An auth system has to perform two main tasks:
- Finding out if the user is who he claims to be
- Checking the authenticated user has sufficient access priviledges to perform the task
In order to authenticate a user a username and password is usually entered and if the password matches the username the user is authenticated. This process involves several steps:
- Displaying a sign in form
- Checking the username and password
- Displaying the form again if the details are not correct
- Storing the information that the user is signed in
Before this can happen a mechanism is required to be able to add users to the system and set their access priveledges and a mechainsm is required to store information about the signed in user so that they remain signed in.
The web.auth module provides the following classes to achieve all these tasks in a simple and yet flexible way.
- admin objects (
- This class is used to administer the auth environment, add users, set access levels etc.
- session objects (
- This class is used to store information about who is signed in, when they signed in and when thry should be signed out
- manager objects (
- Used to manage the auth functions, has all the functionality of the admin and session objects
- user objects (
- Contain all the information about a particular user and can be used to set simple user properties
- handler objects
- Are used to automatically handle tasks such as user sign in