diff options
author | Lars Wirzenius <liw@liw.fi> | 2018-11-13 10:49:14 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2018-11-13 10:49:14 +0200 |
commit | 3cc08876371f657466be1e5a02cffeb33391e139 (patch) | |
tree | b3289a2dfcdd275e0f733a85f7017d0a5d9dbdd7 /README | |
download | effi-reg-3cc08876371f657466be1e5a02cffeb33391e139.tar.gz |
Add: initial commit
Diffstat (limited to 'README')
-rw-r--r-- | README | 76 |
1 files changed, 76 insertions, 0 deletions
@@ -0,0 +1,76 @@ +README for Effi membership register +============================================================================= + +This will become a web-based membership register for the Effi +association. + +The current goal is an MVP version that can be demoed at the fall +general meeting. There will be a running demo site, with some dummy +data. It will support the following use cases: + +* Admin can create new members via the API. +* Admin can list all members via the API. +* Admin can search for members (name, email) via the API. +* Admin can view a member's information via the API. +* Admin can update a member's information via the API. +* Admin can set a member's password via the API. +* A member can access the API, but only sees their own information. +* A member can log in via a web browser and see their own information. + +Authentication will be handled by Qvisqve. Any member can +authenticate. Data will be stored in Muck, including authentication +information. A custom facade application will provide the API. A +custom application will provide a server-side rendered front-end. + +The front-end application uses the facade API to access all data. + +Facade API +----------------------------------------------------------------------------- + +The facade will have an API like this: + +* `GET /search` — search for members +* `GET /memb` — get specific member +* `POST /memb` — add a member +* `PUT /memb` — update a member +* `DELETE /memb` — remove a member + +All operations require an access token from Qvisqve. The Muck header +conventions are used for metadata. + +A member's information looks like: + + { + "fullname": "James Bond", + "email": "007@example.com", + "member-number": "7", + "hometown": "London" + } + +(This is known to be insufficient. It's for demo purposes only, for +now. It will change.) + + +Resource types in Muck +============================================================================= + +* `subject` represents a human being whose information is stored in + the system + * contains nothing that isn't needed for authentication +* `password` stores the subject's password + * references `subject` resource id + * contains a salted, scrypt'd password +* `member` contains all non-authentication information about an Effi + member + * references `subject` resource id + * contains full name, membership number, home town, email address + +Authentication +----------------------------------------------------------------------------- + +For the demo I will create users manually. Later on, Qvisqve will need +to store subjects in Muck. + +For the demo, Muck will be changed to allow a user with the super scope +be able to set the owner of a resource. This is necessary so that admin +can create resources for members, but members can see them. |