authd/src/user.cr

require "json"

require "uuid"

require "./token.cr"

class AuthD::User
	include JSON::Serializable

	enum PermissionLevel
		None
		Read
		Edit
		Admin

		def to_json(o)
			to_s.downcase.to_json o
		end
	end

	class Contact
		include JSON::Serializable

		# the activation key is removed once the user is validated
		property activation_key : String?
		property email          : String?
		property phone          : String?

		def initialize(@email = nil, @phone = nil)
			@activation_key = UUID.random.to_s
		end
	end

	# Public.
	property login         : String
	property uid           : Int32
	property profile       : Hash(String, JSON::Any)?

	# Private.
	property contact              : Contact
	property password_hash        : String
	property password_renew_key   : String?
	# service => resource => permission level
	property permissions          : Hash(String, Hash(String, PermissionLevel))
	property configuration        : Hash(String, Hash(String, JSON::Any))
	property date_last_connection : Time? = nil
	property date_registration    : Time? = nil

	def to_token
		Token.new @login, @uid
	end

	def initialize(@uid, @login, @password_hash)
		@contact       = Contact.new
		@permissions   = Hash(String, Hash(String, PermissionLevel)).new
		@configuration = Hash(String, Hash(String, JSON::Any)).new
	end

	class Public
		include JSON::Serializable

		property login   : String
		property uid     : Int32
		property profile : Hash(String, JSON::Any)?

		property date_registration : Time?

		def initialize(@uid, @login, @profile, @date_registration)
		end
	end

	def to_public : Public
		Public.new @uid, @login, @profile, @date_registration
	end
end
WIP Passwd#mod_user 2019-05-29 15:30:23 +02:00			`require "json"`

User contact activation done. 2020-01-22 14:43:58 +01:00			`require "uuid"`

Major update that includes various breaking changes. - backend is now a DODB::DataBase, not a passwd and group file anymore. - extras have been removed. A WIP User#profile field exists, that can be a JSON::Any. No profile validation has been implemented as of this commit. - authd now provides permission over resources, which is more precise than checking whether a user is part of a group. - permissions are now checked through authd once again: tokens don’t hold permissions anymore. - tokens are now minimal authentication “keys” to prove who you are and nothing more. 2019-12-15 23:38:49 +01:00			`require "./token.cr"`

			`class AuthD::User`
			`include JSON::Serializable`

			`enum PermissionLevel`
			`None`
			`Read`
			`Edit`
			`Admin`

			`def to_json(o)`
			`to_s.downcase.to_json o`
			`end`
			`end`

Contact informations. 2020-01-22 01:55:57 +01:00			`class Contact`
			`include JSON::Serializable`

User contact activation done. 2020-01-22 14:43:58 +01:00			`# the activation key is removed once the user is validated`
			`property activation_key : String?`
			`property email : String?`
			`property phone : String?`
Contact informations. 2020-01-22 01:55:57 +01:00
			`def initialize(@email = nil, @phone = nil)`
User contact activation done. 2020-01-22 14:43:58 +01:00			`@activation_key = UUID.random.to_s`
Contact informations. 2020-01-22 01:55:57 +01:00			`end`
			`end`

Major update that includes various breaking changes. - backend is now a DODB::DataBase, not a passwd and group file anymore. - extras have been removed. A WIP User#profile field exists, that can be a JSON::Any. No profile validation has been implemented as of this commit. - authd now provides permission over resources, which is more precise than checking whether a user is part of a group. - permissions are now checked through authd once again: tokens don’t hold permissions anymore. - tokens are now minimal authentication “keys” to prove who you are and nothing more. 2019-12-15 23:38:49 +01:00			`# Public.`
			`property login : String`
			`property uid : Int32`
Profile edition overhauls, RO profile properties. 2020-08-10 23:45:44 +02:00			`property profile : Hash(String, JSON::Any)?`
Major update that includes various breaking changes. - backend is now a DODB::DataBase, not a passwd and group file anymore. - extras have been removed. A WIP User#profile field exists, that can be a JSON::Any. No profile validation has been implemented as of this commit. - authd now provides permission over resources, which is more precise than checking whether a user is part of a group. - permissions are now checked through authd once again: tokens don’t hold permissions anymore. - tokens are now minimal authentication “keys” to prove who you are and nothing more. 2019-12-15 23:38:49 +01:00
			`# Private.`
Recording user registration and last connection dates. 2020-03-23 06:54:45 +01:00			`property contact : Contact`
			`property password_hash : String`
			`property password_renew_key : String?`
Contact informations. 2020-01-22 01:55:57 +01:00			`# service => resource => permission level`
Recording user registration and last connection dates. 2020-03-23 06:54:45 +01:00			`property permissions : Hash(String, Hash(String, PermissionLevel))`
			`property configuration : Hash(String, Hash(String, JSON::Any))`
			`property date_last_connection : Time? = nil`
			`property date_registration : Time? = nil`
Major update that includes various breaking changes. - backend is now a DODB::DataBase, not a passwd and group file anymore. - extras have been removed. A WIP User#profile field exists, that can be a JSON::Any. No profile validation has been implemented as of this commit. - authd now provides permission over resources, which is more precise than checking whether a user is part of a group. - permissions are now checked through authd once again: tokens don’t hold permissions anymore. - tokens are now minimal authentication “keys” to prove who you are and nothing more. 2019-12-15 23:38:49 +01:00
			`def to_token`
			`Token.new @login, @uid`
			`end`

			`def initialize(@uid, @login, @password_hash)`
Contact informations. 2020-01-22 01:55:57 +01:00			`@contact = Contact.new`
Major update that includes various breaking changes. - backend is now a DODB::DataBase, not a passwd and group file anymore. - extras have been removed. A WIP User#profile field exists, that can be a JSON::Any. No profile validation has been implemented as of this commit. - authd now provides permission over resources, which is more precise than checking whether a user is part of a group. - permissions are now checked through authd once again: tokens don’t hold permissions anymore. - tokens are now minimal authentication “keys” to prove who you are and nothing more. 2019-12-15 23:38:49 +01:00			`@permissions = Hash(String, Hash(String, PermissionLevel)).new`
			`@configuration = Hash(String, Hash(String, JSON::Any)).new`
			`end`

			`class Public`
			`include JSON::Serializable`

			`property login : String`
			`property uid : Int32`
Profile edition overhauls, RO profile properties. 2020-08-10 23:45:44 +02:00			`property profile : Hash(String, JSON::Any)?`
Major update that includes various breaking changes. - backend is now a DODB::DataBase, not a passwd and group file anymore. - extras have been removed. A WIP User#profile field exists, that can be a JSON::Any. No profile validation has been implemented as of this commit. - authd now provides permission over resources, which is more precise than checking whether a user is part of a group. - permissions are now checked through authd once again: tokens don’t hold permissions anymore. - tokens are now minimal authentication “keys” to prove who you are and nothing more. 2019-12-15 23:38:49 +01:00
Registration dates sent to clients on GetUser and similar. 2020-04-15 11:39:34 +02:00			`property date_registration : Time?`

			`def initialize(@uid, @login, @profile, @date_registration)`
Major update that includes various breaking changes. - backend is now a DODB::DataBase, not a passwd and group file anymore. - extras have been removed. A WIP User#profile field exists, that can be a JSON::Any. No profile validation has been implemented as of this commit. - authd now provides permission over resources, which is more precise than checking whether a user is part of a group. - permissions are now checked through authd once again: tokens don’t hold permissions anymore. - tokens are now minimal authentication “keys” to prove who you are and nothing more. 2019-12-15 23:38:49 +01:00			`end`
password_hash is masked in server responses. 2019-06-29 03:55:40 +02:00			`end`

Major update that includes various breaking changes. - backend is now a DODB::DataBase, not a passwd and group file anymore. - extras have been removed. A WIP User#profile field exists, that can be a JSON::Any. No profile validation has been implemented as of this commit. - authd now provides permission over resources, which is more precise than checking whether a user is part of a group. - permissions are now checked through authd once again: tokens don’t hold permissions anymore. - tokens are now minimal authentication “keys” to prove who you are and nothing more. 2019-12-15 23:38:49 +01:00			`def to_public : Public`
Registration dates sent to clients on GetUser and similar. 2020-04-15 11:39:34 +02:00			`Public.new @uid, @login, @profile, @date_registration`
Various. - JWT key can be set from command-line (through a file). - User class split to a separate file to allow use by other tools. - Minor style changes. 2018-09-22 21:23:50 +02:00			`end`
			`end`