With an embedded JWT mechanism, this class is responsible to verify the user authenticity or generate the user authenticity. All paths marked with "true" in the "authenticated" param, will call this class to verify the user authenticity. The generation of the user authenticity(with JWT token), is triggered manually and you can check how do to this in the guide The Way: Custom Security Service or in the source code. It's important to know that these behaviors can be customized/overridden with a custom CoreSecurityService, so you can change the default JWT engine to an OAUTH 2.0 for example
You can check the The Way: Custom Security Service guide to implement a custom CoreSecurityService
This method is used to generate a JWT token to provide the user authenticity.
The default implementation, uses the the-way.server.rest.security properties and you must change the keys if you want to use the default implementation. Actually, we use the
library JsonWebToken to provide and verify the JWT token.
- tokenClaims: Is a JSON object with the information that will be a part of the token. TokenClaims is encrypted with aes-256-cbc.
- The resultant JWT token
This method will check if the logged user can access the path, evaluating the token and the profiles in the token claims
- token: is the logged user token
- fatherPathProfiles: is an array of profiles allowed to use the operations inside a father path
- profiles: is an array of profiles allowed to use the current operation(path)
The return of the verification is the TokenClaims decrypted from the token