Skip to content

AuthenticationModule

Jump to bottom
Hamed Abdollahpour edited this page Sep 28, 2013 · 9 revisions

You can use AuthenticationModule directly and feed user data from:

XML

<users>
    <user id='id1' password='123456' role='admin' />
    <user id='id2' password='234567' role='manager' />
    <user id='id2' password='345678' role='user' />
    ...
</users>

JSON

[
    {"id": "id1", "password": "123456", role:"admin"},
    {"id": "id2", "password": "234567", role:"manager"},
    {"id": "id3", "password": "345678", role:"user"},
    ...
]

TXT (tab character between each column)

id1	123456	admin
id2	234567	manager
id2	345678	user

file, you can extends module class and feed user data from database or other sources.

public class LoginModule extends ir.xweb.module.LoginModule {

    public LoginModule(Manager manager, ModuleInfo info, ModuleParam properties) {
        super(manager, info, properties);
    }

    @Override
    public XWebUser getUser(ServletContext context, String id, String pass) {
         // TODO: Find user in database of any other source that you want,
         // and return null if it's not exist
    }

    @Override
    public String generateUUID(ServletContext context, String userId) {
         // TODO: Generate and store UUID for specific user and then return
         // it (We will use it as cookie to remember login
    }
}

and then you need to add login module to user xweb.xml:

<module>
    <name>login</name>
    <author>Your name</author>
    <class>you.extended.class.name</class>
    <validators>
        <validator require="true" param="action" regex="login|temp_pass|check|logout" />
    </validators>
    <roles>
        <!-- The current user can not login again or create temp_pass -->
        <role param="action" eval="/check|logout/.test(%action%)" value="^[a-z]{1,20}$" />
        <!-- None users can login, check for account or generate temp_pass for login -->
        <role param="action" eval="/login|check|temp_pass/.test(%action%)" value="" />
    </roles>
    <properties>
        <property key='default'>admin@pdroid.org</property>
        <property key='redirect'>login.html</property>
        <property key='check'>(/api.*$)|(.*?\.html)</property>
        <!-- we do not check for index.html and any HTML files that start with _ -->
        <property key='ignore'>index.html|/_.*?.html</property>
    </properties>
</module>
  • default: Default user the we want to use on our system. Default user is very important in XWeb modules. AuthenticationModule do not use default user itself but some other modules that depend on this module (like WikiModule) will use it.
  • redirect: An specific page to redirect to this page when you want to access a resource without authentication.
  • check: Match for all resources that should apply on authentication
  • ignore: Match for all ignore that should ignore from check item.

How to use it with HTML?

You can simply use it with xweb-html5-bootstrap (/en/login.html)

Clone this wiki locally