Skip to content

authentication

Valentin Mourot edited this page May 3, 2019 · 2 revisions

Authentication

This pages describes the way an user can log to Entcore by the Mobile Framework, and his data are processed. The authentication process works over the oAuth2 protocol.

Once a user is logged in, Mobile Framework stores the auth token in the oauth module located in /app/infra/oauth.ts that allows to sign fetch requests and data sources.

Login routine

The word "login" does not exactly means "receive an auth token from Entcore". This is the case on manual login using the user credentials (login & password), but login can be done automatically when a logged user restart the application. In this case, the login procedure consists to refresh the old token.

In fact, once the used has successfully logged in, its auth token is stored in the AsyncStorage on the device. This token can be used to sign request or the refresh the token when it is expired.

The login process is handled by a thunk action in the user application module located in /app/user/actions/login.ts.

  1. Get a new auth token from credentials, or try to refresh the token
  2. Once we've a new valid auth token, fetch the user information
  3. Check if its properties authorizes him to access to the application
  4. Register the device to receive push-notifications
  5. Confirm login (fill the Redux application state with user information)
  6. Tracking report (see "Tracking" section of this documentation)
  7. Take the user to the Timeline page

Logout routine

The logout process consists only to erase the stored auth token and to empty the user reducer.

  1. Tracking report (see "Tracking" section of this documentation)
  2. Unregister the device to not receive push-notifications anymore
  3. Erase the stored auth token
  4. Clear requests cache (see "Signed fetch" section in this documentation)
  5. Validate logout (empty the user information in Redux application state)
  6. Take the user to the login page

Me

The Me module is a read-only access to the gathered user information at login time. You just have to import it from /app/infra/Me.ts and check Me.session content.

The Me module also contains functions to set or read distant user preferences and is user by the user application module to handle push-notifs preferences.

The Me module is not respectful of the Redux architecture and causes circular dependencies. It will be removed in favor of the data directly obtained from the Redux store.

Clone this wiki locally