lucee.Componentcontentbox.models.security.SecurityService
ContentBox - A Modular Content Platform Copyright since 2012 by Ortus Solutions, Corp www.ortussolutions.com/products/contentbox --- Our contentbox security service
Property Summary | ||||
---|---|---|---|---|
type | property | default | serializable | required |
any
|
authorService
|
true
|
false
|
|
any
|
bCrypt
|
true
|
false
|
|
any
|
cache
|
true
|
false
|
|
any
|
CBHelper
|
true
|
false
|
|
any
|
cookieStorage
|
true
|
false
|
|
any
|
log
|
true
|
false
|
|
any
|
mailService
|
true
|
false
|
|
any
|
renderer
|
true
|
false
|
|
any
|
sessionStorage
|
true
|
false
|
|
any
|
settingService
|
true
|
false
|
Constructor Summary | |
---|---|
init()
Constructor. |
Method Summary | |
---|---|
boolean
|
authenticate(any username, any password)
Verify if an author is valid. |
boolean
|
authorizeContent(any content, any password)
Check to authorize a user to view a content entry or page. |
string
|
decryptIt(any decValue)
ContentBox Decryption. |
string
|
encryptIt(any encValue)
ContentBox encryption. |
string
|
encryptString(any string)
Leverages bcrypt to encrypt a string. |
Author
|
getAuthorSession()
Get an author from session, or returns a new empty author entity. |
private string
|
getContentProtectedHash(any content)
Get password content protected salt. |
string
|
getEncryptionKey()
Verifies we have a salt in our installation. |
any
|
getKeepMeLoggedIn()
Get keep me logged in cookie. |
any
|
getRememberMe()
Get remember me cookie. |
boolean
|
isContentViewable(any content)
Checks Whether a content entry or page is protected and user has credentials for it. |
ISecurityService
|
logout()
Delete author session. |
struct
|
resetUserPassword(any token)
Resets a user's password if the passed in token is valid. |
ISecurityService
|
sendPasswordReminder(Author author)
Send password reminder email. |
ISecurityService
|
setAuthorSession(Author author)
Set a new author in session. |
ISecurityService
|
setRememberMe(any username, numeric days='0')
Set remember me cookie. |
ISecurityService
|
updateAuthorLoginTimestamp(any author)
Update an author's last login timestamp. |
boolean
|
userValidator(struct rule, [any controller])
User validator via security interceptor. |
Methods inherited from class lucee.Component |
---|
None |
Constructor Detail |
---|
Constructor
Property Detail |
---|
access
- publicrequired
- falsereturntype
- anyinject
- id:authorService@cbserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- BCrypt@BCryptserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- cachebox:defaultserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- id:CBHelper@cbserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- cookieStorage@cbStoragesserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- logbox:logger:{this}serializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- mailService@cbmailservicesserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- provider:ColdBoxRendererserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- sessionStorage@cbStoragesserializable
- trueaccess
- publicrequired
- falsereturntype
- anyinject
- id:settingService@cbserializable
- trueMethod Detail |
---|
Verify if an author is valid
authenticate
in interface
ISecurityService
username
- The username to validatepassword
- The password to validateCheck to authorize a user to view a content entry or page
authorizeContent
in interface
ISecurityService
content
- The content objectpassword
- The password to checkContentBox Decryption
decValue
- value to decryptContentBox encryption
encValue
- value to encryptLeverages bcrypt to encrypt a string
string
- The string to bcryptGet an author from session, or returns a new empty author entity
getAuthorSession
in interface
ISecurityService
Get password content protected salt
content
- The content objectVerifies we have a salt in our installation if not, it will generate a new cb_enc_key
Get keep me logged in cookie
Get remember me cookie
Checks Whether a content entry or page is protected and user has credentials for it
isContentViewable
in interface
ISecurityService
content
- The content object to checkDelete author session
logout
in interface
ISecurityService
Resets a user's password if the passed in token is valid
token
- Security tokenSend password reminder email
sendPasswordReminder
in interface
ISecurityService
author
- The author to send the reminder toSet a new author in session
setAuthorSession
in interface
ISecurityService
author
- The author to storeSet remember me cookie
username
- The username to storedays
- The days to storeUpdate an author's last login timestamp
author
- The author objectUser validator via security interceptor
userValidator
in interface
ISecurityService
rule
- The security rulecontroller
- The ColdBox controller calling the validation