Jet\Auth_Controller_Interface
We've already covered how authentication and authorization works. Now we'll describe the interface you need to implement in your application space to create an authentication and authorization controller.
Method | Meaning of |
---|---|
public handleLogin( ): void |
It serves login and attention, not only login, but for example also the state when the user is logged in, but his account is not active, is blocked, password change is requested and so on. The term "serve" means, for example, that it displays the appropriate page, or for example returns the appropriate response (e.g. REST API). The entire handling is entirely in the control of the method. In the sample application, this operation is handled by passing the handler to the appropriate modules (Login.Admin and Login.Web). But the specific operation and its implementation is entirely in the controllers control. |
public login( string $username, string $password ): bool |
Based on the username and password, it attempts to log the user in. If the user is logged in (it is a valid username and password), then it returns true. |
public loginUser( Auth_User_Interface $user ): bool |
Based on the instance of a particular user, it will attempt to log that user in. If the user is logged in (it is a valid user), then it returns true. |
public logout( ): void |
Logs the user out. |
public checkCurrentUser( ): bool |
It verifies whether a user is logged in and also whether the user account is valid (activated, unblocked and so on - depending on your implementation). |
public getCurrentUser( ): Auth_User_Interface|bool |
Returns an instance of the currently logged in user even if the user account is blocked, for example. Only if no user is logged in, then it will return false. |
public getCurrentUserHasPrivilege( string $privilege, mixed $value = null ): bool |
Checks whether the currently logged in user has the given permission. If the $value parameter is null, then it checks whether the user has the permission regardless of the value (i.e. whether he has the permission at all, whatever it is). |
public checkModuleActionAccess( string $module_name, string $action ): bool |
Verifies that the currently logged in user has permission to perform an application module action. |
public checkPageAccess( MVC_Page_Interface $page ): bool |
Verifies that the currently logged-in user has permission to visit the page. |