Authentication

You can now add the annotation @Authentication to a receiver class.

You can also do the following.

forceServer.on("examplerequest", (e, sendable) {
   // do something
}, roles: ["ADMIN", "BASIC"]);

An authentication in force is following a strategy. You can set a strategy by extending the class SecurityStrategy.

class SessionStrategy extends SecurityStrategy {
  
  bool checkAuthorization(HttpRequest req) {
    HttpSession session = req.session;
    return (session["user"]!=null);
  }   
  
  Uri getRedirectUri(HttpRequest req) {
    var referer = req.uri.toString();
    return Uri.parse("/login/?referer=$referer");
  }
}

And then add this strategy to the webserver.

forceServer.server.strategy = new SessionStrategy();

When you are not authorized, the system sends the following message back: "unauthorized" with the data you send over the system. So you can also listen to the message "unauthorized" in your client, then you can inform the user he need to login.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Authentication

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally