AuthUR Login Portal Operations

This file is named 000.JPG.

This file is named 001.JPG.

Storybook is a web application that builds and hosts web comics. This is the Comics gallery page.

This file is named 002.JPG.

The Storybook Comic Builder app is launched through a hamburger style menu at the top of the gallery page.

This file is named 003.JPG.

This is the landing page for the Login portal.

This file is named 004.JPG.

Clicking the "Login Options Explained" presents this description of the available Login methods.

This file is named 005.JPG.

The first Login method presented, "Login with Facebook", uses the Facebook Oauth API to validate a user as a Facebook member.

This file is named 006.JPG.

If a user is already logged into Facebook then this FB Login screen will not be displayed before the Welcome screen is shown. If a user has never logged in with the Storybook application Facebook will also request permission to share their email address with the application.

This file is named 007.JPG.

If a user is already logged in to Facebook they will see this screen without the FB Login prompt page having been displayed, or they will see this page as a result of logging in. Notice that this user has not yet made any posts to the application, they have no content. In the Footer at the bottom of the page are two tags. One escapes the Login process while the other, labeled "Next", will take the user into the builder app.

This file is named 008.JPG.

If a user logs back into the Storybook application after they have already uploaded/created a hosted web comic as a Facebook user they will be presented with the Welcome page shown next.

This file is named 009.JPG.

For this demo application we only allow a Facebook user to post/upload one comic at a time, so here we allow the user an option to delete their present content if they wish to make another one. We also provide an option for the user to "Share" their presently hosted webcomic to Facebook.

This file is named 010.JPG.

Notice that there is no "Next" tag in this Footer because the user is not currently allowed to enter the builder.

This file is named 011.JPG.

Here we have returned to the Login Portal landing page.

This file is named 012.JPG.

With the exception of the Sign Up menu entry, all of the Storybook choices require an email address to be provided.

This file is named 013.JPG.

If we provide an email address without a Password for the Log In menu choice as shown here...

This file is named 014.JPG.

Then the Portal will advise us that both an Email and a Password entry are required for this menu choice.

This file is named 015.JPG.

As we might expect, if an unregistered Email and Password are entered...

This file is named 016.JPG.

Then the Portal will inform us that this account does not exist. Similar results, a non-existent account warning, will be displayed for the other Login menu choices if no such account is registered.

This file is named 017.JPG.

Now from the Portal landing page in the Storybook panel let's choose the Sign Up option.

This file is named 018.JPG.

this choice will present the form displayed here to request the user profile data and we can fill it out perhaps as shown here.

This file is named 019.JPG.

The data will be rejected if there is already an account with the requested Email.

This file is named 020.JPG.

Otherwise if the data is all acceptable a new User Profile is created and a verification email will be sent to the user.

This file is named 020a.JPG.

If a newly registered user attempts to login before verifying their email address...

This file is named 020b.JPG.

The login will be refused and the user will be informed that the Email must be verified before they will be allowed to login.

This file is named 021.JPG.

A newly registered user will receive a verification request Email like this one.

This file is named 022.JPG.

If the user replies to the verification Email before it expires, they will be directed to this page which says their Email was verified and they may now login.

This file is named 023.JPG.

If the user does not respond to the Verification Request email before the expire time has lapsed, they will be refused Login and their User profile data will be deleted. As shown here, they will be directed to try the Sign Up procedure again.

This file is named 024.JPG.

Once the User Account data profile is saved and the Email successfully verified we can Login with our newly registered Email and password as shown here.

This file is named 025.JPG.

A successful Log In will bring us to this Portal Exit page where we can continue on to the Srorybook Comic Book Builder application, Log out of the application, Change or profile data, or delete our account.

This file is named 026.JPG.

Next, let's select the Change My Profile Data menu entry.

This file is named 027.JPG.

If we elect to change the User's first name as shown here and then select to Commit Changes...

This file is named 028.JPG.

This screen will be displayed to verify our changes, and if we then select the Exit button...

This file is named 029.JPG.

We will return to the "Dashboard" or Portal exit page where we can see our change in the first name now reflected in the User Profile.

This file is named 030.JPG.

If the user elects to change their Email address as shown here...

This file is named 031.JPG.

A Verify Email request will be sent to the newly specified address. Note again that these verification mailings have a time to live after which they are no longer active.

This file is named 032.JPG.

Further attempts to login to the previous Email...

This file is named 033.JPG.

Will fail with an account does not exist error as shown here.

This file is named 034.JPG.

If the user replies to the Verification request email for the new address before the link expires...

This file is named 035.JPG.

They will be informed of the account status...

This file is named 036.JPG.

And given the opportunity to Login, and now they can use their newly changed Email as shown here...

This file is named 037.JPG.

The new Email is now in the User profile.

This file is named 038.JPG.

As a registered user you may request a Magic Link Login by supplying your Email address.

This file is named 039.JPG.

The Portal will acknowledge your request for the Magic Link as shown here.

This file is named 040.JPG.

And it will send a Magic Link Login to the registered Email.

This file is named 041.JPG.

And if the user selects the Magic Link from the Email they will be logged in as shown here. You may see this concept of the Magic Link Login being used to grant access to resources like documents or other materials for download.

This file is named 042.JPG.

Another method of Login is a One Time Password which is selected with the entry of the registered email address without a Password entry as shown here.

This file is named 043.JPG.

First the Portal will inform the user that an OTP email has been sent.

This file is named 044.JPG.

The OTP email will contain the requested One Time Password with the same time limitations applied for its use.

This file is named 045.JPG.

The OTP from the Email is then used as the Password entry as shown here with One Time Password selected.

This file is named 046.JPG.

And the User is again logged into the Storybook application.

This file is named 047.JPG.

The last selection from the Storybook Login dialog panel is an election to Change Password for a registered user.

It seems unneccessary to ask a user why they might want to change their password, in fact it might be slightly insulting to ask them if they "forgot your password?" If they did then giving them an opportunity to change their user password will address that possibility as well as other potential reasons they might have.

This file is named 048.JPG.

In any case the portal first informs the user that an email has been sent to respond to their request for the change.

This file is named 049.JPG.

The email informs the user that it is a response to a password change request and provides a time limited link for the user to proceed with the change.

This file is named 050.JPG.

Selecting the link from the email will bring the user to this dialog allowing the entry of a new password. This dialog does not require that the new password be different from the present password.

As a matter of interest, the AuthUR login portal does not ever store or save your password, in fact Storybook doesn't actually use the password itself within the portal code. Instead we use what is called a hash value to represent the password, and the hash is a code value that is uniquely generated for every password. But your password can't be stolen from Storybook because we don't have your password.

This file is named 051.JPG.

If the user enters a new password the portal will acknowledge the change and offer the user an opportunity to log in with their new password.

This file is named 052.JPG.

Once again upon a successful Login we are presented with the portal exit page.

This file is named 053.JPG.

The remaining menu slection on the portal exit page allows the deletion of the user account and any associated content through the dialog shown here.

This file is named 054 dumpsession1.JPG.

As an addendum to this AuthUR Operations Manual we have this example display from a dumpsession.php debug utility we wrote up to dump/display the PHP Session variables we used in our code. The debugger code is available in a github repository.

This file is named 055 dumpsession2.JPG.

Finally, as we say in our Emails,

That is all from us, have a nice day!