Ferreteria/v0.5/login

From Woozle Writes Code

< Ferreteria‎ | v0.5

Revision as of 14:59, 18 March 2022 by htyp>Woozle

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

About

The login feature consists of several filesets:

data (login) - core data and storage I/O classes
dropin (dropins/login) - admin display I/O
status (login/status.php) - login status class
(TBD) - form widgets

Process

There are two major phases of a logged-in session:

1. right after the user has attempted a login: if login is successful, the user's browser is given a session-cookie to use and is then immediately redirected (to clear out the POST input, thus preventing accidental multiple logins) and we go to phase 2.
2. when we need to check the user's session-cookie before we can know whether they're logged in or not (i.e. most of the time)

writing login status

There are two ways the login status can be set: (a) actively logging in, (b) checking authenticity of a requested session

logging in

(Session Native Row)->UserLogin($sUser,$sPass)

→ (Account Feature)->AuthorizeLogin($sUser,$sPass)
- → (Account Storage Row)->AuthorizeLogin($sUser,$sPass)
  - → csLogin::SetSuccess(<success?>, <login name>)

authenticating session

(Session Feature)->UserIsLoggedIn()

→ NativeRow()->UserIsLoggedIn()

reading login status

Example: see code in cMenuLink->FigureIfAuthorized() in tree/items/MenuLink.php

This is called once per object from ftRequiresPermit->OnRunCalculations() in tree/items/traits.php.

Retrieved from "https://wooz.dev/mw/index.php?title=Ferreteria/v0.5/login&oldid=2460"