Feature design

Feature Info

Feature Name

Feature description

Design constraints

User Registration

Provide user registration function. In addition to providing the necessary user name when registering, you can also choose to provide your email address and mobile phone number. It is recommended that both of them fill in at least one piece of real information to facilitate verification when the password is retrieved after forgotten.

The user name, mailbox address provided at the time of registration, the cell phone number must be unique and cannot be registered successfully if it already exists.Currently only the Chinese mobile phone number is supported.In order to facilitate user registration, the email address and cell phone number are currently not verified.

Single sign-on

The application platform Portal can be registered by user name, cell phone number or email address.EdgeGallery takes a single sign-on (Single Sign On), which is a platform for multiple applications to share with one login authentication platform, and one login can access other systems of mutual trust.

Currently, the single sign-on system is suitable for the Developer Portal, the Application Store, the Management System (MEC Manager), the Application Test Authentication Platform (ATP Portal), and the Community Laboratory Management Platform (Lab Portal).

User Center

After users log in to each application platform, they can enter the user center through “My Account”. You can view/modify personal information and modify passwords in the user center.

Currently, it is not supported to modify the user name, only the cell phone number and the email address can be modified.

Password recovery

If the user is registered with a real and effective mobile phone number or mailbox address (or provided in the user center to modify the personal information), the password can be reset through the cell phone number or the mailbox address to complete the password when the password is forgotten.the mobile phone verification is required when retrieving the password via the mobile phone number, the mailbox verification is required when the password is recovered via the mailbox address, and the password can be reset after the verification is passed.

Only if the EdgeGallery platform opens the SMS service, you can get the password back through the cell phone number; only when the EdgeGallery platform opens the mailbox service to get the password back through the mailbox address

Guest Registration

The guest is a GUEST account built into the system, and it is automatically logged in when visiting the homepage. When a guest logs in, the user can view most of the functions of the system, but cannot create/delete/modify login operations in the system.

The default user name and password for the visitor is guest/gest. If you want to modify your password when deployed, please modify it by logging in to the database. If you want to disable the GUEST account, delete it directly from the database.

User List Management

The user management module defaults to a built-in admin user, who acts as the super administrator of the system. Provide the user with a unified user list management function, which can query users, enable/disable users, and set user role permissions.

When a user is disabled, the user cannot register; the role authority for the disabled user cannot be set.

Mailbox Verification

The system provides a service for sending verification code to a registered mailbox address, which is used for verifying the mailbox.

Only when the EdgeGallery platform opens the mailbox service to send the verification code to the mailbox

Phone verification

The system provides a service for sending verification code to the registered mobile phone number, which is used for verifying the mobile phone.

It’s only when the EdgeGallery platform opens the message service to send the verification code to the phone.

User Registration

When the user is registered, the mobile phone number and the mailbox address can be provided in addition to the required user name.the mobile phone number and the mailbox address are provided with at least one real information, which is convenient to be verified when the password is recovered after forgetting the password.

The system will be checked at the time of registration:

  1. The user name must be greater than 6 digits, and whether the username has been registered.

  2. if the mailbox address is provided, checking whether it meets the mailbox address of the format requirement, and checking whether the mailbox address has been registered.

  3. if the mobile phone number is provided, checking whether the Chinese mobile phone number is in accordance with the format requirement, and checking whether the mobile phone number has been registered.

  4. Graphic Digital Validation Code

User Registration Process Sequence Diagram

Single point entry

The single sign-on system is implemented based on technology such as ServiceComb, Spring Security, Oauth2, JWT, Vue, and the authorization code mode of the OAuth2 protocol.MECM, AppStore, Developer, Atp, Lab application platform as client interacts with authentication server user-mgmt-be to achieve single sign-on and single sign-on function.using the Cookie + Session mechanism to realize the authentication and overtime withdrawal function of the user, storing the basic information of the user by using the JWT, and reducing the pressure of the authentication server.

The processing time of single sign-on and single point cancellation is illustrated by the two application platforms of MECM and AppStore as an example.

Single sign-on sequence diagram

single sign-on time sequence diagram

User Center

After the user logs in to each application platform, it can enter the user centre through “My account number”.

In the user center, the user can check/modify personal information and modify the password.

Currently, it is not supported to modify the user name, only the cell phone number and the email address can be modified.

Password back.

Get the code back through the e-mail address.

The main interprocessing of the password is recovered by the email address after the user has forgotten the password:

  1. The user enters the mailbox address, completes the graphic digital verification, and then requests the verification code.The system determines whether the mailbox address is registered and, if it is registered, sends the verification code to the mailbox.If not registered, the prompt user mailbox address does not exist.

  2. The user inputs the received verification code and the new password, and returns to the login interface after the modification is successful.

recover the password processing time sequence diagram based on the mailbox address

Get the code back through the cell phone number

the main interactive processing of the password is recovered by the mobile phone number after the user forgets the password:

  1. The user inputs the cell phone number, finishes the graphic digital verification, and then requests the verification code.the system judges whether the mobile phone number is registered, if it is registered, sending the verification code by the mobile phone short message.If there is no registration, the prompt user’s cell phone number does not exist.

  2. The user inputs the received verification code and the new password, and returns to the login interface after the modification is successful.

recover the password processing time sequence diagram according to the cell phone number

Visitor Registration

Visitors are a GUEST account built in the system, which is automatically registered when the home page is accessed.

When logging in, the user can see most of the functions of the system, but cannot create/delete/modify the login operation in the system.

The default user name and password for the visitor is guest/gest. If you want to modify your password when deployed, please modify it by logging in to the database. If you want to disable the GUEST account, delete it directly from the database.

User list management

The user management module defaults to the built-in admin user as the super administrator of the system.

The system provides a uniform user list management function for the user, which can inquire the user, enable/disable the user and set the user role authority.

(1) When the user is disabled, the user will not be able to log in.
(2) The role permissions of disabled users cannot be set.

Mailbox Verification

It is necessary to send the verification code to the mailbox when validating the mailbox address, and it needs to open the mailbox service.

Opening the mailbox service requires modifying the configuration document application.properties under user-mgmt:

[mail.enabled=true] // mailbox service switch, default false

[spring.mail.host=] // mailbox server

[spring.mail.port=] // Mail server sends port of mail

[spring.mail.username=] // Mail sender

[spring.mail.mail.password=] // sender authorization code

Mobile phone verification

When validating the mobile phone number, it needs to send the verification code to the mobile phone via the short message, and the short message service needs to be opened.

The SMS business uses Huawei Cloud News & Short Message Service, and please click here.

Description:
If you have not purchased the SMS service, the mobile phone verification function can be blocked by configuration. The specific steps are as follows:
Configuration file application.properties under user-mgmt, set sms.enabled=false

interface design

User registration interface

User registration interface

Get the password back after you forget your password.

(1) When only the mailbox service is opened, only through the mailbox

(2)When only the short message service is turned on, only the mobile phone can be retrieved

(3)When the mailbox service and short message service are opened at the same time, you can select one

Click on the interface after “Next”, as with the front interface.

User Center Interface

(1) Main interface

(2) Modify Password

User list management interface

(1) Main interface

(2) setting up user roles