For the most important information on the topic of authentication and authorization, see here. The Jet\Auth class is the facade of authentication and authorization, and it is primarily through this class that Jet Auth is used in an application.

Method Meaning of
public static setController(
Auth_Controller_Interface $controller
): void
Sets an instance of controller.
public static setControllerProvider(
callable $provider
): void
It allows lazy loading. Instead of creating and setting an instance of controller, it is possible to set a factory function that creates an instance of controller only when the application needs to use controller for the first time.
public static getController(
): Auth_Controller_Interface
Returns the current instance of the controller.
public static checkCurrentUser(
): bool
It verifies that the user is logged in and also that the user account is valid (not blocked, waiting to be activated, etc.).
public static handleLogin(
): void
Provides display and operation of the login form when the user is not logged in, but not only that. Handles any situation where the user is not logged in or their user account is not active. For example, if a password change is required, activation, two-factor login, and so on.
public static login(
string $username,
string $password
): bool
Attempts to log the user in. So it verifies the username and password, and if the information is valid, then it takes the user as logged in (and returns true, otherwise false).

Warning! A user may be successfully logged in, but their account may not be active, etc. Thus, after logging in, the request must be reloaded and then work with the Auth::checkCurrentUser() method
public static loginUser(
Auth_User_Interface $user
): bool
Based on the instance of a particular user, it will attempt to log that user in. If the user is logged in (it is a valid user), then it returns true.
public static logout(
): void
Logs the user out.
public static getCurrentUser(
): Auth_User_Interface|bool
Returns an instance of the logged-in user. Even if the user account is not active, is blocked, or is otherwise invalid, etc.
public static getCurrentUserHasPrivilege(
string $privilege,
mixed $value=null
): bool
Checks whether the currently logged in user has the given permission.

If the $value parameter is null, then it checks whether the user has the permission regardless of the value (i.e. whether he has the permission at all, whatever it is).
public static checkModuleActionAccess(
string $module_name,
string $action
): bool
Verifies that the currently logged in user has the right to perform the application module action.
public static checkPageAccess(
MVC_Page_Interface $page
): bool
Verifies that the currently logged-in user has the right to visit the page.
Previous chapter
Next chapter