Auth module provides authentication and authorization for your application, including user management, group management, user registration, login, and related functions. It is installed automatically when the project is created.
Default Admin User Login & Password are as follows:
- Login: [email protected]
- Password: appmaster
Module settings can be configured the following way:
- SignUp Groups: defines the list of groups where the user can register;
- SignUp: allows users to sign up and get accounts in the application;
- Session timeout (minutes): defines the time after which the current user session will end if the user is idle; default 60 min;
- Failed login delay (in ms): defines the delay time for responses after failed login attempts; default 0ms;
- Email confirmation required: defines if the user has to confirm registration via email;
- Signed-Up User Active: set active=true for each newly-created User object if enabled;
- Groups tab allows to create and configure a list of user groups;
User and User Session models are created automatically once the Auth module is installed. You can find them in the Data Design tab. It is not possible to configure the default attributes of these models, but it is possible to add new ones.
User, User Session and Auth Module related BPs
Pre-installed business processes related to User and User Session models are as follows:
User Model
- DB: Delete User: deletes User object from the database based on its ID;
- DB: Update User: resets all the fields of a given model object in the database and updates them with given values (DB: Patch User has to be used to change the provided fields only and retain others as they are);
- DB: Create User: creates a record in the database and returns the User model object (it requires to use Make User block to create User model object according to input fields);
- DB: Soft Delete User: updates DeletedAt field of the selected User model object instead of removing the whole record as DB: Delete User does;
- DB: Bulk Delete User: bulk deletes the set of User model object records with the given IDs (ids array); failed_ids – an array of user IDs that will not be deleted;
- DB: Patch User: updates selected fields of the User model object in the database (DB: Update User has to be used to reset all the fields);
- DB: Search User: finds one or several User model objects in the database based on their fields and returns them;
- DB: GetOne User: finds the User model object based on its ID and returns it;
- Expand User: returns all the fields of the selected User model object;
- Make User: makes the User model object based on input fields (it is required to use DB: Create User in order to make the record in the database);
User Session
- DB: Delete User Session: deletes User Session object from the database based on its ID;
- DB: Update User Session: resets all the fields of a given model object in the database, and updates them with given values (DB: Patch User Session has to be used to change the provided fields only);
- DB: Create User Session: creates a record in the database and returns the User Session model object (it requires to use Make User Session block to create User model object according to input fields);
- DB: Soft Delete User Session: updates DeletedAt field of the selected User Session model object;
- DB: Bulk Delete User Session: bulk deletes the set of User Session model object records with the given IDs (ids array); failed_ids array defines the set of IDs which will be ignored from deletion process;
- DB: Patch User Session: updates selected fields of the User Session model object in the database (DB: Update User Session has to be used to reset all the fields);
- DB: Search User Session: finds one or several User Session model objects in the database based on their fields and returns them;
- DB: GetOne User Session: finds the User Session model object based on its ID and returns it;
- Expand User Session: returns all the fields of the selected User Session model object;
- Make User Session: makes the User Session model object based on input fields (it is required to use DB: Create User Session in order to make the record in the database);
Auth Module
- Auth: Generate Auth Token: generates an authorization token (Auth Token) of the given length;
- Auth: Registration: registers a new user;
- Auth: Authorization: checks if a given Auth Token exists and returns the user associated with it;
- Auth: Authentification: checks user’s login and password and returns Auth Token;
- Auth: Logout: terminates the current user’s session based on the Auth Token;
- Auth: Get current user: returns current User model object;
- Auth: Remove user from group: removes a user from the selected group based on its ID;
- Auth: Add user to group: adds a user to the selected group based on its ID;
- Auth: Hash Password: converts password string into hash;
- Auth: Restore Password: restores the password based on user’s login;
- Auth: Change Password: changes user’s password;
- Auth: Probe Password: checks the association between password and hash;
Auth Module, User and User Session endpoints
Pre-installed Endpoints of the Auth Module and User and User Session models are generated automatically once the project is created.
Auth Module
Request type | Endpoint | Associated business process |
/logout/ | Auth: Logout | |
/auth/ | Auth: Authentification | |
/register/ | Auth: Registration | |
/confirm/ | Auth: Get Current User | |
/user/change-password/ | Auth: Change Password | |
/user/restore-password/ | Auth: Restore Password | |
/user/profile/ | Auth: Get Current User |
User
Request type | Endpoint | Associated business process |
/user/:id/ | DB: Update User | |
/user/:id/ | DB: Delete User | |
/user/:id/ | DB: GetOne User | |
/user/ | DB: Search User | |
/user/:id/ | DB: Patch User | |
/user/ | DB: Create User |
User Session
Request type | Endpoint | Associated business process |
/user-session/:id/ | DB: Delete User Session | |
/user-session/:id/ | DB: GetOne User Session | |
/user-session/ | DB: Search User Session | |
/user-session/:id/ | DB: Patch User Session | |
/user-session/ | DB: Create User Session | |
/user-session/:id/ | DB: Update User Session |
Auth Token
Auth Token is being used as an authorized user’s session token. It is possible to interact with the Auth Token, in the web-application business processes:
- Get Auth Token returns current user’s session Auth Token;
- Set Auth Token rewrites current user’s session Auth Token;
- Remove Auth Token removes current user’s session Auth Token;
How to get current user
1. Go to the Business logic tab and drag the Auth: Get current user block.
2. Go to the Endpoints tab and expand the User section. Then, create a GET type method for the business process created in step 1. The endpoint URL would be /user_current.
3. Go to the Web Apps tab and create a new business process with Server request GET /user_current to get the current user from the web application business process.