Class: UserHandling

Contractual.UserHandling()

The user handling operations deal with registration, login, logout and some supporting pathways.

The main method of this class is user_sessions_processing which takes a user_op parameter, a string, which can be one of 'register', 'login', or 'logout'. 'forgot' has been available in the past for forgotten passwords, but other processes can handle the operation. Also, with a greated emphasis on using DIDs, passwords will not be stored in the better supported applications derived by extending the classes in lib.

All the methods take a requests for managing a user session and decide how the request should be handled based on calls to the application session manager. The operations 'register' and 'login' will require secondary actions. The operation 'logout' can be done in response to a single request.

Constructor

new UserHandling()

Source:

Methods

(async) foreign_authorizer(body, token) → {Array}

(Deprecated)

The purpose of this method is to provide a secondary action for login's that are started by other serivces. For instance, Big Company X may provide a login that we should trust. Foreign login was tested for this stack. But, more resources are being put into distirbuted identities.

Parameters:
Name Type Description
body object
token string
Source:
Returns:
  • a tupple really, that has: 1) the status code, 2) the JSON response, 3) possibly data or boolean (false for not in use)
Type
Array

manage_foreign_auth_session(transitionObj, foreign)

(Deprecated)

The purpose of this method is to provide a primary action for login's that are started by other serivces. For instance, Big Company X may provide a login that we should trust. Foreign login was tested for this stack. But, more resources are being put into distirbuted identities.

This method is reached by a pathway within user_sessions_processing

Parameters:
Name Type Description
transitionObj object
foreign string
Source:

(async) secondary_processing(action, body) → {Array}

For a few types of user operations, a seconday action will be required.

The method user_sessions_processing must have set up match data and stored it in cache within the transition object mapped by the token riding wih the body.

One simple check that is done before all others is that the cached transition object should have the same action value as the action parameter. If it does the operation continues. Next, this method suffixes transition object's action field with '-secondary' telling the ensuing operations of the session manager that the operation is secondary.

The match method is called next. In some application this may be a simple equivalence check on the password field against a field in a stored user record. In other applications, it may be a cryptographic signature verification using data fromm the cached transition, data that was not sent to the requesting client.

If the match passes, then the reserved session key will be taken out of the session token stash. Given that the session token can be retrieved, it will be used to initialize a user session by being passed to the session manager's method initialize_session_state. initialize_session_state may be useful enough in applications that will not have to be overridden. But, the application's session manager may update it with an override. The application will most likley override match.

Parameters:
Name Type Description
action string

one of 'register' or 'login'
body object
Source:
Returns:
  • a tupple really, that has: 1) the status code, 2) the JSON response, 3) possibly data or boolean (false for not in use)
Type
Array

(async) sitewide_logout(body)

This method calls upon the 'logout' pathway handled by the session manager's process_user.

Parameters:
Name Type Description
body object

similar to the body from HTTP requests, but delivered by a web socket...(rides on top of HTTP)
Source:

(async) user_sessions_processing(user_op, body) → {Array}

This method does much of its work by calling out to the session managers method process_user. For login and registration, most session initiation implementations could be expected to use a secondary action.

There is a call to the validator. For a number of applications, the validator checks on password consistency, the syntactic structure of entries, etc. In some applications, the use of the validator is moot and it returns true by default.

In the case where one no secondary action will be user, the method process_user will perform the entire operation, such as logging out a user.

Otherwise, a response is sent to the requesting client immediately. And, the response will contain the data necessary to let the client set up a match in the secondary action. An example would be the data and public key necessary for a cryptographic signature.

Parameters:
Name Type Description
user_op string

one of 'login', 'logout', 'register'
body object
Source:
Returns:
  • a tupple really, that has: 1) the status code, 2) the JSON response, 3) possibly data or boolean (false for not in use)
Type
Array