API Docs for: 1.5.0
Show:

SessionAuthAgent Class

Creates an instance of SessionAuthAgent object

Auth agent handles low level implementation of authorization workflow. By providing a login and a password in the authInfo object, the auth agent will try to create a session:

var SessionAuthAgent({login: "admin", password: "publish"});

The session auth agent is also able to reuse an existing session, to do that it needs to receive an object with the session info:

var new SessionAuthAgent({
       name: "eZSESSID",
       identifier: "sessionidentifier",
       href: "/api/ezp/v2/users/session/sessionidentifier",
       csrfToken: "longCsrfToken",
   });

Constructor

SessionAuthAgent

(
  • authInfo
  • [storage=LocalStorage]
)

Parameters:

  • authInfo Object

    object literal containg the credentials (login and password) or the session info of an already existing one (name, identifier, href and csrfToken)

    • login String

      user login

    • password String

      user password

    • name String

      name of the session

    • identifier String

      identifier of the session

    • href String

      refresh resource URI for the session

    • csrfToken String

      CSRF Token

  • [storage=LocalStorage] StorageAbstraction optional

    storage to be used. By default a LocalStorage will be utilized

Methods

_resetStorage

() protected

Resets the storage associated with this auth agent

_storeSessionInfo

(
  • session
)
protected

Stores the session information in the storage

Parameters:

  • session Object

    an object describing the session

    • name String

      the name of the session

    • identifier String

      the identifier of the session

    • href String

      the resource uri to refresh the session

    • csrfToken String

      the CSRF Token associated with the session

authenticateRequest

(
  • request
  • done
)

Hook to allow the modification of any request, for authentication purposes, before sending it out to the backend

Parameters:

ensureAuthentication

(
  • done
)

Called every time a new request cycle is started, to ensure those requests are correctly authenticated.

A cycle may contain one or more queued up requests

Parameters:

  • done Function

    Callback function, which is to be called by the implementation to signal the authentication has been completed.

isLoggedIn

(
  • callback
)

Checks that the current user is still logged in. To be considered as logged in, the storage should have a session id and the refresh calls should be successful. If the storage does not contain any session info, the callback is called with true as its first argument, otherwise, the callback is called with the error and result from UserService.refreshSession.

Parameters:

  • callback Function

logIn

(
  • callback
)

Tries to log in in the REST API. If the storage already contains a session id, first it tries to log out before doing the log in.

Parameters:

  • callback Function

logOut

(
  • done
)

Log out. If the client did not logged in yet, the callback is called with false and true as arguments, otherwise the callback is called with the error and the result from userService.deleteSession.

Parameters:

  • done Function

setCAPI

(
  • CAPI
)

Set the instance of the CAPI to be used by the agent

Parameters:

  • CAPI CAPI

    current instance of the CAPI object

setCredentials

(
  • credentials
)

Set the credentials

Parameters:

  • credentials Object
    • login String
    • password String

Properties

_CAPI

CAPI protected

The CAPI instance. It is set by the call to setCAPI() done while instantiating the CAPI.

_login

String protected

The login

Default: ""

_password

String protected

The password

Default: ""

_storage

StorageAbstraction protected

The storage to use to store the session info.

Default: LocalStorage

String final static

Constant to be used as storage key for the sessionName

String final static

Constant to be used as storage key for the sessionId

String final static

Constant to be used as storage key for the sessionHref

String final static

Constant to be used as storage key for the csrfToken