|
|
|
## Introduction
|
|
|
|
|
|
|
|
The first version of the Schizophrenic login was introduced in the [77abd6aaf31a6cf54824524d2ae93edf95c9f6bb](https://gitlab.cluster.ensisa.uha.fr/devcolis/colis/-/commit/77abd6aaf31a6cf54824524d2ae93edf95c9f6bb) commit.
|
|
|
|
In this version of the schizophrenic login, administrator could change the user they could see the demands of, by inputting their email address in the search bar in the "following packages" menu. However, this required to change the way demands requests were made between the client and the server, prevented administrator from creating demands under another user's account and represented a possible security breach.
|
|
|
|
|
|
|
|
This version of the schizophrenic login was then replaced by it's 2.0 version in the commit [fe51de7207b79ade573cb04c55bf6e244524c740](https://gitlab.cluster.ensisa.uha.fr/devcolis/colis/-/commit/fe51de7207b79ade573cb04c55bf6e244524c740). This version changes the way Schizophrenic login is used : instead of changing the name of the user in the "following packages" menu, administrators can connect to any user's account by inputting their email address, followed by the character `|`, and then the email address of the user they desire to login as.
|
|
|
|
|
|
|
|
## How to use it
|
|
|
|
|
|
|
|
First, you'll need to have the administrator role on your account.
|
|
|
|
If you are an administrator, go to the login page, and type your email address in the email field.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Then add the `|` character after your email address, followed by the email address of the user you want to connect as.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
However, you'll still need to input your own password, to verify that you are the correct user of the administrator account.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
> :warning: The schizophrenic login only works with account that already exist in the application's database (any account that used this application at least once).
|
|
|
|
|
|
|
|
Once connected, you can verify that you are connected to the right account by clicking on the "Profile" button.
|
|
|
|
|
|
|
|
> Demands that are send by or taken by an administrator using the schizophrenic login have an additional badge in the demands panel in the admin tab, and also logs if the schizophrenic login was used to send or take the package, and by who.
|
|
|
|
|
|
|
|
## Code documentation
|
|
|
|
|
|
|
|
The entierety of the Schizophrenic login 2.0 code is located in the [ClientApi.JS](https://gitlab.cluster.ensisa.uha.fr/devcolis/colis/-/blob/staging/server/clientApi/ClientApi.js) file, in the [authenticate function](https://gitlab.cluster.ensisa.uha.fr/devcolis/colis/-/blob/staging/server/clientApi/ClientApi.js#L55).
|
|
|
|
|
|
|
|
The code first verifies the presence of an `|` character; if one is present, the email field is split in two, with the `|` character removed. Then the first email address is used to find if an user with this email address already exist, and if it does, the password is verified.
|
|
|
|
If the second email address is not empty, the code tests if the first email correspond to an administrator account, and if it does, the second email is used for the token. The email address of the administrator account is also added to the token as the `schizophrenicAdmin` field.
|
|
|
|
|
|
|
|
Code pertainning to the logging of the use of the schizophrenic login is done in the [TrackInformation.js](https://gitlab.cluster.ensisa.uha.fr/devcolis/colis/-/blob/staging/client/src/components/TrackInformation/TrackInformation.js#L75), [API.js](https://gitlab.cluster.ensisa.uha.fr/devcolis/colis/-/blob/staging/client/src/utils/API.js#L134) and [DemandsController](https://gitlab.cluster.ensisa.uha.fr/devcolis/colis/-/blob/staging/server/clientApi/controllers/DemandsController.js#L93) files.
|
|
|
|
> Note : The use of the schizophrenic login is only logged when an administrator using it close a door after putting the letter in or taking it. |
|
|
\ No newline at end of file |
