# user-mgmt

**Repository Path**: edgegallery/user-mgmt

## Basic Information

- **Project Name**: user-mgmt
- **Description**: user management back end
- **Primary Language**: Java
- **License**: Apache-2.0
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 38
- **Forks**: 30
- **Created**: 2020-08-17
- **Last Updated**: 2025-02-13

## Categories & Tags

**Categories**: backend

**Tags**: None

## README

# User Management User Management

[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)

The user management module provides the EdgeGallery platform with functions such as user registration and login, password retrieval, account center, user list management, email and mobile phone verification.

## role definition

The user management module defines the user's role and permission model, including:

- **Tenant** Ordinary users in the system can create projects/upload apps and other operations. Data between tenants cannot access each other.

- **Administrator** The system administrator can manage and maintain the application data of the system.

- **Guest** When accessing the Portal directly, the default is the visitor permission, which can only browse the basic functions of each platform, and cannot perform operations such as creating, editing, and deleting.

- **Super administrator** The system has a built-in default user: admin, which is the super administrator of the platform. This user can manage other users, manage all users registered on the platform, deactivate/enable users, and set user permissions.

For newly registered users, the default is "tenant" permission. The "Administrator" privilege can only be obtained by the super administrator admin in the user list management function to escalate the privilege for the tenant.

## Main features
 
  The main features provided by the user management module can be viewed by clicking: [User Management Module Feature Design](http://docs.edgegallery.org/en/latest/Projects/User%20Management/User_Features.html)

## Run User Management service locally

  User Management provides a restful interface to the outside world, is developed based on the open source ServiceComb microservice framework, and integrates the Spring Boot framework. It can directly compile and run microservices locally, which is convenient for users to debug locally.


- ### Environment setup and configuration

  **1. Environment preparation:** The tools to be installed and their download addresses are shown in the table below.

  | Name | Version | Link |
  | ---- | ---- | ---- |
  | OpenJDK1.8 |1.8.0 | [download](http://openjdk.java.net/install/)
  | MavApache Maven |3.6.3 | [download](https://maven.apache.org/download.cgi)
  | IntelliJ IDEA |Community |[download](https://www.jetbrains.com/idea/download/)
  | Servicecomb Service-Center | 1.3.2 | [download](https://servicecomb.apache.org/cn/release/service-center-downloads/)
  | Postgres | 10 or above | [download](https://www.enterprisedb.com/downloads/postgres-postgresql-downloads)
  | Redis | 3.2.100 or above | [download](https://github.com/microsoftarchive/redis/releases) |
  
  **2. Source code download:** Use git clone or download the compressed package to download the User Management source code to the local, the default master branch.
  First, you need to download the dependent parent pom project and compile it:
  ```
  git clone https://gitee.com/edgegallery/eg-parent.git
  mvn install
  ```
  Then download the current User Management project:
  ```
  git clone https://gitee.com/edgegallery/user-mgmt.git
  ```
  
  **3.ServiceCenter configuration:** User Management uses the open source [ServiceComb](https://servicecomb.apache.org/) framework for development, the service will be automatically registered to the specified ServiceCenter when it is started, and the ServiceCenter will provide the service Provides registration and discovery capabilities for other microservices to call.

  Before starting User Management, you need to start ServiceCenter locally.
  
  - First [Download ServiceCenter](https://servicecomb.apache.org/cn/release/service-center-downloads/), such as Windows system, you can choose the [Binary] version of Windows, and decompress it after the download is complete;
  
  - Double-click to run start-service-center.bat and start-frontend.bat to start ServiceCenter and the visualization panel locally, and visit http://127.0.0.1:30103 in the browser for viewing. The default start-up port of ServiceCenter is 30100;
  
  - To run the User Management service locally, you need to add the following environment variables to connect to SC (Service Center):

  ```
    SC_ADDRESS: The address of the connection SC. The default SC running locally is: http://127.0.0.1:30100
  ```
   
  **4.PostgreSQL database configuration:** User Management uses the open source [PostgreSQL](https://www.postgresql.org/) database to store user information, and PostgreSQL needs to be installed first when running locally.
  
  - It is recommended to refer to here [Install and Start PostgreSQL](https://www.runoob.com/postgresql/windows-install-postgresql.html), it is recommended to choose version 9.6 or above;
  
  - Use the file `/src/main/resources/usermgmtdb.sql` to initialize the database table structure;

  - use the file `/src/main/resources/usermgmtdb-data.sql` to initialize the default user information;
  
  - To run the User Management service locally, you need to add the following environment variables to connect to the database:

  ```
    POSTGRES_IP: IP to connect to the database. For the database running locally, generally use the loopback IP: 127.0.0.1

    POSTGRES_PORT: The port to connect to the database. Can not be configured, take the default port 5432
  
    POSTGRES_USERNAME: database username

    POSTGRES_PASSWORD: database password
  ```
  
  **5.Redis database configuration:** User Management uses the Redis database to store graphic verification codes, mobile phone/email verification codes, and Redis needs to be installed first when running locally.
  
  - It is recommended to refer to [Install and Start Redis](https://www.runoob.com/redis/redis-install.html);
  
  - To run the User Management service locally, you need to add the following environment variables to connect to Redis:
  
  ```
    REDIS_IP: The IP to connect to Redis. Redis running locally, generally use the loopback IP: 127.0.0.1

    REDIS_PORT: The port to connect to Redis. Can not be configured, take the default port 6379

    REDIS_PASSWORD: Password for connecting to Redis. If no password is set for Redis, you can leave it unconfigured
  ```

  **6. Client configuration of business platform: ** User Management acts as the Auth Server for single sign-on, and each business platform acts as the Auth Client. For the business platform that needs to run locally, User Management also needs to add configuration information corresponding to the client of the business platform.

  - If the AppStore needs to be run locally, User Management needs to configure the following environment variables:

  ```
    OAUTH_APPSTORE_CLIENT_ID: ClientID of the AppStore business platform, configured as the fixed value appstore-fe. You can also not configure this variable, the default is appstore-fe

    OAUTH_APPSTORE_CLIENT_SECRET: The Client Secret of the AppStore business platform can be defined by yourself, but it should be noted that the Client Secret set when the AppStore business platform is running must be consistent with this one.

    OAUTH_APPSTORE_CLIENT_URL: URL to connect to the AppStore business platform, such as http://x.x.x.x:30091

    OAUTH_APPSTORE_CLIENT_ACCESS_URL: This configuration is a variable defined for the proxy access mode. In normal access mode, it can be consistent with OAUTH_APPSTORE_CLIENT_URL
  ```

  - Similarly, if you want to run Developer, Mecm, ATP and other platforms locally, refer to the above configuration instructions to add the corresponding environment variable configuration. Please refer to the oauth2.clients section in the configuration file /src/main/resources/application.yaml for the name of the environment variable corresponding to each platform.
 
- ### Copy front-end resources

  The current project is the background of User Management, and you need to copy the front-end resources to the resource directory of the background project.

  - Refer to the following link to compile the front-end resources of User Management:
    
    [https://gitee.com/edgegallery/user-mgmt-fe/blob/master/README.md](https://gitee.com/edgegallery/user-mgmt-fe/blob/master/README.md)

  - After the compilation is successful, please copy the contents of the dist directory to the /src/main/resources/static directory of the background project.

- ### run locally

  User Management can be started by running the main function in the /src/main/java/org/edgegallery/user/auth/MainServer.java file.

  After the startup is successful, you can access the User Management interface separately:

    http://x.x.x.x:8067/index.html
  
## Kubernetes environment deployment

  You can also make User Management service as a Docker image and deploy it to run in Linux environment and Kubernetes cluster.

  Please refer to the [helm_charts](https://gitee.com/edgegallery/helm-charts/tree/master/edgegallery) project