User Service
As for the Auth service, all the actions are secured from wrong usage. Some function needs a logged user, or some priviledge. The following actions secure themselves from those mistakes if the authentification is wrongly managed in the API Gateway.
Possible user roles needs to be define as follows: (ADMIN and USER are the default roles, NOT to be touched)
const Roles = ["ADMIN", "USER"];Create a new user account, with USER as the default role.
| Property | Type | Description |
|---|---|---|
username |
String |
Username of the user (Must be Unique) |
password |
String |
Password of the user |
❗Need a user to be logged❗
Will search for all the existing users and get primary information about them.
❗Need a user to be logged❗
Will search for and get information about a specific user. If the logged user seeks to get information about its own account, the function will return all information about his account. Otherwise the function will return only primary information about the searched user.
| Property | Type | Description |
|---|---|---|
username |
String |
Username of the user |
Count the number of users in the database.
❗Need a user to be logged❗
Will change the user's information from his account. The parameters are to be adapted depending to the user information fields. The username can also be changed here, but if so you need to manage UNIQUE property errors. The password is not to be changed here.
| Property | Type | Description |
|---|---|---|
age |
Number |
Username of the user |
| ... | - | To be adapted |
❗Need a user to be logged❗
Ask the old password as a security before changing it. After changing the password and stocking it in the database, all sessions from the logged user will be closed. He will need to login.
| Property | Type | Description |
|---|---|---|
oldPassword |
String |
Old password of the user |
newPassword |
String |
New password for the user |
❗Need a user to be logged ❗❗ Need ADMIN priviledge❗
Will first verify if the user and role exist. Then, as a security, the function will forbid ADMIN priviledge removal if it is the last ADMIN.
Only ADMIN can change roles.
The user who had seen its role changed will need to login, as all his sessions had been closed.
| Property | Type | Description |
|---|---|---|
username |
String |
Username of the user |
role |
String |
New role for the user |
❗Need a user to be logged❗
This function will delete the account of the logged user. His account and all his sessions will be erased from the database.
As a security, the user need to give his password.
| Property | Type | Description |
|---|---|---|
password |
String |
Password of the user |
❗Need a user to be logged ❗❗ Need ADMIN priviledge❗
This function will erase a user account and all his open sessions from the database.
Only ADMIN can delete another user's account.
| Property | Type | Description |
|---|---|---|
username |
String |
Username of the user |
❗Need a user to be logged ❗❗ Need ADMIN priviledge❗
This function will erase all user accounts and sessions from the database, including the one of the logged ADMIN.
As a security, the ADMIN need to give his password.
| Property | Type | Description |
|---|---|---|
password |
String |
Password of the ADMIN |
❗❗INTERNAL Function❗❗
This function is an internal function, creating an ADMIN account if there is not one already in the database. This function is only to be executed when launching the API and Database for the first time.
- Home
- Features
- Install
- Usage
-
Database Functions
- Constructor
- Operations
- Database Errors
- Account Management