2

I am trying to build a sequence diagram where I show that a user can:

  • Log in to an application if their details are correct. If details are correct they are redirected to the main dashboard
  • if the details are incorrect they are redirected to the registration page where their details are then checked to see if a user is already registered under the entered email. If not already registered a user is created and they are redirected to main dashboard
  • if already registered then a "username or password incorrect" message is shown

I am not sure if this is the correct or best way to show registration and login, I feel like the diagram is not reading correctly. Does this explain the scenario well? or is there more I should add to this.

Initial diagram:

enter image description here

Revised following the answer: Does this revised diagram explain the scenario better? enter image description here

Further revised with Nested alt Further revised with nested alt

FINAL Revision enter image description here

Krellex
  • 613
  • 2
  • 7
  • 20
  • Even not looking at the details your diagram is visibly wrong because in your statement there are 3 exclusives cases (ok, nok and not yet registered, nok and already registered) but in your diagram you have 2 consecutive fragments alt having each two cases. So you need one fragment alt with 3 cases, or a first fragment alt with 2 cases and its nok case contains an other fragment alt with 2 cases – bruno Feb 18 '21 at 18:35
  • Thanks for replying! I think I understand what you mean. So for the first alt, I should be showing cases (ok, not ok, not yet registered). How would I show "not ok" and "not yet registered". This part confuses me. If a user enters the wrong details, because they were not found on the database, then an error message will be shown. But this also applies for an unregistered user. If they're not found in the database they need to be registered but how do I show a differentiation between the two? – Krellex Feb 18 '21 at 22:01

1 Answers1

3

This diagram is unfortunately ambiguous and misleading.

  • Login screen sends a message like Redirect to AppDashBoard to the actor. Does this mean that your system just tells the user that he/she should go to AppDashBoard ? In fact, does the actor do anything with the message at all: isn't it your system that will display another windows or another page regardless of what the user is doing? You have to avoid this.
  • More generally, by the book, actors should in principle not appear in a sequence diagram, even if it's a common practice. When you use actors in sequence diagram as explained here, then be at least careful with messages exchanged with the actor. If you have some clear messages that correspond to information content provided to or by the actor, the sequence diagram stays understandable. But otherwise, it's quickly only wishful thinking that has nothing to do with UML semantics.
  • By the way, a minor issue in your diagram: The interaction constraint that guard operands in an alt fragment (e.g. [if user authenticated] ) shall cover the lifeline that should react first, as explained here. In your case this is a minor issue, since we can easily find out that it should be the account database.
  • Finally, if Registration and AppDashBoard are UI elements, it would be helpful to distinguish them from other elements that are not visible to the user. You may for example use a stereotype such as «Boundary», or even more concrete ones like «Dialogue window» or «Webpage» (you may freely define those in an ad-hoc profile).

Not fully clear how you want this scenario to work. I wonder if there would not be a nested alt block.

Edit: your second diagram

You're revised diagram

Your revised diagram is much more understandable: first messages for the user now correspond to feedback made by the UI. Then it shows immediately the interaction between UI elements and classes behind the scene. Finally, it also allows to check robustness (see the wikipedia link: database coordinates application logic behind the scene and it would in the BCE logic be a “controller”, and controller should not speak to actors).

Now, I think you are ready to continue with your modelling and your project.

Some further suggestions

  • I’d put the second alternate in a nested box in the else operand (i.e. the dotted region) of the first one. This makes the relationship clearer.
  • Then I wonder if the user could not anyhow click on "Sign up" instead of starting entering the login information. I wonder if it would not make it much clearer, then, to have two separate (and simpler to read diagrams).
  • Last but not least security experts would advise you never to tell that the user name is ok but password incorrect.

It would then look somewhat like this:

enter image description here

Don't design UI with UML

UML is great! But it's the wrong tool for UI design. It's like typeing text with a hammer on the keyboard: a very simple UI design like here looks terribly complicated in UML.

Design the big picture of the user journey using wireframes, storyboards, or a combination of several techniques and easy-to-understand user flows. This will facilitate discussion with more stakeholders and allow to show much faster the interaction between user-interface elements and the actor. Then, in a separate step you can design in UML the interaction between classes involved. You may prefer to focus on the more difficult interactions and the less obvious ones between boundaries and controls) and not loose too much time for very trivial ones.

Christophe
  • 68,716
  • 7
  • 72
  • 138
  • Thanks for the reply! I think I understand what you're saying. In regards to the Registration and AppDashboard, yes, they are both UI elements (Registration form page & main dashboard UI after log in) Boundary represents a UI screen for input and output. Would you suggest I change Registration, Log in & AppDashboard to boundary? – Krellex Feb 19 '21 at 13:05
  • @ASH indeed, you keep those lifelines and add the «boundary» hint in their title. But you also have to change messages: when you redirect, in fact you probably send a message not to the user but to the UI element, and the UI element will interact with the user. I’m not a fan of this approach, but it’s more accurate and defendable than the current one. – Christophe Feb 19 '21 at 13:12
  • Ah, okay. I will make adjustments. How can I show you my improved version? Should I edit this post and add it alongside my old one or make a new post? Thanks again for the help – Krellex Feb 19 '21 at 13:37
  • @ASH It’s still the same question. I’d suggest to edit it and add a section about the revised diagram (but keep the original untouched). Post a comment here to inform me that you changed it, because I do not actively track changes in the questions – Christophe Feb 19 '21 at 13:43
  • I have posted my edited version of the sequence diagram. Any feedback would be appreciated so much! Thanks in advance. – Krellex Feb 20 '21 at 11:51
  • @ASH yes, this is much more understandable: first messages for the user now correspond to feedback made by the UI. Then it shows immediately the interaction between UI elements and classes behind the scene. Finally, it also allows to check robustness (see the wikipedia link: database coordinates application logic behind the scene and it would in the BCE logic be a “controller”, and controller should not speak to actors). A last thing: I’d put the second alternate in a nested box in the else operand (i.e. the dotted region) of the first one. – Christophe Feb 20 '21 at 14:09
  • Thank you so much for returning! For the nested alternative box. The the top line of the alt box should be in between "Authentication failed" dotted line and "User exist" to make a nested alt box? Auth failed dotted line would appear above the box and User exist inside the box? – Krellex Feb 20 '21 at 14:49
  • @ASH ok, I've added an edit to my answer, including an example of nested fragment. – Christophe Feb 20 '21 at 15:47
  • 1
    That was incredibly well explained. Thank you so much. I will add these adjustments. Would you mind returning here one last time to check my final version if this is not too much to ask? I will leave a comment here again. Thank you so much again! – Krellex Feb 20 '21 at 16:02
  • I have updated and added the new diagram :D I have decided to keep registration. I think I have have implemented the nested alt statement correctly. – Krellex Feb 20 '21 at 16:41
  • @ASH Now it’s perfect ;-) Almost... I now realise that the first dashboard redirection could happen even with a failed login. I’d suggest to put it in the first operand (compartment) of the first alt: redirection only occurs from login to dashboard in case of success. Something similar needs to be done for the registration case. – Christophe Feb 20 '21 at 16:50
  • Ah okay. I thought that anything that happens after the alt block only occurs if the alt block returns true. In this case, if the Login is successful then we are re-directed. If Login is incorrect then we are treated to an error message and not re-directed or is this not the case? – Krellex Feb 20 '21 at 18:23
  • @ASH No, this is not the case: the alt operator allows different alternatives, but what’s before and what’s after is common to all alternatives. The flow won’t just stop, unless the only lifeline that has the initiative afterwards would be killed in one of the alternatives. But this would be tricky, is certainly not good practice, and would deserve a question on stackoverflow to know if it’s even legal ;-) – Christophe Feb 20 '21 at 18:34
  • Ah I see. I feel you are right. I have made the adjustments and uploaded "Final revision" on the post :D Think this should be right now. Thanks for all the help! – Krellex Feb 20 '21 at 18:40
  • I am confused on the inner alt, "2.3.1 Credential invalid!" Is this pertaining to the "Want to register?" – Fritz Jan 04 '23 at 14:35
  • 1
    @fritz The context of the inner alt, is that the authentication did not succeed (outer else). The inner alt has an else clause when the user exist (but authentication previously failed). This is why there is a credential invalid. So no, it’s not related to the “want to register”. That case is relate to the case where the user didn’t exist (and the login previously failed). As said in one of the bullets: this design is a security flaw, since it provides more info than needed to an attacker (if considering a mis-use-case) – Christophe Jan 04 '23 at 19:54
  • I get it now. Registration should not ask if they want to register because that is also a security risk. If someone finds that, if you put a user-id and try to login, and the system asks you if you want to register, it means that the user-id doesn't exist, but if the user-id does exist, the hacker just found someone's user-id! – Fritz Jan 05 '23 at 20:07
  • @Fritz exactly! See also “user enumeration” here: https://redhuntlabs.com/blog/10-most-common-security-issues-found-in-login-functionalities.html/amp – Christophe Jan 05 '23 at 22:41