CFW User Manager is a demo app for ColdFusion on Wheels. It's meant to be a toolkit for learning or kickstarting a project that requires basic session management and authorization, as well as basic CRUD.
Current version includes the following functionality:
- User registration
- Authentication and authorization
- Basic CRUD for User model
- Password hashing and salting using bCrypt
- Expiring password resets
- Email confirmation
- Basic admin CRUD
- Friendly redirects
- Added some flash messages to
- Simplified authentication logic in the sessions controller.
- Changed bCyrpt object creation to dynamically detect server type. Suggested by James Harvey.
web.configto reduce clutter. If you use IIS, you may want to add either one depending on your version. Grab them from CFWheels repo.
- Fixed typo in
Users.cfcfilters arguments. Adam Chapman
The following are the most recent changes. For a full list of changes, please see the change log
This version requires a new SQL file (included). The following changes have been made:
- Added a new RESTful Confirmations.cfc controller for confirming email addresses.
- Added two columns in the schema: boolean confirmed, and varchar confirmation token.
- Added new SQL file.
- Refactored how tokens are generated now for password resets and confirmations. Using a stripped UUID as generate secret key was causing bad URLs.
- Added an Admin link if the user is signed in as an admin.
- Moved isAthorized method to Controller.cfc so it can be reused by Confirmations.cfc.
- Added new callback to create a confirmation token when the user signs up.
- Removed dead code and email templates left over from version 1.
- Users#index.cfm now shows confirmation status for users.
- Switched all places from using DateFormat() to a custom formatDate(). This makes changing the date format easier as it's in a single place.
- Update to Bootstrap 2.0.
- Remember-me login.
- Upgrade to CFWheels 1.2.
- Create the database using the included SQL file.
- Add the datasource in ColdFusion Admin or Railo.
- This app uses
BCrypt.classfor password hashing. It's included in the
/libdirectory. Make sure it's available to the app. Depending on what you are using (Railo or ColdFusion), see instructions below.
- Setup your email credentials in
/config/settings.cfm. The e-mail functionality is commented out at the moment (optional).
Make sure you include the
/lib folder, which contains
BCrypt.class. BCrypt.class is needed for password encryption. The path is specified in
User.cfc where we create our Java objects. For example:
Add BCrypt.class to ColdFusion Admin. In previous versions you needed to edit
User.cfc to remove the third argument from any calls to
CreateObject() as it was Railo specific. Since version 2.2.3 this is no longer necessary; the app will detect your server automatically and create the object correctly.
Requires ColdFusion 9 or Railo 3+.
I will try to maintain CFW User Manager under the Semantic Versioning guidelines as much as possible (once I've read them, that is).
Releases will be numbered with the follow format:
Please create an issue here on GitHub!