Detailed Design Description
<This section contains detailed design documentation of all software components. The content of this section grows iteratively during the sprints. At the end of each sprint, the diagrams shown need to be consistent.>
Deployment Diagram
<Provide a UML deployment diagram showing all physical and virtual nodes used in the system. The diagram must also contain all deployment artifacts used in the system, for instance JAR or WAR files, or web artifacts.>
Design Decisions related to deployment
<Describe all design decisions manifested in the deployment diagram. For instance the choice of operating systems, protocols, distribution of components over sub-systems and the like.>
Design Sub-System Login
<Do not really name the section “Sub-System A”, use a name that describes the responsibility of the sub-system, instead. Provide a section for each sub-system. These sections are iteratively added and refined during the sprints. Examples of sub-systems include Persistent Storage, Business Tier, Web Application, Webservice API. The sub-sections below may be extended if you think this is useful for describing the software design. The sub-sections below are only required for object-oriented sub-systems. Use other means to describe non-OO sub-systems (for instance Javascript modules).>
Design Class Diagram
With this design class diagram you can see the interactions happening between different classes of our program.
The logincontroller makes sure it knows everything that has to do with logging in. The resource sends the requests to the controller and recieves data back from the controller
The resource classes makes uses of the Response interface. This needs to happen, so that the user knows what went wrong.
<Object-oriented sub-systems should be described using a class diagram. If classes or interfaces are used across sub-systems, make sure you mention this in the description of the class diagrams. If your system entails layers, make sure you indicate this in the class diagram, e.g. by means of packages. For each class diagram, make sure you also mention the deployment artifact (from the deployment diagram) it is part of.>
Sequence Diagramsm
<Provide sequence diagrams for major object interactions within the sub-system. It is ok if sequence diagrams cross sub-system boundaries. Make sure you explain this in the description of the diagram. Sequence diagrams must be consistent with the class diagrams described above. Also, if sequence diagrams cover interaction with users, make sure the diagrams are consistent with SDDs you may have documented as part of the SRS.>
Activity and State Diagrams
<This section is optional. If useful, provide activity and/or state diagrams to describe complex work flows and system state transitions>
Design decisions made for the sub-system
<Describe all design decisions made for the sub-system. Provide at least decision descriptions for all frameworks, libraries and other technologies used. Other decisions may be related to software patterns, system-structure, adapted principles or the like.>
Login
Sequence diagram
The user sends a request to the LoginResource class. This LoginResource class sends out a get request to LoginController, to get the name of the user. After that, the LoginController requests the data of the user from the database. This happens in the UserDAO class. As soon as the LoginController recieves the user, the system will check if the password is correct. This password is hashed, so that it is much more secure. If this password is correct, the LoginResource will continue and will send a createToken request for the user, to the LoginController class. This token and a username will be given back to the user, with a 200 response (ok status). If this password is incorrect, then an exception will be thrown to LoginResource and a 403 response will be shown to the client.
Design decisions
Decision | Description |
|---|---|
Problem/Issue | The password can't be seen in the database, so that hackers aren't able to login to other accounts. |
| Decision | Using Argon2, we can hash the passwords of users, so that a hashed password is stored in the database. This prevents hackers from seeing someone elses password. |
| Alternatives | SHA-512, MD5, PBKDF2, BCrypt, and SCrypt (Millington, 2022) |
| Arguments | From an comment in Baeldung (Millington, 2022), I saw Argon2 being suggested. Going to the Supertokens website (Supertokens Team, 2022), I found a tool that detects how safely a password is. With that Supertokens also recommended to use this hashing tool this march, which is quite recent. It uses more resources from your computer, but it makes a stronger password from it. Regterschot Racing required minimum security, that also includes a hashed password. |
Decision | Description |
|---|---|
Problem/Issue | Logincontroller contains both the logic and sends the response |
| Decision | Make a new class loginResource wich is responsible for only sending the response |
| Alternatives | Make a god class |
| Arguments | If one class has to many responsibilities it doesn't obey the SOLID principle (BMC, 2022) |
View Data
The choice has been made to have a method create all required data-objects. These objects contain all data required to show data in a graph. The GenerateGraphData method will first create a new WheelspeedDTO (Data Transfer Object) and WheelspeedDAO (Data Access Object). These objects are then filled with the data that is retrieved from the createGraph method. Next, the objects are sent over to the frontend in JSON-format.
By sending data to the front-end this way, we can ensure expandability in the future. The contents of this diagram can be copied easily, which will make implementations of new graphs a lot easier.
Design Sub-System B (and so on)
…
Database Design
<. If your system uses relational databases, make sure you provide a physical datamodel here.>
Design decisions related to the database
<Describe all design decisions made along the database. This could include the choice of the database management system, the use of certain triggers or stored procedures, special indexes and so on.>