User Management Documentation

User Controller

The User Controller handles all user-related actions and functionalities:

• Add New Users: Provides functionality to register new users through the `create_account` and `do_create_account` methods.
• Login: Facilitates user login, validating credentials and starting a session using `login` and `do_login` methods.
• Logout: Ends the user session, securely logging them out (not currently implemented).
• Edit User Profile: Enables users to update their personal information through `edit_user` and `do_edit_user` methods.
• List Users: Displays a list of all users using the `list_users` method.

Controller Methods

• base: Captures the base path for user-related actions.
• login: Displays the login form and stores referrer URL and form data in the session.
• do_login: Authenticates the user by checking the username and password against the database.
• create_account: Displays the account creation form.
• do_create_account: Handles the creation of a new user, including password hashing and email notification.
• list_users: Retrieves and displays a list of all users.
• edit_user: Retrieves a user's data for editing.
• do_edit_user: Updates a user's information in the database.
• register: Displays the registration form.

User Model

The User Model represents the user data and business logic:

• User Account Creation: Manages the creation and validation of new user accounts through the `create_user` method.
• Password Hashing: Ensures that user passwords are securely hashed before storage using the `hash_password` method.
• User Data Retrieval: Provides methods to retrieve user data from the database.
• User Data Update: Handles updates to existing user information.

Templates

• user/login.tt: Template for the login form.
• user/register.tt: Template for the registration form.
• user/create_account.tt: Template for creating a new account.
• user/index.tt: Template for displaying the user index page.
• user/list_users.tt: Template for listing all users.
• user/edit_user.tt: Template for editing user information.

TODO List

• Email Verification: Implement email verification for new user registrations to enhance security.
• Error Handling: Improve error handling to provide more informative feedback to users when operations fail.
• Logout Functionality: Implement a method to handle user logout and session termination.
• Role Management: Enhance role management to allow dynamic role assignment and modification.
• Security Enhancements: Review and improve security measures, such as password policies and session management.

Back to top