API Reference 0.7.0rikulo_securitySecurity

Security abstract class

The security module.

Usage

First, you have to implement Authenticator. For sake of description, we use a dummy implementation here called DummyAuthenticator:

final authenticator = new DummyAuthenticator()
  ..addUser("john", "123", ["user"])
  ..addUser("peter", "123", ["user", "admin"]);

Second, you can use SimpleAccessControl or implement your own access control (AccessControl):

final accessControl = new SimpleAccessControl({
  "/admin/.*": ["admin"],
  "/member/.*": ["user", "admin"]
});

Finally, instantiate Security with the authenticator and access control you want:

final security = new Security(authenticator, accessControl);
new StreamServer(uriMapping: {
  "/s_login": security.login,
  "/s_logout": security.logout
}, filterMapping: {
  "/.*": security.filter
}).start();
abstract class Security {
 /** Constructor.
  *
  * * [redirector] - provides the URIs that will be used in different situations.
  * If omitted, an instance of [Redirector] is instantiated and used.
  * * [rememberMe] - provides the plugin implementing *rememeber-me*.
  * If omitted, no remember-me feature at all. Also notice that *remember-me*
  * is enabled only if the `s_remember_me` parameter is specified with `true`
  * when [login] receives a request.
  * * [rememberUri] - provides the plugin implementing *remember-uri*.
  * If omitted, an instance of [RememberUri] is instantiated and used.
  * * [onLogin] and [onLogout] are used for registering a callback for handling
  * initialization of login and cleanup of logout. It can return null if
  * it completes immediately. Otherwise, return a [Future] instance to indicate
  * when it completes.
  */
 factory Security(Authenticator authenticator, AccessControl accessControl, {
     Redirector redirector, RememberMe rememberMe, RememberUri rememberUri,
     Future onLogin(HttpConnect connect, user, bool rememberMe),
     Future onLogout(HttpConnect connect, user)})
 => new _Security(authenticator, accessControl,
     redirector != null ? redirector: new Redirector(),
			rememberMe,
     rememberUri != null ? rememberUri: new RememberUri(),
     onLogin, onLogout);

 /** The filter used to configure Stream server's filter mapping.
  */
 RequestFilter get filter;
 /** The handler used to configure Stream server's URI mapping for handling
  * the login.
  */
 LoginHandler get login;
 /** The handler used to configure Stream server's URI mapping for handling
  * the logout.
  */
 LogoutHandler get logout;

 /** Notifies Rikulo Security that the given user logged in.
  * It is useful if you allows the user to login automatically, such as
  * remember-me mechanism and the sign-up mechanism.
  *
  * > For FORM or Ajax login, please use [login] instead.
  *
  * * [rememberMe] - whether remember-me is enabled or disabled.
  * If omitted (null), remember-me won't be updated.
  * It is meaningful
  * only if the constructor is called with a [RememberMe] instance.
  *
  * * It returns a [Future] object (never null) to indicate when it completes.
  */
 Future setLogin(HttpConnect connect, user, {bool rememberMe});

 ///The authenticator.
 Authenticator get authenticator;
 ///The access control.
 AccessControl get accessControl;
 ///The redirector.
 Redirector get redirector;
 ///The remember me.
 RememberMe get rememberMe;
 ///The remember URI.
 RememberUri get rememberUri;
}

Constructors

factory Security(Authenticator authenticator, AccessControl accessControl, {Redirector redirector, RememberMe rememberMe, RememberUri rememberUri, Future onLogin(HttpConnect connect, user, bool rememberMe), Future onLogout(HttpConnect connect, user)}) #

Constructor.

  • redirector - provides the URIs that will be used in different situations. If omitted, an instance of Redirector is instantiated and used.

  • rememberMe - provides the plugin implementing rememeber-me. If omitted, no remember-me feature at all. Also notice that remember-me is enabled only if the s_remember_me parameter is specified with true when login receives a request.

  • rememberUri - provides the plugin implementing remember-uri. If omitted, an instance of RememberUri is instantiated and used.

  • onLogin and onLogout are used for registering a callback for handling initialization of login and cleanup of logout. It can return null if it completes immediately. Otherwise, return a Future instance to indicate when it completes.

factory Security(Authenticator authenticator, AccessControl accessControl, {
   Redirector redirector, RememberMe rememberMe, RememberUri rememberUri,
   Future onLogin(HttpConnect connect, user, bool rememberMe),
   Future onLogout(HttpConnect connect, user)})
=> new _Security(authenticator, accessControl,
   redirector != null ? redirector: new Redirector(),
			rememberMe,
   rememberUri != null ? rememberUri: new RememberUri(),
   onLogin, onLogout);

Properties

final AccessControl accessControl #

The access control.

AccessControl get accessControl;

final Authenticator authenticator #

The authenticator.

Authenticator get authenticator;

final RequestFilter filter #

The filter used to configure Stream server's filter mapping.

RequestFilter get filter;

final LoginHandler login #

The handler used to configure Stream server's URI mapping for handling the login.

LoginHandler get login;

final LogoutHandler logout #

The handler used to configure Stream server's URI mapping for handling the logout.

LogoutHandler get logout;

final Redirector redirector #

The redirector.

Redirector get redirector;

final RememberMe rememberMe #

The remember me.

RememberMe get rememberMe;

final RememberUri rememberUri #

The remember URI.

RememberUri get rememberUri;

Methods

abstract Future setLogin(HttpConnect connect, user, {bool rememberMe}) #

Notifies Rikulo Security that the given user logged in. It is useful if you allows the user to login automatically, such as remember-me mechanism and the sign-up mechanism.

For FORM or Ajax login, please use login instead.

  • rememberMe - whether remember-me is enabled or disabled. If omitted (null), remember-me won't be updated. It is meaningful only if the constructor is called with a RememberMe instance.

  • It returns a Future object (never null) to indicate when it completes.