Between my last post and meeting with our advisors last Thursday, I rewrote our authentication generators to generate random output, made a webapp to generate attendance sessions with associated random authentication key, made verifying the authentication more generic by making it a simple string-comparison between the sent authorization and the session's auth key, and sent some simple JSON to the application. We presented this to our advisors, who asked that we prepare for a demo this Thursday.
Hugo and I spent several days outlining the JSON-based protocol by which the client and app communicate. Hugo also set up a SQLite database to test with before we move on to a MySQL database in the near future. We worked on the client and server over the weekend, and the server now verifies all four types of attendance methods, checks time stamps, logs in, modifies passwords, generates attendance sessions, displays dynamic course data, has test users for our advisors, uses a database table for all relevant data, no longer uses HTML Basic Authentication, and communicates all of this with the client fully using JSON. The server will also display authentication keys for each attendance session, and possibly also attendance logs for each student, before the end of today.
This means that we should be ready for a full demonstration-- the only issue is that some unknown configuration issue with the Tomcat server results in a crash each time a new .WAR file is uploaded, meaning we will simply demo the app on a local server. Less critically, the non-local server is unable to display generated pictures, meaning QR and Pattern authentication are temporarily unusable.
Besides fixing these two issues, I believe that the only tasks that must be completed between now and the user study are now:
- Fix Pattern auth in the client
- Changes necessary after moving to MySQL
- Modifying our SQL create script to auto-generate student accounts
- Writing a script to correlate research IDs with student IDs, for anonymity
- Discovering whether any students are in multiple course
- Generating a course/user junction table using these data and serving user-specific data to the client
- Sending previous attendance data to the client and displaying these data
- Checking Device IDs