Ferreteria/v0.5/login: Difference between revisions
< Ferreteria | v0.5
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 6: | Line 6: | ||
* (TBD) - form widgets | * (TBD) - form widgets | ||
==Process== | ==Process== | ||
There are two major phases of a logged-in session: | |||
===logging in=== | * 1. right after the user has attempted a login: if login is successful, the user's browser is given a session-cookie to use and is then immediately redirected (to clear out the POST input, thus preventing accidental multiple logins) and we go to phase 2. | ||
* 2. when we need to check the user's session-cookie before we can know whether they're logged in or not (i.e. most of the time) | |||
===writing login status=== | |||
There are two ways the login status can be set: (a) actively logging in, (b) checking authenticity of a requested session | |||
====logging in==== | |||
(Session Native Row)<code>->UserLogin($sUser,$sPass)</code> | (Session Native Row)<code>->UserLogin($sUser,$sPass)</code> | ||
* → (Account Feature)<code>->AuthorizeLogin($sUser,$sPass)</code> | * → (Account Feature)<code>->AuthorizeLogin($sUser,$sPass)</code> | ||
** → (Account Storage Row)<code>->AuthorizeLogin($sUser,$sPass)</code> | ** → (Account Storage Row)<code>->AuthorizeLogin($sUser,$sPass)</code> | ||
*** → csLogin::SetSuccess({{arg|success?}}, {{arg|login name}}) | |||
====authenticating session==== | |||
(Session Feature)<code>->UserIsLoggedIn()</code> | (Session Feature)<code>->UserIsLoggedIn()</code> | ||
* → <code>NativeRow()->UserIsLoggedIn()</code> | * → <code>NativeRow()->UserIsLoggedIn()</code> | ||
=== | |||
Example: <code>cMenuLink->FigureIfAuthorized()</code> in {{l/ferreteria/code|tree/items/MenuLink.php}} | ===reading login status=== | ||
Example: see code in <code>cMenuLink->FigureIfAuthorized()</code> in {{l/ferreteria/code|tree/items/MenuLink.php}} | |||
* This is called once per object from <code>ftRequiresPermit->OnRunCalculations()</code> in {{l/ferreteria/code|tree/items/traits.php}}. | * This is called once per object from <code>ftRequiresPermit->OnRunCalculations()</code> in {{l/ferreteria/code|tree/items/traits.php}}. | ||
Revision as of 14:59, 18 March 2022
About
The login feature consists of several filesets:
- data (login) - core data and storage I/O classes
- dropin (dropins/login) - admin display I/O
- status (login/status.php) - login status class
- (TBD) - form widgets
Process
There are two major phases of a logged-in session:
- 1. right after the user has attempted a login: if login is successful, the user's browser is given a session-cookie to use and is then immediately redirected (to clear out the POST input, thus preventing accidental multiple logins) and we go to phase 2.
- 2. when we need to check the user's session-cookie before we can know whether they're logged in or not (i.e. most of the time)
writing login status
There are two ways the login status can be set: (a) actively logging in, (b) checking authenticity of a requested session
logging in
(Session Native Row)->UserLogin($sUser,$sPass)
- → (Account Feature)
->AuthorizeLogin($sUser,$sPass)- → (Account Storage Row)
->AuthorizeLogin($sUser,$sPass)- → csLogin::SetSuccess(<success?>, <login name>)
- → (Account Storage Row)
authenticating session
(Session Feature)->UserIsLoggedIn()
- →
NativeRow()->UserIsLoggedIn()
reading login status
Example: see code in cMenuLink->FigureIfAuthorized() in tree/items/MenuLink.php
- This is called once per object from
ftRequiresPermit->OnRunCalculations()in tree/items/traits.php.