You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Auth framework is controlled by the Manager, every instance of the Manager works autonomous, and can have it's own configuration.
The Manager supports three driver types:
user, for user authentication and information.
group, for group information and membership.
acl, for authorisation.
At least one user driver is required, others are optional.
You can use multiple drivers of any given type.
A single driver can implement multiple types:
This will allow close integration between the different driver types, needed for some backends.
Driver instances can be added, removed or accessed at runtime.
For user authentication, two modes exist:
try all: attempt authentication using all defined drivers
first hit: stop as soon as a driver succesfully authenticates
The user driver supports multiple groups in it's API. If the backend doesn't support groups, or only a single group, either an empty array or an array with one group is returned. The array will always contain "id => name".
A local users table is used, to store unified user information, and to provide a unique user id to the application, independent of the authentication backend being used.
A local groups table is used, to store unified group information, and to provide a unique group id to the application, independent of the authentication backend being used.
A syntax for ACL definition will be proposed as a standard, and used by the supplied ACL drivers, but this will not be enforced, so devs can implement their own ACL system if needed.
When calling methods, the Manager will distribute the calls to the correct driver:
when not logged in, it will call all drivers
when logged in, it will only call "logged-in" user drivers, it will call all other drivers