Temporary Git with Kripa's UI changes: https://github.com/ZhenmeiOng/temp-repo/tree/kripa
Front-End: React Back-End: Node.js/Express.js
- clone this repository
- cd to
custosdirectory npm start
- cd to 'backend' directory
- 'node server.js'
- Press Log in Button
- Log in to CILogon through GT or another institution
- You will arrive at a user details screen with your name and email
- An Add Content button is accessible to access the Backend API Server
Custos authentication occurs when the user clicks the log in button on the front page. This authentication logic occurs in authLogin.tsx and is done with a library ("react-oauth2-code-pkce") The library calls the /authorize endpoint and redirects to CILogon for secure log-in. After logging in, the /token endpoint is called and a token is provided to allow for authorized actions.
Access control is based on the GBAC model. After authenticating the user, a main details page is presented with the user's name and email. An "Add Content" button is also there. This "Add Content" button involves the backend server API and the access control. To add content, the front-end sends a api request to the backend for a response with success. To send the api call, the user's groups are checked by calling the /userinfo endpoint. This provides the user's groups and scopes. If the user is in the group "Adminsss", they are able to add content; however, if not, they are told they do not have access to the it.
There are two demonstrations in the video.
-
- First part demonstrates the user(admin) trying to add content without having the server running.
- This will shows an error message saying "Failed to connect to server"
-
- Second part demonstrates a non-admin user trying to add content. (but with server running in the background)
- This will shows error message saying "You do not have access to the control"