1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
README for Effi membership register
=============================================================================
This will become a web-based membership register for the Effi
association.
The current goal is an MVP version that can be demoed at the fall
general meeting. There will be a running demo site, with some dummy
data. It will support the following use cases:
* Admin can create new members via the API.
* Admin can list all members via the API.
* Admin can search for members (name, email) via the API.
* Admin can view a member's information via the API.
* Admin can update a member's information via the API.
* Admin can set a member's password via the API.
* A member can access the API, but only sees their own information.
* A member can log in via a web browser and see their own information.
Authentication will be handled by Qvisqve. Any member can
authenticate. Data will be stored in Muck, including authentication
information. A custom facade application will provide the API. A
custom application will provide a server-side rendered front-end.
The front-end application uses the facade API to access all data.
Facade API
-----------------------------------------------------------------------------
The facade will have an API like this:
* `GET /search` — search for members
* `GET /memb` — get specific member
* `POST /memb` — add a member
* `PUT /memb` — update a member
* `DELETE /memb` — remove a member
All operations require an access token from Qvisqve. The Muck header
conventions are used for metadata.
A member's information looks like:
{
"fullname": "James Bond",
"email": "007@example.com",
"member-number": "7",
"hometown": "London"
}
(This is known to be insufficient. It's for demo purposes only, for
now. It will change.)
Resource types in Muck
=============================================================================
* `subject` represents a human being whose information is stored in
the system
* contains nothing that isn't needed for authentication
* `password` stores the subject's password
* references `subject` resource id
* contains a salted, scrypt'd password
* `member` contains all non-authentication information about an Effi
member
* references `subject` resource id
* contains full name, membership number, home town, email address
Authentication
-----------------------------------------------------------------------------
For the demo I will create users manually. Later on, Qvisqve will need
to store subjects in Muck.
For the demo, Muck will be changed to allow a user with the super scope
be able to set the owner of a resource. This is necessary so that admin
can create resources for members, but members can see them.
|