Member Site Development

From Lowell Makes
Jump to navigationJump to search

Member Site Development

This is for capturing the ideas and thoughts of how to build the members website to help the development process

  • Hopefully this can be used as a reference as well to help build a user guide.

Overview

The site is online at here

Purpose

The purpose of this site is to allow members to login and manage their memberships, account balance, and RFID cards. As well as allow administrators to manage access privileges, and monitor usage, and provision new RFID cards.

Basic Features

Development Process

Task List

  • Update User Card Management
    • Add ability to disable/enable cards
    • Add ability to add cards (if user has permission)
    • Add log of users Card Events
  • Add Card Page (accessibly by user of card and admins)
    • Show Card Use Log
    • Allow Editing Details
    • Allow Enable/Disable
    • Show Card Balance (If any)
  • Add card management page for administrator
    • List All Cards
    • Show Specific User Cards
    • Add New Cards
    • Fix Update function
    • Edit Cards
  • Update User Account Page (auth_admin/update_user_account) Bugs
    • Can't update user's name
    • Can't update user's phone
    • Can't update user's company
    • Can't update user's address
  • Create Admin Account Creation Page
    • Allow setting all of User info
    • Upon creation user get special email notifying of account
    • Email link allows user to click to activate account & setup their password
  • Update User Membership Page
    • Show current Memberships
    • Show unused memberships
    • Show expired memberships
  • Add membership management page for administrator
    • List All Memberships
    • Show Memberships of Single User
    • Add Memberships
    • Edit Memberships
  • Add paypal support
    • Allow adding funds to accounts
    • Learn more about PayPal APIs
    • Activate memberships?
  • Make site mobile friendly
    • Use "$this->agent->is_mobile()"
    • Layout views to flow well on a phone

Users

Details on how user data is structured. This is both database schema as well as how users interact with the system. Their primary interface will change based on their group and membership levels.

  • User Data
    • Username
    • Password (salted hash)
    • First/Last Name
    • Email
    • Mailing Address (Optional)
    • Current $$ Balance
  • User Items
    • Cards
    • Memberships
    • Tool Time
    • Purchase Log

Groups

These dictate the level of access the user has to the members website. Anyone can login to the site and generate a user account. At this point they will be a member of Guest, which allow them minimal access. Once promoted to the group

Types

  • Guest
    • This is a basic account with the ability to manage your own profile data
  • Member
    • This is an account that lets you Add Money, Buy memberships, Review your transaction logs, Manage your RFID cards, etc
  • Admin
    • This allows you to review all lower accounts, and perform actions on their behalf (except add money via paypal/etc), or add credits to user accounts
  • Developer
    • This allows you to review more technical aspects of the database/site. Allow any change to any data (except maybe things that break the database)
    • This is protected from all but the site developer/site admin to protect against accidental site damage, but allow fixes to bugs and bug discovery in site.

Guest Features

  • Update User Profile Data
    • Name
    • Email
    • Password
    • Username?

Member Features

  • All Guest Features
  • Access special member site?
  • See transaction logs (money/purchases)
  • Update Cards
    • Set card name
    • Disable Card
  • See card logs (door access/tools/etc)

Admin Features

  • All Member Features
  • Administrate Users
    • Set user groups
    • Update user data
    • Etc
  • Administrate Cards
    • Add new user card
    • Connect cards to users
    • Disable cards
    • Rename cards
  • Administrate Memberships
    • Review all current/past memberships
    • Add new memberships to users account
    • Change memberships start/end date
    • Reset pass memberships (for accidental use/comping)
      • This would be to make a day pass unactivated
  • Admin Items
    • Add new items
    • Update stock status of items
    • Update items
      • Name
      • Description
      • Price

Developer Features

  • All admin features
  • Developer Data

Memberships

We need to keep track of membership data. This will be useful for a history for the user as well as total history for admins. Finally this can be used to determine valid access to doors/equipment.

Types

List of membership types:

  • Day Pass
  • Week Pass
  • Monthly Pass
  • Monthly Full Access
  • Yearly Full Access
  • Etc

Money

We need to keep track of money in a user's account. This allows them to purchase both memberships, time on tools, as well as items from vending machines

RFID Cards

Keeping track of the RFID card information, logs of activities, and ensure the system is secure is the goal of this section

Type / Hardware

  • Mifare?

Security

  • RFID Serial Must be registered in DB
  • Should probably implement OTP hash stored in card
    • Read serial/hash
    • Check DB, if valid card continue
    • Generate new hash from: serial, secret value, last hash, and current timestamp
    • Write new hash to card
    • Read/Verify new hash on card
    • Update DB with new hash
    • Log valid card swipe

Hardware Interfaces

  • Doors
    • Strikeplates
    • Open/Close Sensor?
    • Doorbell?
  • Tools
    • Power Lockout
    • Power Interlocks
      • Dust Capture
      • Power Vent
      • Water Chiller
      • Air assist