From 5ca882d70e65f663b6fceaccd9a85ff3705a7fb2 Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 19 Jan 2023 06:33:29 +0900 Subject: [PATCH 01/11] docs: fix Note format --- docs/quickstart.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/quickstart.md b/docs/quickstart.md index c5b039625..29485f998 100644 --- a/docs/quickstart.md +++ b/docs/quickstart.md @@ -2,7 +2,7 @@ Learning any new authentication system can be difficult, especially as they get more flexible and sophisticated. This guide is intended to provide short examples for common actions you'll take when working with Shield. It is not intended to be the exhaustive documentation for each section. That's better handled through the area-specific doc files. -NOTE: The examples assume that you have run the setup script and that you have copies of the `Auth` and `AuthGroups` config files in your application's `app/Config` folder. +> **Note** The examples assume that you have run the setup script and that you have copies of the `Auth` and `AuthGroups` config files in your application's `app/Config` folder. - [Quick Start Guide](#quick-start-guide) - [Authentication Flow](#authentication-flow) @@ -43,7 +43,7 @@ public array $redirects = [ ]; ``` -NOTE: This redirect happens after the specified action is complete. In the case of register or login, it might not happen immediately. For example, if you have any Auth Actions specified, they will be redirected when those actions are completed successfully. If no Auth Actions are specified, they will be redirected immediately after registration or login. +> **Note** This redirect happens after the specified action is complete. In the case of register or login, it might not happen immediately. For example, if you have any Auth Actions specified, they will be redirected when those actions are completed successfully. If no Auth Actions are specified, they will be redirected immediately after registration or login. ### Customize register redirect @@ -327,7 +327,7 @@ $users = model('UserModel'); $users->delete($user->id, true); ``` -NOTE: The User rows use [soft deletes](https://codeigniter.com/user_guide/models/model.html#usesoftdeletes) so they are not actually deleted from the database unless the second parameter is `true`, like above. +> **Note** The User rows use [soft deletes](https://codeigniter.com/user_guide/models/model.html#usesoftdeletes) so they are not actually deleted from the database unless the second parameter is `true`, like above. ### Editing A User From 2a9391086d2a9846b3db2a6486f3cea75f1545fe Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 19 Jan 2023 06:45:51 +0900 Subject: [PATCH 02/11] docs: move sections for customization to customization.md --- docs/customization.md | 44 ++++++++++++++++++++++++++++++++++++++ docs/quickstart.md | 49 ++++--------------------------------------- 2 files changed, 48 insertions(+), 45 deletions(-) diff --git a/docs/customization.md b/docs/customization.md index d2f865f1c..254fba664 100644 --- a/docs/customization.md +++ b/docs/customization.md @@ -3,6 +3,9 @@ - [Customizing Shield](#customizing-shield) - [Route Configuration](#route-configuration) - [Custom Redirect URLs](#custom-redirect-urls) + - [Customize login redirect](#customize-login-redirect) + - [Customize register redirect](#customize-register-redirect) + - [Customize logout redirect](#customize-logout-redirect) - [Extending the Controllers](#extending-the-controllers) - [Integrating Custom View Libraries](#integrating-custom-view-libraries) - [Custom Validation Rules](#custom-validation-rules) @@ -37,6 +40,21 @@ public array $redirects = [ ]; ``` +### Customize login redirect + +You can further customize where a user is redirected to on login with the `loginRedirect()` method of the `Auth` config file. This is handy if you want to redirect based on user group or other criteria. + +```php +public function loginRedirect(): string +{ + $url = auth()->user()->inGroup('admin') + ? '/admin' + : setting('Auth.redirects')['login']; + + return $this->getUrl($url); +} +``` + Oftentimes, you will want to have different redirects for different user groups. A simple example might be that you want admins redirected to `/admin` while all other groups redirect to `/`. The `Auth` config file also includes methods that you can add additional logic to in order to @@ -55,6 +73,32 @@ public function loginRedirect(): string } ``` +### Customize register redirect + +You can customize where a user is redirected to after registration in the `registerRedirect` method of the `Auth` config file. + +```php +public function registerRedirect(): string +{ + $url = setting('Auth.redirects')['register']; + + return $this->getUrl($url); +} +``` + +### Customize logout redirect + +The logout redirect can also be overridden by the `logoutRedirect` method of the `Auth` config file. This will not be used as often as login and register, but you might find the need. For example, if you programatically logged a user out you might want to take them to a page that specifies why they were logged out. Otherwise, you might take them to the home page or even the login page. + +```php +public function logoutRedirect(): string +{ + $url = setting('Auth.redirects')['logout']; + + return $this->getUrl($url); +} +``` + ## Extending the Controllers Shield has the following controllers that can be extended to handle diff --git a/docs/quickstart.md b/docs/quickstart.md index 29485f998..9bc50e971 100644 --- a/docs/quickstart.md +++ b/docs/quickstart.md @@ -6,9 +6,7 @@ Learning any new authentication system can be difficult, especially as they get - [Quick Start Guide](#quick-start-guide) - [Authentication Flow](#authentication-flow) - - [Customize register redirect](#customize-register-redirect) - - [Customize login redirect](#customize-login-redirect) - - [Customize logout redirect](#customize-logout-redirect) + - [Configure Redirect URLs](#configure-redirect-urls) - [Customize Remember-me functionality](#customize-remember-me-functionality) - [Change Access Token Lifetime](#change-access-token-lifetime) - [Enable Account Activation via Email](#enable-account-activation-via-email) @@ -33,7 +31,9 @@ Learning any new authentication system can be difficult, especially as they get ## Authentication Flow -If you need everyone to redirect to a single URL after login/logout/register actions, you can modify the `Config\Auth::redirects` array to specify the url to redirect to. +### Configure Redirect URLs + +If you need everyone to redirect to a single URL after login/logout/register actions, you can modify the `Config\Auth::$redirects` array to specify the url to redirect to. ```php public array $redirects = [ @@ -45,47 +45,6 @@ public array $redirects = [ > **Note** This redirect happens after the specified action is complete. In the case of register or login, it might not happen immediately. For example, if you have any Auth Actions specified, they will be redirected when those actions are completed successfully. If no Auth Actions are specified, they will be redirected immediately after registration or login. -### Customize register redirect - -You can customize where a user is redirected to after registration in the `registerRedirect` method of the `Auth` config file. - -```php -public function registerRedirect(): string -{ - $url = setting('Auth.redirects')['register']; - - return $this->getUrl($url); -} -``` - -### Customize login redirect - -You can further customize where a user is redirected to on login with the `loginRedirect` method of the `Auth` config file. This is handy if you want to redirect based on user group or other criteria. - -```php -public function loginRedirect(): string -{ - $url = auth()->user()->inGroup('admin') - ? '/admin' - : setting('Auth.redirects')['login']; - - return $this->getUrl($url); -} -``` - -### Customize logout redirect - -The logout redirect can also be overridden by the `logoutRedirect` method of the `Auth` config file. This will not be used as often as login and register, but you might find the need. For example, if you programatically logged a user out you might want to take them to a page that specifies why they were logged out. Otherwise, you might take them to the home page or even the login page. - -```php -public function logoutRedirect(): string -{ - $url = setting('Auth.redirects')['logout']; - - return $this->getUrl($url); -} -``` - ### Customize Remember-me functionality Remember-me functionality is enabled by default for the `Session` handler. While this is handled in a secure manner, some sites may want it disabled. You might also want to change how long it remembers a user and doesn't require additional login. From ba1d08276121000649763b9630a8b82274417095 Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 19 Jan 2023 06:50:01 +0900 Subject: [PATCH 03/11] docs: tweak section titles --- docs/quickstart.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/docs/quickstart.md b/docs/quickstart.md index 9bc50e971..278e3c9bf 100644 --- a/docs/quickstart.md +++ b/docs/quickstart.md @@ -7,7 +7,7 @@ Learning any new authentication system can be difficult, especially as they get - [Quick Start Guide](#quick-start-guide) - [Authentication Flow](#authentication-flow) - [Configure Redirect URLs](#configure-redirect-urls) - - [Customize Remember-me functionality](#customize-remember-me-functionality) + - [Configure Remember-me Functionality](#configure-remember-me-functionality) - [Change Access Token Lifetime](#change-access-token-lifetime) - [Enable Account Activation via Email](#enable-account-activation-via-email) - [Enable Two-Factor Authentication](#enable-two-factor-authentication) @@ -21,13 +21,13 @@ Learning any new authentication system can be difficult, especially as they get - [Assign Permissions to a Group](#assign-permissions-to-a-group) - [Assign Permissions to a User](#assign-permissions-to-a-user) - [Check If a User Has Permission](#check-if-a-user-has-permission) - - [Adding A Group To A User](#adding-a-group-to-a-user) - - [Removing A Group From A User](#removing-a-group-from-a-user) - - [Checking If User Belongs To A Group](#checking-if-user-belongs-to-a-group) + - [Adding a Group To a User](#adding-a-group-to-a-user) + - [Removing a Group From a User](#removing-a-group-from-a-user) + - [Checking If User Belongs To a Group](#checking-if-user-belongs-to-a-group) - [Managing Users](#managing-users) - [Creating Users](#creating-users) - [Deleting Users](#deleting-users) - - [Editing A User](#editing-a-user) + - [Editing a User](#editing-a-user) ## Authentication Flow @@ -45,7 +45,7 @@ public array $redirects = [ > **Note** This redirect happens after the specified action is complete. In the case of register or login, it might not happen immediately. For example, if you have any Auth Actions specified, they will be redirected when those actions are completed successfully. If no Auth Actions are specified, they will be redirected immediately after registration or login. -### Customize Remember-me functionality +### Configure Remember-me Functionality Remember-me functionality is enabled by default for the `Session` handler. While this is handled in a secure manner, some sites may want it disabled. You might also want to change how long it remembers a user and doesn't require additional login. @@ -206,7 +206,7 @@ if (! auth()->user()->can('users.create')) { Note: The example above can also be done through a [controller filter](https://codeigniter.com/user_guide/incoming/filters.html) if you want to apply it to multiple pages of your site. -### Adding A Group To A User +### Adding a Group To a User Groups are assigned to a user via the `addGroup` method. You can pass multiple groups in and they will all be assigned to the user. @@ -222,7 +222,7 @@ $user = auth()->user(); $user->syncGroups('admin', 'beta'); ``` -### Removing A Group From A User +### Removing a Group From a User Groups are removed from a user via the `removeGroup` method. Multiple groups may be removed at once by passing all of their names into the method. @@ -231,7 +231,7 @@ $user = auth()->user(); $user->removeGroup('admin', 'beta'); ``` -### Checking If User Belongs To A Group +### Checking If User Belongs To a Group You can check if a user belongs to a group with the `inGroup` method. @@ -288,7 +288,7 @@ $users->delete($user->id, true); > **Note** The User rows use [soft deletes](https://codeigniter.com/user_guide/models/model.html#usesoftdeletes) so they are not actually deleted from the database unless the second parameter is `true`, like above. -### Editing A User +### Editing a User The `UserModel::save()`, `update()` and `insert()` methods have been modified to ensure that an email or password previously set on the `User` entity will be automatically updated in the correct `UserIdentity` record. From dfaeced3245b442f022e341559b1d969f8e85aa0 Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 19 Jan 2023 06:59:47 +0900 Subject: [PATCH 04/11] docs: add sections to improve document structure --- docs/quickstart.md | 50 ++++++++++++++++++++++++++-------------------- 1 file changed, 28 insertions(+), 22 deletions(-) diff --git a/docs/quickstart.md b/docs/quickstart.md index 278e3c9bf..5668ace80 100644 --- a/docs/quickstart.md +++ b/docs/quickstart.md @@ -6,20 +6,22 @@ Learning any new authentication system can be difficult, especially as they get - [Quick Start Guide](#quick-start-guide) - [Authentication Flow](#authentication-flow) - - [Configure Redirect URLs](#configure-redirect-urls) - - [Configure Remember-me Functionality](#configure-remember-me-functionality) - - [Change Access Token Lifetime](#change-access-token-lifetime) - - [Enable Account Activation via Email](#enable-account-activation-via-email) - - [Enable Two-Factor Authentication](#enable-two-factor-authentication) + - [Configure Config\\Auth](#configure-configauth) + - [Configure Redirect URLs](#configure-redirect-urls) + - [Configure Remember-me Functionality](#configure-remember-me-functionality) + - [Change Access Token Lifetime](#change-access-token-lifetime) + - [Enable Account Activation via Email](#enable-account-activation-via-email) + - [Enable Two-Factor Authentication](#enable-two-factor-authentication) - [Responding to Magic Link Logins](#responding-to-magic-link-logins) - [Session Notification](#session-notification) - [Event](#event) - [Authorization Flow](#authorization-flow) - - [Change Available Groups](#change-available-groups) - - [Set the Default Group](#set-the-default-group) - - [Change Available Permissions](#change-available-permissions) - - [Assign Permissions to a Group](#assign-permissions-to-a-group) - - [Assign Permissions to a User](#assign-permissions-to-a-user) + - [Configure Config\\AuthGroups](#configure-configauthgroups) + - [Change Available Groups](#change-available-groups) + - [Set the Default Group](#set-the-default-group) + - [Change Available Permissions](#change-available-permissions) + - [Assign Permissions to a Group](#assign-permissions-to-a-group) + - [Assign Permissions to a User](#assign-permissions-to-a-user) - [Check If a User Has Permission](#check-if-a-user-has-permission) - [Adding a Group To a User](#adding-a-group-to-a-user) - [Removing a Group From a User](#removing-a-group-from-a-user) @@ -31,9 +33,11 @@ Learning any new authentication system can be difficult, especially as they get ## Authentication Flow -### Configure Redirect URLs +### Configure Config\Auth -If you need everyone to redirect to a single URL after login/logout/register actions, you can modify the `Config\Auth::$redirects` array to specify the url to redirect to. +#### Configure Redirect URLs + +If you need everyone to redirect to a single URL after login/logout/register actions, you can modify the `Config\Auth::$redirects` array in `app/Config/Auth.php` to specify the url to redirect to. ```php public array $redirects = [ @@ -45,7 +49,7 @@ public array $redirects = [ > **Note** This redirect happens after the specified action is complete. In the case of register or login, it might not happen immediately. For example, if you have any Auth Actions specified, they will be redirected when those actions are completed successfully. If no Auth Actions are specified, they will be redirected immediately after registration or login. -### Configure Remember-me Functionality +#### Configure Remember-me Functionality Remember-me functionality is enabled by default for the `Session` handler. While this is handled in a secure manner, some sites may want it disabled. You might also want to change how long it remembers a user and doesn't require additional login. @@ -58,7 +62,7 @@ public array $sessionConfig = [ ]; ``` -### Change Access Token Lifetime +#### Change Access Token Lifetime By default, Access Tokens can be used for 1 year since the last use. This can be easily modified in the `Auth` config file. @@ -66,7 +70,7 @@ By default, Access Tokens can be used for 1 year since the last use. This can be public int $unusedTokenLifetime = YEAR; ``` -### Enable Account Activation via Email +#### Enable Account Activation via Email > **Note** You need to configure `app/Config/Email.php` to allow Shield to send emails. See [Installation](install.md#initial-setup). @@ -79,7 +83,7 @@ public array $actions = [ ]; ``` -### Enable Two-Factor Authentication +#### Enable Two-Factor Authentication > **Note** You need to configure `app/Config/Email.php` to allow Shield to send emails. See [Installation](install.md#initial-setup). @@ -127,9 +131,11 @@ Events::on('magicLogin', static function () { ## Authorization Flow -### Change Available Groups +### Configure Config\AuthGroups + +#### Change Available Groups -The available groups are defined in the `AuthGroups` config file, under the `$groups` property. Add new entries to the array, or remove existing ones to make them available throughout your application. +The available groups are defined in the `app/Config/AuthGroups.php` config file, under the `$groups` property. Add new entries to the array, or remove existing ones to make them available throughout your application. ```php public array $groups = [ @@ -141,11 +147,11 @@ public array $groups = [ ]; ``` -### Set the Default Group +#### Set the Default Group When a user registers on your site, they are assigned the group specified at `Config\AuthGroups::$defaultGroup`. Change this to one of the keys in the `$groups` array to update this. -### Change Available Permissions +#### Change Available Permissions The permissions on the site are stored in the `AuthGroups` config file also. Each one is defined by a string that represents a context and a permission, joined with a decimal point. @@ -161,7 +167,7 @@ public array $permissions = [ ]; ``` -### Assign Permissions to a Group +#### Assign Permissions to a Group Each group can have its own specific set of permissions. These are defined in `Config\AuthGroups::$matrix`. You can specify each permission by it's full name, or using the context and an asterisk (*) to specify all permissions within that context. @@ -176,7 +182,7 @@ public array $matrix = [ ]; ``` -### Assign Permissions to a User +#### Assign Permissions to a User Permissions can also be assigned directly to a user, regardless of what groups they belong to. This is done programatically on the `User` Entity. From 8277464312b3b54e39b97c4515f55596b6489c49 Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 19 Jan 2023 07:01:36 +0900 Subject: [PATCH 05/11] docs: tweak section titles --- docs/customization.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/customization.md b/docs/customization.md index 254fba664..8c9fa2292 100644 --- a/docs/customization.md +++ b/docs/customization.md @@ -3,9 +3,9 @@ - [Customizing Shield](#customizing-shield) - [Route Configuration](#route-configuration) - [Custom Redirect URLs](#custom-redirect-urls) - - [Customize login redirect](#customize-login-redirect) - - [Customize register redirect](#customize-register-redirect) - - [Customize logout redirect](#customize-logout-redirect) + - [Customize Login Redirect](#customize-login-redirect) + - [Customize Register Redirect](#customize-register-redirect) + - [Customize Logout Redirect](#customize-logout-redirect) - [Extending the Controllers](#extending-the-controllers) - [Integrating Custom View Libraries](#integrating-custom-view-libraries) - [Custom Validation Rules](#custom-validation-rules) @@ -40,7 +40,7 @@ public array $redirects = [ ]; ``` -### Customize login redirect +### Customize Login Redirect You can further customize where a user is redirected to on login with the `loginRedirect()` method of the `Auth` config file. This is handy if you want to redirect based on user group or other criteria. @@ -73,7 +73,7 @@ public function loginRedirect(): string } ``` -### Customize register redirect +### Customize Register Redirect You can customize where a user is redirected to after registration in the `registerRedirect` method of the `Auth` config file. @@ -86,7 +86,7 @@ public function registerRedirect(): string } ``` -### Customize logout redirect +### Customize Logout Redirect The logout redirect can also be overridden by the `logoutRedirect` method of the `Auth` config file. This will not be used as often as login and register, but you might find the need. For example, if you programatically logged a user out you might want to take them to a page that specifies why they were logged out. Otherwise, you might take them to the home page or even the login page. From 30499c1d4cf143b2f66e41fef9630f1d782e5d01 Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 19 Jan 2023 07:08:27 +0900 Subject: [PATCH 06/11] docs: replace `Auth` with `app/Config/Auth.php` --- docs/customization.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/customization.md b/docs/customization.md index 8c9fa2292..ac95b9997 100644 --- a/docs/customization.md +++ b/docs/customization.md @@ -30,7 +30,7 @@ $routes->get('register', '\App\Controllers\Auth\RegisterController::registerView ## Custom Redirect URLs By default, a successful login or register attempt will all redirect to `/`, while a logout action -will redirect to a [named route](https://codeigniter.com/user_guide/incoming/routing.html#using-named-routes "See routing docs") `login` or a *URI path* `/login`. You can change the default URLs used within the `Auth` config file: +will redirect to a [named route](https://codeigniter.com/user_guide/incoming/routing.html#using-named-routes "See routing docs") `login` or a *URI path* `/login`. You can change the default URLs used within the `app/Config/Auth.php` config file: ```php public array $redirects = [ @@ -42,7 +42,7 @@ public array $redirects = [ ### Customize Login Redirect -You can further customize where a user is redirected to on login with the `loginRedirect()` method of the `Auth` config file. This is handy if you want to redirect based on user group or other criteria. +You can further customize where a user is redirected to on login with the `loginRedirect()` method of the `app/Config/Auth.php` config file. This is handy if you want to redirect based on user group or other criteria. ```php public function loginRedirect(): string @@ -57,7 +57,7 @@ public function loginRedirect(): string Oftentimes, you will want to have different redirects for different user groups. A simple example might be that you want admins redirected to `/admin` while all other groups redirect to `/`. -The `Auth` config file also includes methods that you can add additional logic to in order to +The `app/Config/Auth.php` config file also includes methods that you can add additional logic to in order to achieve this: ```php @@ -75,7 +75,7 @@ public function loginRedirect(): string ### Customize Register Redirect -You can customize where a user is redirected to after registration in the `registerRedirect` method of the `Auth` config file. +You can customize where a user is redirected to after registration in the `registerRedirect` method of the `app/Config/Auth.php` config file. ```php public function registerRedirect(): string @@ -88,7 +88,7 @@ public function registerRedirect(): string ### Customize Logout Redirect -The logout redirect can also be overridden by the `logoutRedirect` method of the `Auth` config file. This will not be used as often as login and register, but you might find the need. For example, if you programatically logged a user out you might want to take them to a page that specifies why they were logged out. Otherwise, you might take them to the home page or even the login page. +The logout redirect can also be overridden by the `logoutRedirect` method of the `app/Config/Auth.php` config file. This will not be used as often as login and register, but you might find the need. For example, if you programatically logged a user out you might want to take them to a page that specifies why they were logged out. Otherwise, you might take them to the home page or even the login page. ```php public function logoutRedirect(): string From 6f0356048a49e0cb669107e2cbb70a9e3569535f Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 19 Jan 2023 07:11:42 +0900 Subject: [PATCH 07/11] docs: add () after method names --- docs/customization.md | 4 ++-- docs/quickstart.md | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/customization.md b/docs/customization.md index ac95b9997..363b2cae5 100644 --- a/docs/customization.md +++ b/docs/customization.md @@ -75,7 +75,7 @@ public function loginRedirect(): string ### Customize Register Redirect -You can customize where a user is redirected to after registration in the `registerRedirect` method of the `app/Config/Auth.php` config file. +You can customize where a user is redirected to after registration in the `registerRedirect()` method of the `app/Config/Auth.php` config file. ```php public function registerRedirect(): string @@ -88,7 +88,7 @@ public function registerRedirect(): string ### Customize Logout Redirect -The logout redirect can also be overridden by the `logoutRedirect` method of the `app/Config/Auth.php` config file. This will not be used as often as login and register, but you might find the need. For example, if you programatically logged a user out you might want to take them to a page that specifies why they were logged out. Otherwise, you might take them to the home page or even the login page. +The logout redirect can also be overridden by the `logoutRedirect()` method of the `app/Config/Auth.php` config file. This will not be used as often as login and register, but you might find the need. For example, if you programatically logged a user out you might want to take them to a page that specifies why they were logged out. Otherwise, you might take them to the home page or even the login page. ```php public function logoutRedirect(): string diff --git a/docs/quickstart.md b/docs/quickstart.md index 5668ace80..aec8c716d 100644 --- a/docs/quickstart.md +++ b/docs/quickstart.md @@ -214,7 +214,7 @@ Note: The example above can also be done through a [controller filter](https://c ### Adding a Group To a User -Groups are assigned to a user via the `addGroup` method. You can pass multiple groups in and they will all be assigned to the user. +Groups are assigned to a user via the `addGroup()` method. You can pass multiple groups in and they will all be assigned to the user. ```php $user = auth()->user(); @@ -230,7 +230,7 @@ $user->syncGroups('admin', 'beta'); ### Removing a Group From a User -Groups are removed from a user via the `removeGroup` method. Multiple groups may be removed at once by passing all of their names into the method. +Groups are removed from a user via the `removeGroup()` method. Multiple groups may be removed at once by passing all of their names into the method. ```php $user = auth()->user(); @@ -239,7 +239,7 @@ $user->removeGroup('admin', 'beta'); ### Checking If User Belongs To a Group -You can check if a user belongs to a group with the `inGroup` method. +You can check if a user belongs to a group with the `inGroup()` method. ```php $user = auth()->user(); From 6d7567e72ca089e72268d6ade396d18becce3043 Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 19 Jan 2023 07:15:53 +0900 Subject: [PATCH 08/11] docs: move how to configure to quickstart.md --- docs/customization.md | 13 +------------ docs/quickstart.md | 3 +++ 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/docs/customization.md b/docs/customization.md index 363b2cae5..73a18c262 100644 --- a/docs/customization.md +++ b/docs/customization.md @@ -29,20 +29,9 @@ $routes->get('register', '\App\Controllers\Auth\RegisterController::registerView ## Custom Redirect URLs -By default, a successful login or register attempt will all redirect to `/`, while a logout action -will redirect to a [named route](https://codeigniter.com/user_guide/incoming/routing.html#using-named-routes "See routing docs") `login` or a *URI path* `/login`. You can change the default URLs used within the `app/Config/Auth.php` config file: - -```php -public array $redirects = [ - 'register' => '/', - 'login' => '/', - 'logout' => 'login', -]; -``` - ### Customize Login Redirect -You can further customize where a user is redirected to on login with the `loginRedirect()` method of the `app/Config/Auth.php` config file. This is handy if you want to redirect based on user group or other criteria. +You can customize where a user is redirected to on login with the `loginRedirect()` method of the `app/Config/Auth.php` config file. This is handy if you want to redirect based on user group or other criteria. ```php public function loginRedirect(): string diff --git a/docs/quickstart.md b/docs/quickstart.md index aec8c716d..4608c5645 100644 --- a/docs/quickstart.md +++ b/docs/quickstart.md @@ -39,6 +39,9 @@ Learning any new authentication system can be difficult, especially as they get If you need everyone to redirect to a single URL after login/logout/register actions, you can modify the `Config\Auth::$redirects` array in `app/Config/Auth.php` to specify the url to redirect to. +By default, a successful login or register attempt will all redirect to `/`, while a logout action +will redirect to a [named route](https://codeigniter.com/user_guide/incoming/routing.html#using-named-routes "See routing docs") `login` or a *URI path* `/login`. You can change the default URLs used within the `app/Config/Auth.php` config file: + ```php public array $redirects = [ 'register' => '/', From c23409f9a663a290ee40ce7ac812286b53fc7d5e Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 19 Jan 2023 09:33:16 +0900 Subject: [PATCH 09/11] docs: make file paths bold --- docs/quickstart.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/quickstart.md b/docs/quickstart.md index 4608c5645..9e3d60d91 100644 --- a/docs/quickstart.md +++ b/docs/quickstart.md @@ -2,7 +2,7 @@ Learning any new authentication system can be difficult, especially as they get more flexible and sophisticated. This guide is intended to provide short examples for common actions you'll take when working with Shield. It is not intended to be the exhaustive documentation for each section. That's better handled through the area-specific doc files. -> **Note** The examples assume that you have run the setup script and that you have copies of the `Auth` and `AuthGroups` config files in your application's `app/Config` folder. +> **Note** The examples assume that you have run the setup script and that you have copies of the `Auth` and `AuthGroups` config files in your application's **app/Config** folder. - [Quick Start Guide](#quick-start-guide) - [Authentication Flow](#authentication-flow) @@ -37,10 +37,10 @@ Learning any new authentication system can be difficult, especially as they get #### Configure Redirect URLs -If you need everyone to redirect to a single URL after login/logout/register actions, you can modify the `Config\Auth::$redirects` array in `app/Config/Auth.php` to specify the url to redirect to. +If you need everyone to redirect to a single URL after login/logout/register actions, you can modify the `Config\Auth::$redirects` array in **app/Config/Auth.php**`** to specify the url to redirect to. By default, a successful login or register attempt will all redirect to `/`, while a logout action -will redirect to a [named route](https://codeigniter.com/user_guide/incoming/routing.html#using-named-routes "See routing docs") `login` or a *URI path* `/login`. You can change the default URLs used within the `app/Config/Auth.php` config file: +will redirect to a [named route](https://codeigniter.com/user_guide/incoming/routing.html#using-named-routes "See routing docs") `login` or a *URI path* `/login`. You can change the default URLs used within the **`**app/Config/Auth.php** config file: ```php public array $redirects = [ @@ -75,7 +75,7 @@ public int $unusedTokenLifetime = YEAR; #### Enable Account Activation via Email -> **Note** You need to configure `app/Config/Email.php` to allow Shield to send emails. See [Installation](install.md#initial-setup). +> **Note** You need to configure **app/Config/Email.php** to allow Shield to send emails. See [Installation](install.md#initial-setup). By default, once a user registers they have an active account that can be used. You can enable Shield's built-in, email-based activation flow within the `Auth` config file. @@ -88,7 +88,7 @@ public array $actions = [ #### Enable Two-Factor Authentication -> **Note** You need to configure `app/Config/Email.php` to allow Shield to send emails. See [Installation](install.md#initial-setup). +> **Note** You need to configure **app/Config/Email.php** to allow Shield to send emails. See [Installation](install.md#initial-setup). Turned off by default, Shield's Email-based 2FA can be enabled by specifying the class to use in the `Auth` config file. @@ -101,7 +101,7 @@ public array $actions = [ ### Responding to Magic Link Logins -> **Note** You need to configure `app/Config/Email.php` to allow Shield to send emails. See [Installation](install.md#initial-setup). +> **Note** You need to configure **app/Config/Email.php** to allow Shield to send emails. See [Installation](install.md#initial-setup). Magic Link logins allow a user that has forgotten their password to have an email sent with a unique, one-time login link. Once they've logged in you can decide how to respond. In some cases, you might want to redirect them to a special page where they must choose a new password. In other cases, you might simply want to display a one-time message prompting them to go to their account page and choose a new password. @@ -138,7 +138,7 @@ Events::on('magicLogin', static function () { #### Change Available Groups -The available groups are defined in the `app/Config/AuthGroups.php` config file, under the `$groups` property. Add new entries to the array, or remove existing ones to make them available throughout your application. +The available groups are defined in the **app/Config/AuthGroups.php** config file, under the `$groups` property. Add new entries to the array, or remove existing ones to make them available throughout your application. ```php public array $groups = [ From e0819743fb2044d031d6f4a3d85d2cc04605a431 Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 19 Jan 2023 09:37:40 +0900 Subject: [PATCH 10/11] docs: fix Note format --- docs/quickstart.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/quickstart.md b/docs/quickstart.md index 9e3d60d91..70b960f9c 100644 --- a/docs/quickstart.md +++ b/docs/quickstart.md @@ -213,7 +213,7 @@ if (! auth()->user()->can('users.create')) { } ``` -Note: The example above can also be done through a [controller filter](https://codeigniter.com/user_guide/incoming/filters.html) if you want to apply it to multiple pages of your site. +> **Note** The example above can also be done through a [controller filter](https://codeigniter.com/user_guide/incoming/filters.html) if you want to apply it to multiple pages of your site. ### Adding a Group To a User From 4e5e4c64b1344a1cb1a874d7ec182f61eff9b71f Mon Sep 17 00:00:00 2001 From: kenjis Date: Thu, 19 Jan 2023 09:39:33 +0900 Subject: [PATCH 11/11] docs: make file paths bold --- docs/customization.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/customization.md b/docs/customization.md index 73a18c262..906c4b631 100644 --- a/docs/customization.md +++ b/docs/customization.md @@ -31,7 +31,7 @@ $routes->get('register', '\App\Controllers\Auth\RegisterController::registerView ### Customize Login Redirect -You can customize where a user is redirected to on login with the `loginRedirect()` method of the `app/Config/Auth.php` config file. This is handy if you want to redirect based on user group or other criteria. +You can customize where a user is redirected to on login with the `loginRedirect()` method of the **app/Config/Auth.php** config file. This is handy if you want to redirect based on user group or other criteria. ```php public function loginRedirect(): string @@ -46,7 +46,7 @@ public function loginRedirect(): string Oftentimes, you will want to have different redirects for different user groups. A simple example might be that you want admins redirected to `/admin` while all other groups redirect to `/`. -The `app/Config/Auth.php` config file also includes methods that you can add additional logic to in order to +The **app/Config/Auth.php** config file also includes methods that you can add additional logic to in order to achieve this: ```php @@ -64,7 +64,7 @@ public function loginRedirect(): string ### Customize Register Redirect -You can customize where a user is redirected to after registration in the `registerRedirect()` method of the `app/Config/Auth.php` config file. +You can customize where a user is redirected to after registration in the `registerRedirect()` method of the **app/Config/Auth.php** config file. ```php public function registerRedirect(): string @@ -77,7 +77,7 @@ public function registerRedirect(): string ### Customize Logout Redirect -The logout redirect can also be overridden by the `logoutRedirect()` method of the `app/Config/Auth.php` config file. This will not be used as often as login and register, but you might find the need. For example, if you programatically logged a user out you might want to take them to a page that specifies why they were logged out. Otherwise, you might take them to the home page or even the login page. +The logout redirect can also be overridden by the `logoutRedirect()` method of the **app/Config/Auth.php** config file. This will not be used as often as login and register, but you might find the need. For example, if you programatically logged a user out you might want to take them to a page that specifies why they were logged out. Otherwise, you might take them to the home page or even the login page. ```php public function logoutRedirect(): string