From b1f7315b9a1bcea8b3d75c637eea8adee7f5809a Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sun, 10 Mar 2019 15:43:14 +0200 Subject: Change: update docs, drop unnecessary junk --- README | 53 ++++++++++++++--------------------------------------- 1 file changed, 14 insertions(+), 39 deletions(-) (limited to 'README') diff --git a/README b/README index df234ba..2a9155b 100644 --- a/README +++ b/README @@ -1,28 +1,9 @@ Effireg - the Effi membership register ============================================================================= -This will become a web-based membership register for the Effi -association. - -The current goal is an MVP version that can be demoed at the fall -general meeting. There will be a running demo site, with some dummy -data. It will support the following use cases: - -* Admin can create new members via the API. -* Admin can list all members via the API. -* Admin can search for members (name, email) via the API. -* Admin can view a member's information via the API. -* Admin can update a member's information via the API. -* Admin can set a member's password via the API. -* A member can access the API, but only sees their own information. -* A member can log in via a web browser and see their own information. - -Authentication will be handled by Qvisqve. Any member can -authenticate. Data will be stored in Muck, including authentication -information. A custom facade application will provide the API. A -custom application will provide a server-side rendered front-end. - -The front-end application uses the facade API to access all data. +This will become a web-based membership register for the Effi - +Electronic Frontier Finland association (). It may +some day be useful for others as well. Architecture and documentation ----------------------------------------------------------------------------- @@ -35,11 +16,11 @@ Facade API The facade will have an API like this: -* `GET /search` — search for members -* `GET /memb` — get specific member * `POST /memb` — add a member +* `GET /memb` — get specific member * `PUT /memb` — update a member * `DELETE /memb` — remove a member +* `GET /search` — search for members All operations require an access token from Qvisqve. The Muck header conventions are used for metadata. @@ -53,33 +34,27 @@ A member's information looks like: "hometown": "London" } -(This is known to be insufficient. It's for demo purposes only, for -now. It will change.) - +Actually, currently any JSON object will work, but this will change +eventually. Resource types in Muck ============================================================================= -* `subject` represents a human being whose information is stored in - the system - * contains nothing that isn't needed for authentication -* `password` stores the subject's password - * references `subject` resource id - * contains a salted, scrypt'd password * `member` contains all non-authentication information about an Effi member * references `subject` resource id * contains full name, membership number, home town, email address +There may later be authentication related resources in Muck, but for +now, Qvisqve stores them a different way. + Authentication ----------------------------------------------------------------------------- -For the demo I will create users manually. Later on, Qvisqve will need -to store subjects in Muck. - -For the demo, Muck will be changed to allow a user with the super scope -be able to set the owner of a resource. This is necessary so that admin -can create resources for members, but members can see them. +For the demo I will create subjects in Qvisqve manually. Later on, +Effireg will create subjects itself, and provide a way to generate a +per-subject unique URL which authenticates the subject without a +password. Effectively a password reset link. Legalese -- cgit v1.2.1