Model for implementing an authentication view. More...
#include <Wt/Auth/AuthModel.h>
Public Member Functions | |
| AuthModel (const AuthService &baseAuth, AbstractUserDatabase &users) | |
| Constructor. More... | |
| virtual void | reset () override |
| Resets the model. More... | |
| virtual bool | isVisible (Field field) const override |
| Returns whether a field is visible. More... | |
| virtual bool | validateField (Field field) override |
| Validates a field. More... | |
| virtual bool | validate () override |
| Validates the current input. More... | |
| virtual void | configureThrottling (WInteractWidget *button) |
| Initializes client-side login throttling. More... | |
| virtual void | updateThrottling (WInteractWidget *button) |
| Updates client-side login throttling. More... | |
| virtual bool | login (Login &login) |
| Logs the user in. More... | |
| virtual void | logout (Login &login) |
| Logs the user out. More... | |
| virtual EmailTokenResult | processEmailToken (const std::string &token) |
| Processes an email token. More... | |
| virtual void | setRememberMeCookie (const User &user) |
| Creates a token and stores it in a cookie. More... | |
| virtual User | processAuthToken () |
| Detects and processes an authentication token. More... | |
| bool | showResendEmailVerification () const |
| Returns whether to allow resending the email verification. More... | |
| virtual bool | hasMfaStep (const User &user) const |
Determines whether the MFA step is necessary for the user. More... | |
 Public Member Functions inherited from Wt::Auth::FormBaseModel | |
| FormBaseModel (const AuthService &baseAuth, AbstractUserDatabase &users) | |
| Constructor. | |
| const AuthService * | baseAuth () const |
| Returns the authentication base service. More... | |
| AbstractUserDatabase & | users () |
| Returns the user database. | |
| const AbstractUserDatabase & | users () const |
| Returns the user database. | |
| virtual void | addPasswordAuth (const AbstractPasswordService *auth) |
| Adds a password authentication service. More... | |
| const AbstractPasswordService * | passwordAuth () const |
| Returns the password authentication service. More... | |
| virtual void | addOAuth (const OAuthService *auth) |
| Adds an OAuth authentication service provider. More... | |
| virtual void | addOAuth (const std::vector< const OAuthService * > &auth) |
| Adds a list of OAuth authentication service providers. More... | |
| std::vector< const OAuthService * > | oAuth () const |
| Returns the list of OAuth authentication service providers. More... | |
| virtual void | addSaml (const Saml::Service *auth) |
| Adds a SAML authentication service provider. | |
| virtual void | addSaml (const std::vector< const Saml::Service * > &auth) |
| Adds a list of SAML authentication service providers. More... | |
| std::vector< const Saml::Service * > | saml () const |
| Returns the list of SAML authentication service providers. More... | |
| virtual WString | label (Field field) const override |
| Returns a field label. More... | |
| virtual bool | loginUser (Login &login, User &user, LoginState state=LoginState::Strong) |
| Logs the user in. More... | |
| Public Member Functions inherited from Wt::WFormModel | |
| WFormModel () | |
| Constructor. More... | |
| void | addField (Field field, const WString &info=WString::Empty) |
| Adds a field. More... | |
| void | removeField (Field field) |
| Removes a field. More... | |
| std::vector< Field > | fields () const |
| Returns the fields. More... | |
| bool | valid () const |
| Returns the current overall validation state. More... | |
| void | setVisible (Field field, bool visible) |
| Sets whether a field is visible. More... | |
| void | setReadOnly (Field field, bool readOnly) |
| Sets whether a field is read-only. More... | |
| virtual bool | isReadOnly (Field field) const |
| Returns whether a field is read only. More... | |
| virtual void | setValue (Field field, const cpp17::any &value) |
| Sets the field value. More... | |
| virtual const cpp17::any & | value (Field field) const |
| Returns the field value. More... | |
| virtual WString | valueText (Field field) const |
| Returns the field value text. More... | |
| virtual void | setValidator (Field field, const std::shared_ptr< WValidator > &validator) |
| Sets a validator. | |
| virtual std::shared_ptr< WValidator > | validator (Field field) const |
| Returns a validator. More... | |
| virtual void | setValidated (Field field, bool validated) |
| Sets whether a field has been validated. More... | |
| virtual bool | isValidated (Field field) const |
| Returns whether the field has been validated yet. More... | |
| const WValidator::Result & | validation (Field field) const |
| Returns the result of a validation. More... | |
| virtual void | setValidation (Field field, const WValidator::Result &result) |
| Sets the validation result for a field. More... | |
| Public Member Functions inherited from Wt::WObject | |
| void | addChild (std::unique_ptr< WObject > child) |
| Add a child WObject whose lifetime is determined by this WObject. | |
| template<typename Child > | |
| Child * | addChild (std::unique_ptr< Child > child) |
| Add a child WObject, returning a raw pointer. More... | |
| std::unique_ptr< WObject > | removeChild (WObject *child) |
| Remove a child WObject, so its lifetime is no longer determined by this WObject. | |
| template<typename Child > | |
| std::unique_ptr< Child > | removeChild (Child *child) |
| Remove a child WObject, so its lifetime is no longer determined by this WObject. More... | |
| virtual const std::string | id () const |
| Returns the (unique) identifier for this object. More... | |
| virtual void | setObjectName (const std::string &name) |
| Sets an object name. More... | |
| virtual std::string | objectName () const |
| Returns the object name. More... | |
| void | resetLearnedSlots () |
| Resets learned stateless slot implementations. More... | |
| template<class T > | |
| void | resetLearnedSlot (void(T::*method)()) |
| Resets a learned stateless slot implementation. More... | |
| template<class T > | |
| WStatelessSlot * | implementStateless (void(T::*method)()) |
| Declares a slot to be stateless and learn client-side behaviour on first invocation. More... | |
| template<class T > | |
| WStatelessSlot * | implementStateless (void(T::*method)(), void(T::*undoMethod)()) |
| Declares a slot to be stateless and learn client-side behaviour in advance. More... | |
| void | isNotStateless () |
| Marks the current function as not stateless. More... | |
| template<class T > | |
| WStatelessSlot * | implementJavaScript (void(T::*method)(), const std::string &jsCode) |
| Provides a JavaScript implementation for a method. More... | |
| Public Member Functions inherited from Wt::Core::observable | |
| observable () noexcept | |
| Default constructor. | |
| virtual | ~observable () |
| Destructor. More... | |
| template<typename... Args, typename C > | |
| auto | bindSafe (void(C::*method)(Args...)) noexcept |
| Protects a method call against object destruction. More... | |
| template<typename... Args, typename C > | |
| auto | bindSafe (void(C::*method)(Args...) const) const noexcept |
| Protects a const method call against object destruction. More... | |
| template<typename Function > | |
| auto | bindSafe (const Function &function) noexcept |
| Protects a function against object destruction. More... | |
Static Public Attributes | |
| static const Field | PasswordField = "password" |
| Password field. | |
| static const Field | RememberMeField = "remember-me" |
| Remember-me field. | |
| Static Public Attributes inherited from Wt::Auth::FormBaseModel | |
| static const Field | LoginNameField = "user-name" |
| Login name field. | |
Additional Inherited Members | |
| Public Types inherited from Wt::WFormModel | |
| typedef const char * | Field |
| A type to identify a field. More... | |
| Public Types inherited from Wt::WObject | |
| typedef void(WObject::* | Method) () |
| Typedef for a WObject method without arguments. | |
| Protected Member Functions inherited from Wt::WObject | |
| virtual WStatelessSlot * | getStateless (Method method) |
| On-demand stateless slot implementation. More... | |
Detailed Description
Model for implementing an authentication view.
This model implements the logic for authenticating a user (the "login" interface). It implements traditional username/password registration, and third party identification methods (although for the latter, it doesn't really do anything).
The model exposes three fields:
- LoginNameField: the login name (used as an identity for the Identity::LoginName provider)
- PasswordField: the password
- RememberMeField: whether the login should be remembered with an authentication cookie (if that is configured in the AuthService).
When the model validates correctly (validate() returns true), the entered credentials are correct. At that point you can use the login() utility function to login the identified user.
The model can also be used when the user is already known (e.g. to implement password confirmation before a critical operation). In that case you can set a value for the LoginNameField and make this field invisible or read-only.
The model also provides the client-side JavaScript logic to indicate password attempt throttling (configureThrottling() and updateThrottling()).
- See also
- AuthWidget
Constructor & Destructor Documentation
◆ AuthModel()
| Wt::Auth::AuthModel::AuthModel | ( | const AuthService & | baseAuth, |
| AbstractUserDatabase & | users | ||
| ) |
Constructor.
Creates a new authentication model, using a basic authentication service and user database.
Member Function Documentation
◆ configureThrottling()
|
virtual |
Initializes client-side login throttling.
If login attempt throttling is enabled, then this may also be indicated client-side using JavaScript by disabling the login button and showing a count-down indicator. This method initializes this JavaScript utlity function for a login button.
- See also
- updateThrottling()
◆ hasMfaStep()
|
virtual |
Determines whether the MFA step is necessary for the user.
After the user has logged in, and the MFA step would be shown, this functionality can be changed to determine whether the MFA step is to be shown. If so, LoginState::RequiresMfa will be set to indicate this to the framework.
If this state is set, the AuthWidget::createMfaView() will be called, which constructs the MFA widget with AuthWidget::createMfaProcess(). If the created widget implements the Mfa::AbstractMfaProcess interface, the default flow of showing the setup/input views is taken.
If it does not adhere to the interface, and features a completely custom implementation, developers should override AuthWidget::createMfaProcess() and AuthWidget::createMfaView().
By default this will return true iff:
- the MFA step is both enabled (AuthService::mfaEnabled()), and also required (AuthService::mfaRequired()).
- MFA is enabled (AuthService::mfaEnabled()) and the
user'sMFA identity will be checked. If an identity is found for the provider the widget in AuthWidget::createMfaProcess() specifies, Wt will interpret this as a valid MFA configuration, and show the MFA step to the user.
◆ isVisible()
|
overridevirtual |
Returns whether a field is visible.
In some cases not all fields of the model need to be shown. This may depend on values input for certain fields, and thus change dynamically. You may specialize this method to indicate that a certain field should be invisible.
The default implementation returns the value set by setVisible().
Reimplemented from Wt::WFormModel.
◆ login()
|
virtual |
Logs the user in.
Logs in the user after a successful call to validate(). To avoid mishaps, you should call this method immediately after a call to validate().
Returns whether the user could be logged in.
By default the user will be logged into a LoginState::Strong state, but if a second factor is required, the state will be LoginState::RequiresMfa. This indicates additional authentication is required.
◆ logout()
|
virtual |
Logs the user out.
This also removes the remember-me cookie for the user.
◆ processAuthToken()
|
virtual |
Detects and processes an authentication token.
This returns a user that was identified with an authentication token found in the application environment, or an invalid User object if this feature is not configured, or no valid cookie was found.
- See also
- AuthService::processAuthToken()
◆ processEmailToken()
|
virtual |
Processes an email token.
This simply calls AuthService::processEmailToken().
◆ reset()
|
overridevirtual |
Resets the model.
The default implementation clears the value of all fields, and resets the validation state to not validated.
Reimplemented from Wt::WFormModel.
◆ setRememberMeCookie()
|
virtual |
Creates a token and stores it in a cookie.
This enables automatic authentication in a next session.
◆ showResendEmailVerification()
| bool Wt::Auth::AuthModel::showResendEmailVerification | ( | ) | const |
Returns whether to allow resending the email verification.
Returns true when email verification is required and the user was not yet verified. In this case, a user would be stuck if the verification email was lost.
◆ updateThrottling()
|
virtual |
Updates client-side login throttling.
This should be called after a call to attemptPasswordLogin(), if you want to reflect throttling using a client-side count-down indicator in the button.
You need to call configureThrottling() before you can do this.
◆ validate()
|
overridevirtual |
Validates the current input.
The default implementation calls validateField() for each field and returns true if all fields validated.
- See also
- validateField()
Reimplemented from Wt::WFormModel.
◆ validateField()
|
overridevirtual |
Validates a field.
The default implementation uses the validator configured for the field to validate the field contents, or if no validator has been configured assumes that the field is valid.
You will typically customize this method for more complex validation cases.
- See also
- validate(), validationResult()
Reimplemented from Wt::WFormModel.
