Initial implementation of Pbench user model and associated APIs in server

[npalaska]

Initial framework to build Pbench user authentication:

This implements 6 basic user APIs

1. Register User:

   • Handles Pbench User registration via JSON request
   • POST /v1/register

     json={
         "username": "username",
         "password": "password",
         "firstName": first_name,
         "lastName": "last_name",
         "email": "user@domain.com"
     }
     

2. Login User

   • Handles user login and returns a valid pbench auth token
   • POST /v1/login

     json={
         "username": "username",
         "password": "password"
     }
     

   • Returns a valid pbench auth token for accessing other APIs.
   • User is allowed to create multiple login requests and thus generating multiple auth tokens,
     however, in the future there will be limit on the number of auth token a user can generate.
   • We plan to maintain an active_tokens table in our db.
   • Each auth token has its own expiry and is associated with a user id.
   • Any subsequent API request will only pass if the auth token in the header is not expired and is present in active_tokens table.

3. Logout User

   • Handles the user logout mechanism.
   • POST /v1/logout

     headers={ 
     Authorization:   Bearer <Pbench authentication token (user received upon login)>
     }
     

   • Deletes the authentication token provided in the headers from the active_tokens table.
   • Once logged out user, can not use the same auth token for other API access.

4. Get User

   • Returns the user's self information that was registered, the username must be provided in the url
   • GET /v1/user/<string:username>

     headers={ 
     Authorization:   Bearer <Pbench authentication token (user received upon login)>
     }
     

   • If the Authorization header does not belong to the username provided in the url, we reject the request unless the Authorization token belongs to the admin user.

5. Delete User

   • An API for a user to delete an account from the pbench database.
   • DELETE /v1/user/<string:username>" headers={
     Authorization: Bearer <Pbench authentication token (user received upon login)>
     }
   • A user can only perform the DELETE action on another account if the presented auth token belongs to an admin user.
   • If the Authorization header does not belong to the username provided in the url, we reject the request unless the Authorization token belongs to the admin user.

6. Update User

   • An API for updating the User registration fields, the username must be provided in the url
   • PUT /v1/user/<string:username>

     Example Json:
     {
         "first_name": "new_name",
         "password": "password",
         ...
     }
     headers={ 
     Authorization:   Bearer <Pbench authentication token (user received upon login)>
     }
     

   • If the Authorization header does not belong to the username provided in the url, we reject the request unless the Authorization token belongs to the admin user.
   • Update is allowed on all the user model fields except registered_on