Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 24 Next »

Introduction:

This document describes the design approach of creating and switching of Managed User’s account

Background:

Jira Issue: https://project-sunbird.atlassian.net/browse/SH-68

https://project-sunbird.atlassian.net/browse/SH-95

Epic: https://project-sunbird.atlassian.net/browse/SH-67

Presently only user having email address or phone number can register and use application.

Problem Statement:

  1. How managed user account can be created.

  2. How to switch between different managed user account and user account.

Key design problems:

  1. How to map actions performed by managed user to his account.
    Telemetry should be mapped with different user ID.

  2. Device ID will be same for user and managed user.

Existing workflow:

User login in to his account and starts using application.



Change request: As part of https://project-sunbird.atlassian.net/browse/SH-68 user should be able to switch and create profiles.

Below is data store in session

 Session object

{
  "cookie": {
    "originalMaxAge": null,
    "expires": null,
    "httpOnly": true,
    "path": "/"
  },
  "auth_redirect_uri": "http://localhost:3000/profile?auth_callback=1",
  "keycloak-token": {
    "access_token": "aJcYtJvbeZmEKMZRSG9jctEb5Vug_nL5aU6O15aT2v6QSGL_nqPfI2ZRdG2At7o9jecCDlg",
    "expires_in": 172795,
    "refresh_expires_in": 172795,
    "refresh_token": "-uc7ElglOgx5YmKm11KepmPQQp7X43yaQYLxYs",
    "token_type": "bearer",
    "id_token": "-hq2iMbBMUPTto1Xi0xDGhXQo1p4FBCExBNcsbJQkjmk4RiOyO_7VlJKMuz0V2tPwLkpoAxroE-O5LZtvbvRxhVyFcdiLl0r_6HAX1gwfZPySPqm4RHDKedLBiU94sCafImeMnhyQVgUm-eK47uveybbinueWyBlTyGszlIkecAKYEaA",
    "not-before-policy": 1565356374,
    "session_state": "682b012d-2466-4d84-98cb-f46cdec4057a",
    "scope": "openid"
  },
  "userId": "95e4942d-cbe8-477d-aebd-ad8e6de4bfc8",
  "roles": [
    "public",
    "CONTENT_REVIEWER",
    "FLAG_REVIEWER",
    "BOOK_CREATOR",
    "REPORT_VIEWER",
    "PUBLIC"
  ],
  "orgs": [
    "ORG_001"
  ],
  "rootOrgId": "ORG_001",
  "rootOrghashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
  "rootOrg": {
    "dateTime": null,
    "preferredLanguage": "English",
    "keys": {
      "signKeys": [
        "5766",
        "5767"
      ],
      "encKeys": [
        "5766",
        "5767"
      ]
    },
    "approvedBy": null,
    "channel": "ROOT_ORG",
    "description": "Andhra State Boardsssssss",
    "updatedDate": "2018-11-28 10:00:08:675+0000",
    "addressId": null,
    "provider": null,
    "locationId": null,
    "orgCode": "sunbird",
    "theme": null,
    "id": "ORG_001",
    "communityId": null,
    "isApproved": null,
    "email": "support_dev@sunbird.org",
    "slug": "sunbird",
    "identifier": "ORG_001",
    "thumbnail": null,
    "orgName": "Sunbird",
    "updatedBy": "1d7b85b0-3502-4536-a846-d3a51fd0aeea",
    "locationIds": [
      "969dd3c1-4e98-4c17-a994-559f2dc70e18"
    ],
    "externalId": null,
    "isRootOrg": true,
    "rootOrgId": "ORG_001",
    "approvedDate": null,
    "imgUrl": null,
    "homeUrl": null,
    "orgTypeId": null,
    "isDefault": true,
    "contactDetail": [
      {
        "phone": "213124234234",
        "email": "test@test.com"
      },
      {
        "phone": "+91213124234234",
        "email": "test1@test.com"
      }
    ],
    "createdDate": null,
    "createdBy": null,
    "parentOrgId": null,
    "hashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
    "noOfMembers": 5,
    "status": 1
  }
}

Solution 1:

Create separate session - 1. User session

2. Managed user session.

Both sessions should reference to each other internally.

It can be handled via 2 different approaches -

  • Creating sub session and adding a pre-fix for all the routes which will generate 2 session ID.

  • Create and maintain 2 session objects referencing to userId

Pros:

Cons:

  1. Maintaining multiple sessions could be cumbersome and lead to errors.

  2. Adding prefix to routes could be extra work.

Solution 2:

Changes references like userid roles and other necessary things in existing session and portal automatically starts to use that.

Things to reinitialise -

  • Telemetry

  • User profile

  • Update UserId in elements in inde.html

Proposed changes to session object

 Proposed changes to session object
{
  "cookie": {
    "originalMaxAge": null,
    "expires": null,
    "httpOnly": true,
    "path": "/"
  },
  "auth_redirect_uri": "http://localhost:3000/profile?auth_callback=1",
  // same parent object session token 
  "keycloak-token": {
    "access_token": "g",
    "expires_in": 172795,
    "refresh_expires_in": 172795,
    "refresh_token": " sss",
    "token_type": "bearer",
    "id_token": "eYEaA",
    "not-before-policy": 1565356374,
    "session_state": "682b012d-2466-4d84-98cb-f46cdec4057a",
    "scope": "openid"
  },
  "userId": "managed user Id",
  "roles": [
    "ROLES",
    "OF",
    "MANAGED ",
    "USER"
  ],
  "orgs": [
    "ORG_001"
  ],
  "rootOrgId": "ORG_001",
  "rootOrghashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
  "rootOrg": {
    "dateTime": null,
    "preferredLanguage": "English",
    "keys": {
      "signKeys": [
        "5766",
        "5767"
      ],
      "encKeys": [
        "5766",
        "5767"
      ]
    },
    "approvedBy": null,
    "channel": "ROOT_ORG",
    "description": "Andhra State Boardsssssss",
    "updatedDate": "2018-11-28 10:00:08:675+0000",
    "addressId": null,
    "provider": null,
    "locationId": null,
    "orgCode": "sunbird",
    "theme": null,
    "id": "ORG_001",
    "communityId": null,
    "isApproved": null,
    "email": "support_dev@sunbird.org",
    "slug": "sunbird",
    "identifier": "ORG_001",
    "thumbnail": null,
    "orgName": "Sunbird",
    "updatedBy": "1d7b85b0-3502-4536-a846-d3a51fd0aeea",
    "locationIds": [
      "969dd3c1-4e98-4c17-a994-559f2dc70e18"
    ],
    "externalId": null,
    "isRootOrg": true,
    "rootOrgId": "ORG_001",
    "approvedDate": null,
    "imgUrl": null,
    "homeUrl": null,
    "orgTypeId": null,
    "isDefault": true,
    "contactDetail": [
      {
        "phone": "213124234234",
        "email": "test@test.com"
      },
      {
        "phone": "+91213124234234",
        "email": "test1@test.com"
      }
    ],
    "createdDate": null,
    "createdBy": null,
    "parentOrgId": null,
    "hashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
    "noOfMembers": 5,
    "status": 1
  },
  parentToken: {
    "auth_redirect_uri": "http://localhost:3000/profile?auth_callback=1",
    "userId": "parent user Id",
    "roles": [
      "public",
      "CONTENT_REVIEWER",
      "FLAG_REVIEWER",
      "BOOK_CREATOR",
      "REPORT_VIEWER",
      "PUBLIC"
    ],
    "orgs": [
      "ORG_001"
    ],
    "rootOrgId": "ORG_001",
    "rootOrghashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
    "rootOrg": {
      "dateTime": null,
      "preferredLanguage": "English",
      "keys": {
        "signKeys": [
          "5766",
          "5767"
        ],
        "encKeys": [
          "5766",
          "5767"
        ]
      },
      "approvedBy": null,
      "channel": "ROOT_ORG",
      "description": "Andhra State Boardsssssss",
      "updatedDate": "2018-11-28 10:00:08:675+0000",
      "addressId": null,
      "provider": null,
      "locationId": null,
      "orgCode": "sunbird",
      "theme": null,
      "id": "ORG_001",
      "communityId": null,
      "isApproved": null,
      "email": "support_dev@sunbird.org",
      "slug": "sunbird",
      "identifier": "ORG_001",
      "thumbnail": null,
      "orgName": "Sunbird",
      "updatedBy": "1d7b85b0-3502-4536-a846-d3a51fd0aeea",
      "locationIds": [
        "969dd3c1-4e98-4c17-a994-559f2dc70e18"
      ],
      "externalId": null,
      "isRootOrg": true,
      "rootOrgId": "ORG_001",
      "approvedDate": null,
      "imgUrl": null,
      "homeUrl": null,
      "orgTypeId": null,
      "isDefault": true,
      "contactDetail": [
        {
          "phone": "213124234234",
          "email": "test@test.com"
        },
        {
          "phone": "+91213124234234",
          "email": "test1@test.com"
        }
      ],
      "createdDate": null,
      "createdBy": null,
      "parentOrgId": null,
      "hashTagId": "b00bc992ef25f1a9a8d63291e20efc8d",
      "noOfMembers": 5,
      "status": 1
    }
  }
}

Pros:

  1. Simple to do.

Cons:

  1. Increasing size of session data.

  2. Managing session data each time when profile is switched.

  3. Session ID remains same for user and managed user profile

Solution 3:

Things to reinitialise -

  • Telemetry

  • User profile

  • Update UserId in elements in index.html

Challenges :

  • Securing switch user API as it can generate token/login any user.

Notes -

2 user ID current user and switching user id should be send.

verifying user id after fetching details

Things to discuss -

  • storing extra session id and mapping it with user ID

  • Cassandra TTL might delete the other mapped data

  • fetch user details should give details of parent if parent exists

  • how to do in mobile

  • No labels