Class AuthModel
public class AuthModel extends FormBaseModel
This model implements the logic for authenticating a user (the "login" interface). It implements traditional username/password registration, and third party identification methods (although for the latter, it doesn't really do anything).
The model exposes three fields:
- LoginNameField: the login name (used as an identity for the
Identity.LoginName
provider) - PasswordField: the password
- RememberMeField: whether the login should be remembered with an authentication cookie (if
that is configured in the
AuthService
).
When the model validates correctly (validate()
returns true
), the entered credentials are correct. At that point you can use the login()
utility function to login the identified user.
The model can also be used when the user is already known (e.g. to implement password confirmation before a critical operation). In that case you can set a value for the LoginNameField and make this field invisible or read-only.
The model also provides the client-side JavaScript logic to indicate password attempt
throttling (configureThrottling()
and updateThrottling()
).
- See Also:
AuthWidget
-
Nested Class Summary
Nested classes/interfaces inherited from class eu.webtoolkit.jwt.WObject
WObject.FormData
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
PasswordField
Password field.static java.lang.String
RememberMeField
Remember-me field.Fields inherited from class eu.webtoolkit.jwt.auth.FormBaseModel
LoginNameField
-
Constructor Summary
Constructors Constructor Description AuthModel(AuthService baseAuth, AbstractUserDatabase users)
Constructor.AuthModel(AuthService baseAuth, AbstractUserDatabase users, WObject parent)
Constructor. -
Method Summary
Modifier and Type Method Description void
configureThrottling(WInteractWidget button)
Initializes client-side login throttling.boolean
isVisible(java.lang.String field)
Returns whether a field is visible.boolean
login(Login login)
Logs the user in.void
logout(Login login)
Logs the user out.User
processAuthToken()
Detects and processes an authentication token.EmailTokenResult
processEmailToken(java.lang.String token)
Processes an email token.void
reset()
Resets the model.void
setRememberMeCookie(User user)
Creates a token and stores it in a cookie.void
updateThrottling(WInteractWidget button)
Updates client-side login throttling.boolean
validate()
Validates the current input.boolean
validateField(java.lang.String field)
Validates a field.Methods inherited from class eu.webtoolkit.jwt.auth.FormBaseModel
addOAuth, addOAuth, addPasswordAuth, getBaseAuth, getOAuth, getPasswordAuth, getUsers, label, loginUser, loginUser, setValid, setValid
Methods inherited from class eu.webtoolkit.jwt.WFormModel
addField, addField, getFields, getValidation, getValidator, getValue, isReadOnly, isValid, isValidated, removeField, setReadOnly, setValidated, setValidation, setValidator, setValue, setVisible, valueText
Methods inherited from class eu.webtoolkit.jwt.WObject
addChild, getId, getObjectName, remove, setFormData, setObjectName, tr
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Field Details
-
PasswordField
public static final java.lang.String PasswordFieldPassword field.- See Also:
- Constant Field Values
-
RememberMeField
public static final java.lang.String RememberMeFieldRemember-me field.- See Also:
- Constant Field Values
-
-
Constructor Details
-
AuthModel
Constructor.Creates a new authentication model, using a basic authentication service and user database.
-
AuthModel
Constructor.
-
-
Method Details
-
reset
public void reset()Description copied from class:WFormModel
Resets the model.The default implementation clears the value of all fields, and resets the validation state to not validated.
- Overrides:
reset
in classWFormModel
-
isVisible
public boolean isVisible(java.lang.String field)Description copied from class:WFormModel
Returns whether a field is visible.In some cases not all fields of the model need to be shown. This may depend on values input for certain fields, and thus change dynamically. You may specialize this method to indicate that a certain field should be invisible.
The default implementation returns the value set by
setVisible()
.- Overrides:
isVisible
in classWFormModel
-
validateField
public boolean validateField(java.lang.String field)Description copied from class:WFormModel
Validates a field.The default implementation uses the validator configured for the field to validate the field contents, or if no validator has been configured assumes that the field is valid.
You will typically customize this method for more complex validation cases.
- Overrides:
validateField
in classWFormModel
- See Also:
WFormModel.validate()
-
validate
public boolean validate()Description copied from class:WFormModel
Validates the current input.The default implementation calls
validateField()
for each field and returnstrue
if all fields validated.- Overrides:
validate
in classWFormModel
- See Also:
WFormModel.validateField(String field)
-
configureThrottling
Initializes client-side login throttling.If login attempt throttling is enabled, then this may also be indicated client-side using JavaScript by disabling the login button and showing a count-down indicator. This method initializes this JavaScript utlity function for a login button.
- See Also:
updateThrottling(WInteractWidget button)
-
updateThrottling
Updates client-side login throttling.This should be called after a call to attemptPasswordLogin(), if you want to reflect throttling using a client-side count-down indicator in the button.
You need to call
configureThrottling()
before you can do this. -
login
Logs the user in.Logs in the user after a successful call to
validate()
. To avoid mishaps, you should call this method immediately after a call tovalidate()
.Returns whether the user could be logged in.
-
logout
Logs the user out.This also removes the remember-me cookie for the user.
-
processEmailToken
Processes an email token.This simply calls
AuthService#processEmailToken()
. -
setRememberMeCookie
Creates a token and stores it in a cookie.This enables automatic authentication in a next session.
-
processAuthToken
Detects and processes an authentication token.This returns a user that was identified with an authentication token found in the application environment, or an invalid
User
object if this feature is not configured, or no valid cookie was found.
-