196 Part II: Developing Intranet Solutions Start No Yes Yes Yes Step = 1? Does email address belong to a user? Get email address Is the request_checksum valid? Is password OK? Get new password from user Store encrypted password Send email to user with an URL that contains: user_id request_checksum step = 2 End Figure 6-6: Flow diagram of the forgotten-password recovery application.
Chapter 6: Central User Management System 195 Login App Forgotten Password App 6 5 4 3 2 1 Authentication Request with Wrong Password Authentication Request Failed Request to Recover from “Forgotten Password” Email with Link to Change Forgotten Password 7 Enter New Password Password Changed Figure 6-5: A user recovering from the forgotten password state. In the following section, I discuss how to design, develop, and test a forgotten- password application that works with our central authentication framework. Designing the forgotten-password recovery application We know what we want the application to do, so now we need a flow diagram of the application, as shown in Figure 6-6. As the flowchart indicates, when the application is starts (Step 1), it gets an e-mail address from the user. If the e-mail address belongs to an existing user, the application sends an e-mail to the user with a URL that has embedded information to allow the user to call the same application. The embedded URL in the e-mail has step=2 set so that the application can determine which step is next. In Step 2 mode, the application verifies that the information supplied with the URL is valid and came from the e-mail sent earlier. It then allows the user to enter a new password. If the new password is acceptable that is, it meets the minimum password size requirement it is encrypted and stored in the database. Now let s look at how you can implement this flow diagram into an application.
Chapter 6: Central User Management System 191 Method Description checkPassword() Checks the user-supplied new password. If the new password is empty, does not match the confirmation password, violates the minimum length limit, or matches the dummy password, it displays the appropriate alert message. change_pwd() This method is called by showScreen() to display the password-change interface. authorize() Checks if the current user is authorized to run the application. Because anyone can run this application, this method uses the isUser() method with a User object called $userObj to return TRUE or FALSE status accordingly. Listing 6-6 shows the user password application user_mngr_passwd.php. Listing 6-6: user_mngr_passwd.php
190 Part II: Developing Intranet Solutions Don t attempt to deactivate the root user or downgrade a root user s type from administrator to standard. This will create a problem since you will not be able to manage users until you manually fix this. Creating a User Password Application Users should be able to change their passwords without the need to inform the user administrator, so the central user management system needs a user password- changing tool. We ll use a user password application called user_mngr_passwd.php. Let s look at the methods implemented in this application. changePassword() is the method used to actually implement the password change, and it: 1. Uses checkPassword() to check the new password against the confirmation password and makes sure they are same. If they are not same, the method shows an alert message. 2. Generates a random two-character salt string to encrypt the new password. 3. Uses $userObj to call the updateUser() method to change the current password with the new password. 4. Displays the success or failure status of the updateUser() operation on the screen. Following are the other methods used in the user password application: Method Description run() Calls the changePasswordDriver() method to change the password. changePasswordDriver() Uses the form variable $step to manage the password-change process. If $step is not set, showScreen() is used to display the password- change request form. If $step is set to 2 in the change request form, changePassword() is used to change the password.
Chapter 6: Central User Management System 189 Figure 6-2: Adding a new user. Figure 6-3: Modifying an existing user. You can delete a user other than the root user at any time. To delete a user, select the username from the drop-down list on the user manager interface, and click the Delete User button. Be warned that the delete operation is irreversible. However, you cannot delete the root user, which is set in the $ROOT_USER variable in the configuration file.
188 Part II: Developing Intranet Solutions To access the user manager application for the first time, you need the admin account created in Chapter 5. When you try to access the user_mngr.phpapplication it will redirect you to the central login application unless you re already logged in. Enter the admin username and password created in Chapter 5. You should now see the main user management interface, as shown in Figure 6-1. Figure 6-1: The user management menu. This menu enables you to add, modify, and delete users in the entire system. To create a new user, click on the Add User button, which displays the interface shown in Figure 6-2. Enter new user information and click on Add User button to create the new user. If you choose to make a new user inactive, the new user cannot log in until you change his account to active. When creating a new user, you don t need to enter the host name part of the username (EMAIL) if the user s host name matches the $DEFAULT_DOMAIN setting specified in the user_mngr.conffile. When you ve added the user, her username (EMAIL) appears in the list of existing users that you can modify or delete. To modify a user, select the username from the drop-down list on the user manager interface (refer to Figure 6-1), click the Modify User button, and change information as needed on the modify-user interface, shown in Figure 6-3.
Chapter 6: Central User Management System 187 $ERRORS[ US ][ UNAUTHORIZED_ACCESS ] = You do not have privilege to access this application. ; $ERRORS[ US ][ INVALID_REQUEST ] = Invalid request. ; $ERRORS[ US ][ USERNAME_MISSING ] = Please enter email as the username. ; $ERRORS[ US ][ PASSWORD1_MISSING ] = Please enter password. ; $ERRORS[ US ][ PASSWORD2_MISSING ] = Please enter confirmation password. ; $ERRORS[ US ][ USER_TYPE_MISSING ] = Please select user type. ; $ERRORS[ US ][ PASSWORD_MISMATCH ] = Passwords do not match. ; $ERRORS[ US ][ PASSWORD_MISMATCH ] = Password and confirmation password do not match. ; $ERRORS[ US ][ INVALID_PASSWORD ] = This password is too short or invalid . ; $ERRORS[ US ][ USER_DELETE_NOT_ALLOWED ] = This (root) user cannot be deleted. ; $ERRORS[ US ][ USER_NOT_FOUND ] = User not found. ; $ERRORS[ US ][ INACTIVE_NOT_OK ] = This (root) user cannot be deactivated. ; $ERRORS[ US ][ OPERATION_NOT_ALLOWED ] = You cannot reduce privilege of a root user. ; ?> Testing the user management application After you ve created class.User.php, user_mngr.php, user_mngr.conf, user_mngr.messages, and user_mngr.errors files in the appropriate directories as configured in user_mngr.conf, you can test the application. In this section, I will assume that the user manager application is installed in the following directory structure and accessible by http://php.evoknow.com/ /user_mngr/apps/ user_mngr.php. (%DOCUMENT_ROOT) +—user_mngr | +—apps | +—templates
186 Part II: Developing Intranet Solutions Configuring user administration application messages Like any other application in our application framework, all user management applications need to have an external message file that contains all the internationalized messages printed from applications. Listing 6-4 shows such a message file, called user_mngr.messages. Listing 6-4: user_mngr.messages Configuring user administration application error messages Again, like any other application in our application framework, all user management applications need to have an external error message file that contains all the internationalized error messages printed from applications. Listing 6-5 shows such an error message file, called user_mngr.errors. Listing 6-5: user_mngr.errors
Chapter 6: Central User Management System 185 require_once user_mngr.errors ; require_once user_mngr.messages ; require_once DB.php ; require_once $APP_FRAMEWORK_DIR . / . constants.php ; require_once $APP_FRAMEWORK_DIR . / . $APPLICATION_CLASS; require_once $APP_FRAMEWORK_DIR . / . $ERROR_HANDLER_CLASS; require_once $APP_FRAMEWORK_DIR . / . $AUTHENTICATION_CLASS; require_once $APP_FRAMEWORK_DIR . / . $DBI_CLASS; require_once $APP_FRAMEWORK_DIR . / . $USER_CLASS; require_once $TEMPLATE_CLASS; $MIN_USERNAME_SIZE= 3; $MIN_PASSWORD_SIZE= 3; $DUMMY_PASSWD = 1234567890 ; $ROOT_USER = kabir@evoknow.com ; $SECRET = 916489; $CHAR_SET = charset=iso-8859-1 ; // Application names $USERMNGR_MNGR = user_mngr.php ; $USERMNGR_FORGOTTEN_APP = user_mngr_forgotten_pwd.php ; $USERMNGR_CHANGE_PWD_APP = user_mngr_passwd.php ; /* ————–START TABLE NAMES ———————- */ $APP_DB_URL = mysql://root:foobar@localhost/auth ; $AUTH_DB_TBL = users ; /* ————–END TABLE NAMES ———————- */ $STATUS_TEMPLATE = usermngr_status.html ; $USERMNGR_MENU_TEMPLATE = usermngr_menu.html ; $USERMNGR_USER_TEMPLATE = usermngr_user_form.html ; $USERMNGR_PWD_REQUEST_TEMPLATE= usermngr_forgotten_pwd.html ; $USERMNGR_PWD_EMAIL_TEMPLATE = usermngr_forgotten_pwd_email.html ; $USERMNGR_PWD_RESET_TEMPLATE = usermngr_pwd_reset.html ; $USERMNGR_PWD_CHANGE_TEMPLATE = usermngr_pwd_change.html ; $ADMINISTRATIVE_USER = 9; $STANDARD_USER = 1; $USER_TYPE = array( 9 => Administrator , 1 => Standard User ); ?> Make sure you change this file to adjust the file and directory path information as needed.
184 Part II: Developing Intranet Solutions Listing 6-3 shows the configuration file (user_mngr.conf). Listing 6-3: user_mngr.conf