1.2.1 Background Information

An auth system has to perform two main tasks:

Finding out if the user is who he claims to be
Checking the authenticated user has sufficient access priviledges to perform the task

In order to authenticate a user a username and password is usually entered and if the password matches the username the user is authenticated. This process involves several steps:

Before this can happen a mechanism is required to be able to add users to the system and set their access priveledges and a mechainsm is required to store information about the signed in user so that they remain signed in.

The web.auth module provides the following classes to achieve all these tasks in a simple and yet flexible way.

admin objects (AuthAdmin class)
This class is used to administer the auth environment, add users, set access levels etc.
session objects (AuthSession class)
This class is used to store information about who is signed in, when they signed in and when thry should be signed out
manager objects (AuthManager class)
Used to manage the auth functions, has all the functionality of the admin and session objects
user objects (AuthUser class)
Contain all the information about a particular user and can be used to set simple user properties
handler objects
Are used to automatically handle tasks such as user sign in