Roles largely correspond to the functional areas of the service. There are roles for DataEntry, Research, PracticeAdmin, and SiteAdmin. An additional role, Physician, has all the rights of DataEntry + Research.
Users are entered with an email address that must be validated by a confirmation email before the user is activated. Changing a user name must always result in a change to the user’s email address, and must be confirmed by an email message. Therefore, if a user changes their name they must be disabled until a new confirmation message is sent and accepted.
When a username changes, an email is sent to the previous address indicating that it has been disabled from DiaTrack usage.
Authorization is performed using an ASP.NET authorization database in SQL Server 2005. This database encrypts passwords in a manner such that it is not possible to decrypt them. The administrative users of the site cannot find out what a password is. If a user forgets their password there are 2 alternatives. Either they can be sent their current password in an email message, or their password can be reset to some random value and then emailed. In either case, the user must receive an email with their password.
There are un-enforced relationships between the authorization database and the DiaTrack database. Investigate the possibility of putting the authorization functions into the DiaTrack database. One complication is that the ISP only allows 2 databases at our price level.