#login #https #warp #user-email

bin+lib login_app_2

Login App version 2 (Authentication) using Warp, HTTPS, Multilingual

1 unstable release

0.1.0 Sep 18, 2020

#15 in #user-email

MIT license

195KB
2.5K SLoC

Rust 2K SLoC // 0.0% comments Handlebars 380 SLoC JavaScript 68 SLoC // 0.1% comments

login_app_2

A login / authentication module is a re-built of its previous login_app.

In this version,
- Warp framework is used to simplify routing (Hyper in previous version)
- https is used
- Multiple Language support is added

Retained,
- SQLite database for storing application data
- Cookie for session management
- MSMTP for sending emails
- Customizable values; as much parameters as possible are put into Settings.toml file rather than being hard coded inside programs.

Goals

Developing with the following goals in mind:

  1. Keep learning (Rust language in particular)
  2. Reusable codes
  3. Cover login related features, forms, or emails, such as:
    a. Registration form
    b. Send a Token to the registered email; expire it after a time limit
    c. Confirmation screens that takes Token as its input
    d. Login form
    e. Forgot Password form
    f. Send a Token, to the registered email; expire it after a time limit
    g. Reset Password form that takes Token and New Passwords as its input
    h. Home page (index page or first page)to show Login, Logout, or Cancellation links

Pre-requisite

  1. Rust installation
  2. MSMTP client installation (please refer file msmtp.md for details)

How to use it

  1. Clone or download this app
  2. Edit Settings.toml file to update names of database folder, log folder, email server details, ip address, etc.
  3. Build an executable file using: $Cargo build --release
  4. Copy the following files / folder into a separate folder, say "~/projects":
    a. target/release/login-app file
    b. resources folder
    c. one toml file: Settings.toml
  5. Edit login_app_2.service for folder names and follow instructions in it to run this app as a service in Linux.
  6. Assuming entries in Settings.toml file for ip-address and port as 127.0.0.1 and 5050, open the web browser and enter url as https://127.0.0.1:5050 (ignore browser may report on invalid certificates as it is for development / testing only; in production real certificates can be used from sources such as letsencrypt.org)
  7. Browser then shows a home page with Login | Registration links, a language selection option.
  8. Click on Registration link to go to Registration page.
  9. Registration page shows fields such as email, password, and repeat-password. Fill them and submit. A confirmation page opens up.
  10. Copy the token sent in an email into this confirmation page OR in case of development environment, goto DB Browser for SQLite (assuming it is already installed in linux machine)...ppen the database file, which is most likely named as login_app.db under /login_app/database folder, open app_user table and locate an entry in it, copy data under token field in it, paste this data into confirmation page.
  11. There is a time limit to enter the token, say 30 seconds, which is customizable in Settings.toml file.
  12. On expiry of the time limit, the registration data is deleted from the database. There are two different checking point on time limit:
    • One on the client side, in javascript and another on the server side, in rust.
    • Client side time limit is used if the browser is open and no input from user within the time limit.
    • Server side time limit is used if the browser is closed.
  13. On submitting valid token, the registration is confirmed.
  14. Go to Login page and try to login with the credentials.
  15. On successful login, an index / home / first page is shown, with user's email id, logout, and cancellation links.
  16. In the event of errors, it remains in the login screen, displaying error as Invalid Credentials!.
  17. In case of forgotten password, go to Login page, click on Forgot Password?.
  18. Enter email-id in the forgot-password form.
  19. On submitting this request, an email is sent with a token. Copy it into next screen, ie. Reset Password Page.
  20. On Reset Password page, enter token, new password, and repeat new password and submit. A status page appears stating success or error. On success, try to login with new password.
  21. For multiple language supports, Comma Separated Value (CSV) files are used.
    • First field in the csv file is reserved for key text, second fields onwards, language texts are entered.
    • Three csv files are used:
      a. dictionaries.csv file is used to support text in html pages,
      b. messages.csv file is used to display application specific messages, and
      c. errors.csv file is used to display application errors

Demo

A demo application can be found at the following linke:
LoginApp2 Demo

License

MIT

Dependencies

~74MB
~1.5M SLoC