-
Notifications
You must be signed in to change notification settings - Fork 6
Class: Security
The Security has one sole purpose, to manage the authentication and authenticate a requesting User.
| Name | Description |
|---|---|
| authenticate_and_authorize | Authentications and authorizes the requesting users token and permissions. |
Authenticates that a User has a valid token for the Users session, and therefore has access to perform Dashboard tasks. Also authorises that the given User has specific Role based permissions to execute specific Dashboard actions (e.g; adding a new Blog, registering a User).
Parameters
token - The token for the User being evaluated.
request - The Dashboard action the User is attempting to perform.
token-table - The CMS-specific table name for the Token table.
user-table - The CMS-specific table name for the User table.
role-table - The CMS-specific table name for the Role table.
Returns
user_info - A result set of information about the requesting User.
Throws
invalidToken - Token provided does not exist in Token table.
invalidTokenNoExpiration - Token provided does not have expiration time set in Token table.
expiredToken - Token provided has expired in Token table.
tokenHasNoUser - Token provided is not associated with any existing User.
invalidUserAssociatedWithToken - Token provided mismatches Users in Token and User table.
userHasNoRole - The User associated with the Token provided does not have a Role assigned.
invalidRoleAssociatedWithUser - The Role assigned to the User does not match a Role within the Role table.
roleHasNoPermissions - The Role assigned to the User does not have any permissions assigned.
notAuthorizedForRequest - The Role assigned to the User does not have permission to perform the requested action.