but cannot create/delete/modify login operations in the system. |
The default user name and password for the visitor is guest/gest. If you want to modify your password when deployed, please modify it by logging in to the database. If you want to disable the GUEST account, delete it directly from the database. |
|
The user management module defaults to a built-in admin user, who acts as the super administrator of the system. Provide the user with a unified user list management function, which can query users, enable/disable users, and set user role permissions. |
When a user is disabled, the user cannot register; the role authority for the disabled user cannot be set. |
|
The system provides a service for sending verification code to a registered mailbox address, which is used for verifying the mailbox. |
Only when the EdgeGallery platform opens the mailbox service to send the verification code to the mailbox |
User Registration¶
用户注册时,除提供必须的用户名外,还可以选择提供邮箱地址。建议填写邮箱地址,便于忘记密码后找回密码时进行验证。
The system will be checked at the time of registration:
The user name must be greater than 6 digits, and whether the username has been registered.
if the mailbox address is provided, checking whether it meets the mailbox address of the format requirement, and checking whether the mailbox address has been registered.
Graphic Digital Validation Code
Single point entry¶
单点登录系统是基于ServiceComb、Spring Security、Oauth2、JWT、Vue等技术实现,采用OAuth2协议的授权码模式(authorization code)。MECM、AppStore、Developer、Atp应用平台作为客户端,与认证服务器user-mgmt-be进行交互,实现单点登陆与单点注销功能。使用Cookie+Session机制实现用户认证鉴权和超时退出功能,使用JWT存储用户基本信息,减轻认证服务器压力。
The processing time of single sign-on and single point cancellation is illustrated by the two application platforms of MECM and AppStore as an example.
User Center¶
After the user logs in to each application platform, it can enter the user centre through “My account number”.
In the user center, the user can check/modify personal information and modify the password.
目前不支持修改用户名,只能修改邮箱地址。
Password back.¶
Get the code back through the e-mail address.¶
The main interprocessing of the password is recovered by the email address after the user has forgotten the password:
The user enters the mailbox address, completes the graphic digital verification, and then requests the verification code.The system determines whether the mailbox address is registered and, if it is registered, sends the verification code to the mailbox.If not registered, the prompt user mailbox address does not exist.
The user inputs the received verification code and the new password, and returns to the login interface after the modification is successful.
Visitor Registration¶
Visitors are a GUEST account built in the system, which is automatically registered when the home page is accessed.
When logging in, the user can see most of the functions of the system, but cannot create/delete/modify the login operation in the system.
The default user name and password for the visitor is guest/gest. If you want to modify your password when deployed, please modify it by logging in to the database. If you want to disable the GUEST account, delete it directly from the database.
User list management¶
The user management module defaults to the built-in admin user as the super administrator of the system.
The system provides a uniform user list management function for the user, which can inquire the user, enable/disable the user and set the user role authority.
(1) When the user is disabled, the user will not be able to log in.
(2) The role permissions of disabled users cannot be set.
Mailbox Verification¶
It is necessary to send the verification code to the mailbox when validating the mailbox address, and it needs to open the mailbox service.
Opening the mailbox service requires modifying the configuration document application.properties under user-mgmt:
[mail.enabled=true] // mailbox service switch, default false
[spring.mail.host=] // mailbox server
[spring.mail.port=] // Mail server sends port of mail
[spring.mail.username=] // Mail sender
[spring.mail.mail.password=] // sender authorization code
