The Ortus BlogBox

"Ortus: A rise, beginning, coming into being, born, the origin!"

 

 

Category Filtering: 'orm'

 

A New Template Approaches: Quick with Auth!

Eric Peterson
Aug 16, 2019

 

You know what's tedious? Authentication. Every project I start needs some sort of authentication system. And every project I start basically from scratch.

I noticed this pattern a while ago and created some libraries to help. You may have used them before.

cbauth is a library that handles creating user sessions for you app while giving enough customization to use different authentication methods and session storages.

auth.authenticate( username, password );
auth.isLoggedIn();
auth.getUser();
auth.logout();

While cbauth manages user sessions, it doesn't protect handlers or actions from being accessed by logged out or unauthorized users. cbguard was created for this purpose providing a way to restrict access to certain handlers and/or actions using annotations.

component secured {

    function index( event, rc, prc ) { /* ... */ }

    function create( event, rc, prc ) secured="create_posts" { /* ... */ }

}

Part of the reason for this customization is that there is not just one way to handle user persistance. Not only is there not just one way, there is not a default way. This can be considered a strength or a weakness of the community, but instead of debating that, I've decided to finally fill that gap using some hand picked libraries.

For data persistance I chose Quick, a ColdBox ORM engine. Unlike Hibernate, Quick is written in CFML and so can be contributed to and by any CFML developer. It also avoids the obscure Hibernate error messages that CF ORM is known for. For example, here's our User component:

component extends="quick.models.BaseEntity" {

    property name="bcrypt" inject="@BCrypt" persistent="false";

    property name="id";
    property name="email";
    property name="password";

    public User function setPassword( required string password ) {
        return assignAttribute(
            "password",
            bcrypt.hashPassword( arguments.password )
        );
    }

    public boolean function hasPermission( required string permission ) {
        return true;
    }

    public boolean function isValidCredentials(
        required string email,
        required string password
    ) {
        var user = newEntity().where( "email", arguments.email ).first();
        if ( ! user.isLoaded() ) {
            return false;
        }
        return bcrypt.checkPassword( arguments.password, user.getPassword() );
    }

    public User function retrieveUserByUsername( required string email ) {
        return newEntity()
            .where( "email", arguments.email )
            .firstOrFail();
    }

    public User function retrieveUserById( required numeric id ) {
        return newEntity().findOrFail( arguments.id );
    }

    public struct function getMemento() {
        return {
            "email": variables.getEmail()
        }
    }

}

This User entity is used both to represent a User in our system as well as handle intergrating with cbauth and cbguard. Properties are mapped to columns. The plural component name is used as the table name. A fluent syntax based off of qb is used to create, retrieve, update, and delete records. I think you'll find it a joy to work with.

There are plenty of other modules added and configured:

  • cbValidation is used to make sure all the data used is valid.
  • bCrypt is used to hash passwords in the database.
  • commandbox-dotenv and commandbox-cfconfig are installed to start up our servers with the correct settings.
  • A users table migration is provided and commandbox-migrations is installed to apply it.
  • Form submissions are automatically checked for a CSRF token with verify-csrf-interceptor.
  • Even niceties like redirectBack and a custom UniqueInDatabase validator are provided to completely show how I would start off an authentication system using ColdBox and Quick.
  • And last, but not least, code formatting is handled automatically using commandbox-cfformat.

The best part, this is just the starting point! Is this good enough for you? Get going on the rest of your app. Need some more information for your users? Add a migration, modify the form, and update the entity component. Have a different authentication system like LDAP or OAuth? Update your authenticationService with cbauth in your config/ColdBox.cfc file.

You can get started today using this new skeleton in your coldbox create app command:

coldbox create app skeleton=cbtemplate-quick-with-auth

Edit your .env file and server start!

I hope this gets you up and going faster than ever creating your awesome ColdBox applications!

ColdBox MVC, ORM, Quick, Sample Apps 0

The 12 Modules of (ForgeBox) Christmas — Day 6 — qb

Eric Peterson
Dec 19, 2017

 

In the CFML scene, there seems to be two names when it comes to data persistance plain ole' cfquery and ORM — not much inbetween. Our module highlight today is out to change that.

Meet qb.

12 Modules of (ForgeBox) Christmas, ForgeBox, Modules, ORM 0

See the code - How to hook into Hibernate ORM Events easily with CBORM and ColdBox

Gavin Pickin
Aug 15, 2017

 

In my last post, I talked about How to hook into Hibernate ORM Events easily with CBORM and ColdBox. I talked through the what, why, how, but didn't get to the code. So this post, is going to go through the code and give you a real example you could use today to extend ContentBox's core Author module with your own function.

ColdBox MVC, ContentBox CMS, Interceptors, ORM 0

How to hook into Hibernate ORM Events easily with CBORM and ColdBox

Gavin Pickin
Aug 14, 2017

 

I have been working for Ortus Solutions for over two years now, and still, every day I learn something new about one of our modules or tools. In one of my current customer projects, we are taking a ContentBox installation ( our Modular Content Management System built on top of ColdBox ), customizing it, extending it, and it's really fun. One of the big customizations for this projects is extending the permissions structure, outside of what we wanted to do in the ContentBox core.

ColdBox MVC, ContentBox CMS, ORM 0

ColdBox 4.0 ORM Services

Brad Wood
Feb 12, 2015

 

ColdBox's ORM services have always been a very compelling part of the framework for those using ORM in their applications.  The provide you with an automatic, extendable service layer for an ORM entity complete with common methods, pagination and really sweet syntactical sugar such as dynamic finders:

user = userService.findByLastName("Majano");
users = userService.findAllByLastLoginBetween( "01/01/2014", "01/01/2015" );
count = userService.countByLastLoginGreaterThan( "01/01/2013" );
ColdBox MVC, ORM, Tutorials 0

Coldbox CBDW2013 Online Training is Available!

Luis Majano
Oct 02, 2013

 

We are very excited to announce our second online course available for both ColdBox and ContenBox Modular CMS thanks to our annual conference CBDW2013: http://www.udemy.com/coldbox-platform-developer-week-2013/.  This course covers over 50 lectures and over 30 hours of video content.  This is definitely an ultimate training tool for you or your organization and it definitely helps us pay the bills :)

CacheBox, ColdBox MVC, Community, ContentBox CMS, Couchbase, Events, ForgeBox, Modules, News, ORM, Plugins, Presentations, TestBox, Training 0

DataBoss - Dynamic Administrator Has Landed

Luis Majano
Mar 26, 2013

 

We are so excited to welcome our new product in the Ortus Solutions lineup; DataBoss : Dynamic Administrator.  Here is a little brief overview about DataBoss and how it can help you as a developer and also as a company.  DataBoss is powered by ColdBox but completely usable as a standalone application in any framework or non-framework at that.  It can also integrate into any ColdBox 3.5 application as a ColdBox Module.  DataBoss is fully documented and production ready for Adobe ColdFusion 9, 10 and also Railo Open Source CFML Engine.  You can read much more about DataBoss in our product release blog.

What is DataBoss?

Ortus DataBoss is an application that will help you manage CFML Object Relational Mapper (ORM) objects without the need of writing administrative code for them; thus a Dynamic Administrator.  DataBoss will talk to the underlying ORM engine (Hibernate) and get all the necessary information to manage all the ORM entities and its relationships in that specific CFML application DataBoss has been deployed to.  You can watch our introductory video to get a quick overview of what DataBoss is and how it can benefit your development.

You can visit our product page to learn about its capabilities so you can purchase your copy today.  Below are some great resources so you can get started with DataBoss.

Resources

ColdBox MVC, DataBoss, News, ORM, Releases 0

ColdBox Connection On ColdBox ORM And ContentBox Contest Winners Announced

Brad Wood
Dec 17, 2012

 

Everyone, we have an exciting ColdBox Connection scheduled for tomorrow, the 18th.  First, we'll be announcing the winners of our ContentBox Christmas Contest.  We're super excited about the submissions we received.  They're all out on ForgeBox already waiting to be installed and played with. 

After that, we'll get on with the Coldbox Connection show which will be presented by Jeremey DeYoung and will talk about how ColdBox ORM has made his life easier.  This was a topic requested by the community and we're delivering.  Please show up and hang out.  The show will start at Noon CST and here is the URL:

http://experts.adobeconnect.com/coldbox-connection

ColdBox Connection, ColdBox MVC, Community, ContentBox CMS, ORM 0

ColdBox Connection Meeting Tuesday at Noon CST

Brad Wood
Nov 05, 2012

 

Please tune in tomorrow at Noon CST for the next installment of our ColdBox Connection meetings.  In this episode, we'll have guest speaker Joel Watson sharing about his just-released additions to ColdBox's ORM detached criteria queries and subqueries.  Here's the URL for the meeting room:

http://experts.adobeconnect.com/coldbox-connection

Also, don't forget about our special ColdBox Connection event on November 14th where we'll unveil ColdBox Lite!

 

ColdBox Connection, ColdBox MVC, News, ORM 0

Tip of the Week: Using Dynamic Finders with ORM

Brad Wood
Oct 10, 2012

 

 

Dynamic Finders are brand new to ColdBox 3.5.3 which will be released shortly.  I usually give tips on released functionality, but we're real excited about our new Grails-inspired functionality and invite you to check it out on our development line to give them a spin.
 
Dynamic Finders basically let you create very readable code with dynamic method names that describe the criteria being used to to load or count ORM entities.  The best part is, you don't have to write any of the code-- just call the dynamic method and ColdBox does the rest!
 
Any ColdFusion ORM entity that extends our ActiveEntity component as well as any base or virtual entity service will all support these dynamic finder methods.  Each method must start with "findBy", "findAllBy", or "countBy" and can contain any number of properties and conditionals.
 
Here's some examples:
user = entityNew("User").findByLastName("Majano");
users = entityNew("User").findAllByLastNameLike("Ma%");

property name="userService" inject="entityservice:userService";
users = userService.findAllByLastLoginBetween( "01/01/2010", "01/01/2012" );
users = userService.findAllByLastLoginGreaterThan( "01/01/2010" );
count = userService.countByLastLoginGreaterThanAndLastNameLike( "01/01/2010", "jo%");
 
Super easy, right?  Download the bleeding edge now to play with them!  (https://github.com/ColdBox/coldbox-platform/zipball/development)
 
Here's a quick demo from today's ColdBox Connection meeting: http://experts.adobeconnect.com/p6byoxrm7aa/
 
P.S. You can still have control over things such as your query's maxResults and offset by passing a struct of settings in as the last parameter to your dynamic method.
 

 

ColdBox MVC, ORM, Tutorials 0