lucee.Componentcontentbox.models.security.SecurityService
ContentBox - A Modular Content Platform Copyright since 2012 by Ortus Solutions, Corp www.ortussolutions.com/products/contentbox --- Our contentbox security service must match our interface: ISecurityService
Property Summary | ||||
---|---|---|---|---|
type | property | default | serializable | required |
any
|
CBHelper
|
true
|
false
|
|
any
|
authorService
|
true
|
false
|
|
any
|
bCrypt
|
true
|
false
|
|
any
|
cache
|
true
|
false
|
|
any
|
cacheStorage
|
true
|
false
|
|
any
|
cbCSRF
|
true
|
false
|
|
any
|
cookieStorage
|
true
|
false
|
|
any
|
encryptionKey
|
true
|
false
|
|
any
|
log
|
true
|
false
|
|
any
|
mailService
|
true
|
false
|
|
any
|
renderer
|
true
|
false
|
|
any
|
requestStorage
|
true
|
false
|
|
any
|
settingService
|
true
|
false
|
|
any
|
siteService
|
true
|
false
|
Constructor Summary | |
---|---|
init()
Constructor. |
Method Summary | |
---|---|
Author
|
authenticate(any username, any password, [boolean logThemIn='false'])
Authenticate an author via ContentBox credentials. |
boolean
|
authorizeContent(any content, any password)
Check to authorize a user to view a content entry or page. |
string
|
decryptIt(any decValue)
ContentBox Decryption. |
string
|
encryptIt(any encValue)
ContentBox encryption. |
string
|
encryptString(any string)
Leverages bcrypt to do a one way encrypt of a string using our salts. |
string
|
generateResetToken(Author author)
This function will store a reset token in hash for the user to pickup on password resets. |
Author
|
getAuthorSession()
Tries to get the currently logged in user by using our lookup algorithm:. |
private string
|
getContentProtectedHash(any content)
Get password content protected salt. |
string
|
getEncryptionKey()
Verifies we have a salt in our installation. |
any
|
getKeepMeLoggedIn()
Get keep me logged in cookie. |
any
|
getRealIP()
Get Real IP, by looking at clustered, proxy headers and locally. |
any
|
getRememberMe()
Get remember me cookie. |
any
|
getUser()
Alias to getAuthorSession() created to satisfy JWT Services. |
boolean
|
isContentViewable(any content)
Checks Whether a content entry or page is protected and user has credentials for it. |
boolean
|
isLoggedIn()
Verifies if a user is logged in or not. |
Author
|
login(any author)
Logs an authenticated author into the system. |
SecurityService
|
logout()
Delete an author session wether web or api based: Required for JWT services. |
struct
|
resetUserPassword(any token, Author author, any password)
Resets a user's password. |
struct
|
sendPasswordReminder(Author author, [boolean adminIssued='false'], [Author issuer])
Send password reminder email, this verifies that the email is valid and they must click on the token. |
SecurityService
|
setRememberMe(any username, numeric days='0')
Set remember me cookie. |
Author
|
updateAuthorLoginTimestamp(any author)
Update an author's last login timestamp. |
struct
|
validateResetToken(any token)
This function validates an incoming pw reset token to figure out their user. |
Methods inherited from class lucee.Component |
---|
None |
Constructor Detail |
---|
Constructor
Property Detail |
---|
access
- publicrequired
- falsereturntype
- anyinject
- CBHelper@contentboxserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- authorService@contentboxserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- BCrypt@BCryptserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- cachebox:templateserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- cacheStorage@cbStoragesserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- @cbcsrfserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- cookieStorage@cbStoragesserializable
- trueaccess
- publicrequired
- falsereturntype
- anyserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- logbox:logger:{this}serializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- mailService@cbmailservicesserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- coldbox:rendererserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- RequestStorage@cbstoragesserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- settingService@contentboxserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- siteService@contentboxserializable
- trueMethod Detail |
---|
Authenticate an author via ContentBox credentials. If the user is not valid an InvalidCredentials is thrown. Required for JWT services The usage of the LogThemIn boolean flag is essential for two-factor authentication, where a user is authenticated but not yet validated by a two-factor mechanism. Thus, the default is to ONLY authenticate but not log them in yet. For our RESTFul API, we can do an authenticate and login at the same time.
username
- The username to validatepassword
- The password to validatelogThemIn
- If true, we will log them in automatically, else it will be the caller's job to do so via the `login()` method.Check to authorize a user to view a content entry or page
content
- The content objectpassword
- The password to checkContentBox Decryption
decValue
- value to decryptContentBox encryption
encValue
- value to encryptLeverages bcrypt to do a one way encrypt of a string using our salts
string
- The string to bcryptThis function will store a reset token in hash for the user to pickup on password resets
author
- The author to create the reset token for.Tries to get the currently logged in user by using our lookup algorithm: - Look in request storage - Look in cache - Look in remember me cookie - Tough look, you are an invalid user, return an unauthenticated user
Get password content protected salt
content
- The content objectVerifies we have a salt in our installation if not, it will generate a new cb_enc_key
Get keep me logged in cookie
Get Real IP, by looking at clustered, proxy headers and locally.
Get remember me cookie
Alias to getAuthorSession() created to satisfy JWT Services
Checks Whether a content entry or page is protected and user has credentials for it
content
- The content object to checkVerifies if a user is logged in or not. Required for JWT Services
Logs an authenticated author into the system. Required for JWT services
author
- The author to log inDelete an author session wether web or api based: Required for JWT services
Resets a user's password.
token
- Security tokenauthor
- The author you are reseting the password forpassword
- The password you have chosenSend password reminder email, this verifies that the email is valid and they must click on the token link in order to reset their password.
author
- The author to send the reminder toadminIssued
- Was this reset issued by a user or an adminissuer
- The admin that issued the resetSet remember me cookie
username
- The username to storedays
- The days to storeUpdate an author's last login timestamp
author
- The author objectThis function validates an incoming pw reset token to figure out their user. The token is not removed just yet. It will be removed once the password has been reset.
token
- The security token