@hitchy/plugin-auth 0.3.7 → 0.3.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (118) hide show
  1. package/.editorconfig +9 -0
  2. package/api/model/authorization/rule.js +1 -1
  3. package/api/model/role.js +1 -1
  4. package/api/model/user.js +1 -1
  5. package/api/policy/authentication.js +44 -13
  6. package/api/policy/user.js +1 -1
  7. package/api/service/auth/manager.js +2 -2
  8. package/api/service/authentication/passport.js +3 -3
  9. package/api/service/authentication/strategies.js +4 -4
  10. package/api/service/authorization/node.js +25 -17
  11. package/api/service/authorization/tree.js +10 -8
  12. package/api/service/session.js +150 -0
  13. package/index.js +2 -2
  14. package/package.json +12 -12
  15. package/public/404.html +21 -0
  16. package/public/api/config.html +100 -0
  17. package/public/api/controller/index.html +24 -0
  18. package/public/api/controller/user.html +29 -0
  19. package/public/api/index.html +24 -0
  20. package/public/api/model/authorization-rule.html +24 -0
  21. package/public/api/model/index.html +24 -0
  22. package/public/api/model/role.html +24 -0
  23. package/public/api/model/user-to-role.html +24 -0
  24. package/public/api/model/user.html +24 -0
  25. package/public/api/policy/authentication.html +28 -0
  26. package/public/api/policy/authorization.html +31 -0
  27. package/public/api/policy/index.html +24 -0
  28. package/public/api/policy/user.html +24 -0
  29. package/public/api/routing.html +40 -0
  30. package/public/api/service/auth-manager.html +24 -0
  31. package/public/api/service/authentication-passport.html +24 -0
  32. package/public/api/service/authentication-strategies.html +24 -0
  33. package/public/api/service/authorization-node.html +24 -0
  34. package/public/api/service/authorization-policy-generator.html +42 -0
  35. package/public/api/service/authorization-tree.html +24 -0
  36. package/public/api/service/index.html +24 -0
  37. package/public/assets/api_config.md.BiPnBhyk.js +77 -0
  38. package/public/assets/api_config.md.BiPnBhyk.lean.js +1 -0
  39. package/public/assets/api_controller_index.md.mhiyhr_C.js +1 -0
  40. package/public/assets/api_controller_index.md.mhiyhr_C.lean.js +1 -0
  41. package/public/assets/api_controller_user.md.BiFYPTow.js +6 -0
  42. package/public/assets/api_controller_user.md.BiFYPTow.lean.js +1 -0
  43. package/public/assets/api_index.md.j6eBaebO.js +1 -0
  44. package/public/assets/api_index.md.j6eBaebO.lean.js +1 -0
  45. package/public/assets/api_model_authorization-rule.md.CFNqudsp.js +1 -0
  46. package/public/assets/api_model_authorization-rule.md.CFNqudsp.lean.js +1 -0
  47. package/public/assets/api_model_index.md.Dw3UH73J.js +1 -0
  48. package/public/assets/api_model_index.md.Dw3UH73J.lean.js +1 -0
  49. package/public/assets/api_model_role.md.DFCGXTBA.js +1 -0
  50. package/public/assets/api_model_role.md.DFCGXTBA.lean.js +1 -0
  51. package/public/assets/api_model_user-to-role.md.QNC96rs-.js +1 -0
  52. package/public/assets/api_model_user-to-role.md.QNC96rs-.lean.js +1 -0
  53. package/public/assets/api_model_user.md.C2GSzwZj.js +1 -0
  54. package/public/assets/api_model_user.md.C2GSzwZj.lean.js +1 -0
  55. package/public/assets/api_policy_authentication.md.Ccj8Rneb.js +5 -0
  56. package/public/assets/api_policy_authentication.md.Ccj8Rneb.lean.js +1 -0
  57. package/public/assets/api_policy_authorization.md.CP3y7VOT.js +8 -0
  58. package/public/assets/api_policy_authorization.md.CP3y7VOT.lean.js +1 -0
  59. package/public/assets/api_policy_index.md.CmaeRtru.js +1 -0
  60. package/public/assets/api_policy_index.md.CmaeRtru.lean.js +1 -0
  61. package/public/assets/api_policy_user.md.ePU_LHGT.js +1 -0
  62. package/public/assets/api_policy_user.md.ePU_LHGT.lean.js +1 -0
  63. package/public/assets/api_routing.md.BP98xeNw.js +17 -0
  64. package/public/assets/api_routing.md.BP98xeNw.lean.js +1 -0
  65. package/public/assets/api_service_auth-manager.md.CcpV6slZ.js +1 -0
  66. package/public/assets/api_service_auth-manager.md.CcpV6slZ.lean.js +1 -0
  67. package/public/assets/api_service_authentication-passport.md.DvhoW1TR.js +1 -0
  68. package/public/assets/api_service_authentication-passport.md.DvhoW1TR.lean.js +1 -0
  69. package/public/assets/api_service_authentication-strategies.md.DjDT2F9g.js +1 -0
  70. package/public/assets/api_service_authentication-strategies.md.DjDT2F9g.lean.js +1 -0
  71. package/public/assets/api_service_authorization-node.md.DAN4WdDZ.js +1 -0
  72. package/public/assets/api_service_authorization-node.md.DAN4WdDZ.lean.js +1 -0
  73. package/public/assets/api_service_authorization-policy-generator.md.IaQjgxfZ.js +19 -0
  74. package/public/assets/api_service_authorization-policy-generator.md.IaQjgxfZ.lean.js +1 -0
  75. package/public/assets/api_service_authorization-tree.md.I7ff4vao.js +1 -0
  76. package/public/assets/api_service_authorization-tree.md.I7ff4vao.lean.js +1 -0
  77. package/public/assets/api_service_index.md.Bfk1E4Zn.js +1 -0
  78. package/public/assets/api_service_index.md.Bfk1E4Zn.lean.js +1 -0
  79. package/public/assets/app.Bnek3cfe.js +1 -0
  80. package/public/assets/chunks/framework.BaHG-QLs.js +17 -0
  81. package/public/assets/chunks/idp-login.B596H5Zv.js +1 -0
  82. package/public/assets/chunks/theme.BUrgq2uM.js +1 -0
  83. package/public/assets/guides_getting-started.md.BMwF59kE.js +5 -0
  84. package/public/assets/guides_getting-started.md.BMwF59kE.lean.js +1 -0
  85. package/public/assets/guides_index.md.CUqoqPFW.js +1 -0
  86. package/public/assets/guides_index.md.CUqoqPFW.lean.js +1 -0
  87. package/public/assets/guides_openid-connect.md.CWezg52j.js +49 -0
  88. package/public/assets/guides_openid-connect.md.CWezg52j.lean.js +1 -0
  89. package/public/assets/guides_saml.md.BBlq_CTl.js +44 -0
  90. package/public/assets/guides_saml.md.BBlq_CTl.lean.js +1 -0
  91. package/public/assets/idp-login.B4Dj1tzS.png +0 -0
  92. package/public/assets/idp-saml-cert.Dyrxdyfk.png +0 -0
  93. package/public/assets/index.md.B8uyAhM4.js +1 -0
  94. package/public/assets/index.md.B8uyAhM4.lean.js +1 -0
  95. package/public/assets/inter-italic-cyrillic-ext.r48I6akx.woff2 +0 -0
  96. package/public/assets/inter-italic-cyrillic.By2_1cv3.woff2 +0 -0
  97. package/public/assets/inter-italic-greek-ext.1u6EdAuj.woff2 +0 -0
  98. package/public/assets/inter-italic-greek.DJ8dCoTZ.woff2 +0 -0
  99. package/public/assets/inter-italic-latin-ext.CN1xVJS-.woff2 +0 -0
  100. package/public/assets/inter-italic-latin.C2AdPX0b.woff2 +0 -0
  101. package/public/assets/inter-italic-vietnamese.BSbpV94h.woff2 +0 -0
  102. package/public/assets/inter-roman-cyrillic-ext.BBPuwvHQ.woff2 +0 -0
  103. package/public/assets/inter-roman-cyrillic.C5lxZ8CY.woff2 +0 -0
  104. package/public/assets/inter-roman-greek-ext.CqjqNYQ-.woff2 +0 -0
  105. package/public/assets/inter-roman-greek.BBVDIX6e.woff2 +0 -0
  106. package/public/assets/inter-roman-latin-ext.4ZJIpNVo.woff2 +0 -0
  107. package/public/assets/inter-roman-latin.Di8DUHzh.woff2 +0 -0
  108. package/public/assets/inter-roman-vietnamese.BjW4sHH5.woff2 +0 -0
  109. package/public/assets/introduction.md.DjcXFFe8.js +9 -0
  110. package/public/assets/introduction.md.DjcXFFe8.lean.js +1 -0
  111. package/public/assets/style.C4vbPc5Z.css +1 -0
  112. package/public/guides/getting-started.html +28 -0
  113. package/public/guides/index.html +24 -0
  114. package/public/guides/openid-connect.html +73 -0
  115. package/public/guides/saml.html +68 -0
  116. package/public/hashmap.json +1 -0
  117. package/public/index.html +24 -0
  118. package/public/introduction.html +32 -0
package/public/api/service/authorization-tree.html ADDED
@@ -0,0 +1,24 @@
1
+ <!DOCTYPE html>
2
+ <html lang="en-US" dir="ltr">
3
+ <head>
4
+ <meta charset="utf-8">
5
+ <meta name="viewport" content="width=device-width,initial-scale=1">
6
+ <title>AuthorizationTree | Hitchy Auth Manual</title>
7
+ <meta name="description" content="A VitePress site">
8
+ <meta name="generator" content="VitePress v1.3.1">
9
+ <link rel="preload stylesheet" href="/assets/style.C4vbPc5Z.css" as="style">
10
+
11
+ <script type="module" src="/assets/app.Bnek3cfe.js"></script>
12
+ <link rel="preload" href="/assets/inter-roman-latin.Di8DUHzh.woff2" as="font" type="font/woff2" crossorigin="">
13
+ <link rel="modulepreload" href="/assets/chunks/framework.BaHG-QLs.js">
14
+ <link rel="modulepreload" href="/assets/chunks/theme.BUrgq2uM.js">
15
+ <link rel="modulepreload" href="/assets/api_service_authorization-tree.md.I7ff4vao.lean.js">
16
+ <script id="check-dark-mode">(()=>{const e=localStorage.getItem("vitepress-theme-appearance")||"auto",a=window.matchMedia("(prefers-color-scheme: dark)").matches;(!e||e==="auto"?a:e==="dark")&&document.documentElement.classList.add("dark")})();</script>
17
+ <script id="check-mac-os">document.documentElement.classList.toggle("mac",/Mac|iPhone|iPod|iPad/i.test(navigator.platform));</script>
18
+ </head>
19
+ <body>
20
+ <div id="app"><div class="Layout" data-v-5d98c3a5><!--[--><!--]--><!--[--><span tabindex="-1" data-v-0f60ec36></span><a href="#VPContent" class="VPSkipLink visually-hidden" data-v-0f60ec36> Skip to content </a><!--]--><!----><header class="VPNav" data-v-5d98c3a5 data-v-ae24b3ad><div class="VPNavBar top" data-v-ae24b3ad data-v-6aa21345><div class="wrapper" data-v-6aa21345><div class="container" data-v-6aa21345><div class="title" data-v-6aa21345><div class="VPNavBarTitle" data-v-6aa21345 data-v-ab179fa1><a class="title" href="/" data-v-ab179fa1><!--[--><!--]--><!----><span data-v-ab179fa1>Hitchy Auth Manual</span><!--[--><!--]--></a></div></div><div class="content" data-v-6aa21345><div class="content-body" data-v-6aa21345><!--[--><!--]--><div class="VPNavBarSearch search" data-v-6aa21345><!----></div><nav aria-labelledby="main-nav-aria-label" class="VPNavBarMenu menu" data-v-6aa21345 data-v-dc692963><span id="main-nav-aria-label" class="visually-hidden" data-v-dc692963> Main Navigation </span><!--[--><!--[--><a class="VPLink link VPNavBarMenuLink" href="/" tabindex="0" data-v-dc692963 data-v-9c663999><!--[--><span data-v-9c663999>Home</span><!--]--></a><!--]--><!--[--><a class="VPLink link VPNavBarMenuLink" href="/guides/" tabindex="0" data-v-dc692963 data-v-9c663999><!--[--><span data-v-9c663999>Guides</span><!--]--></a><!--]--><!--[--><a class="VPLink link VPNavBarMenuLink" href="/api/" tabindex="0" data-v-dc692963 data-v-9c663999><!--[--><span data-v-9c663999>API</span><!--]--></a><!--]--><!--[--><div class="VPFlyout VPNavBarMenuGroup" data-v-dc692963 data-v-b6c34ac9><button type="button" class="button" aria-haspopup="true" aria-expanded="false" data-v-b6c34ac9><span class="text" data-v-b6c34ac9><!----><span data-v-b6c34ac9>Hitchy</span><span class="vpi-chevron-down text-icon" data-v-b6c34ac9></span></span></button><div class="menu" data-v-b6c34ac9><div class="VPMenu" data-v-b6c34ac9 data-v-b98bc113><div class="items" data-v-b98bc113><!--[--><!--[--><div class="VPMenuLink" data-v-b98bc113 data-v-43f1e123><a class="VPLink link vp-external-link-icon" href="https://core.hitchy.org/" target="_blank" rel="noreferrer" data-v-43f1e123><!--[-->Core<!--]--></a></div><!--]--><!--[--><div class="VPMenuGroup" data-v-b98bc113 data-v-69e747b5><p class="title" data-v-69e747b5>Plugins</p><!--[--><!--[--><div class="VPMenuLink" data-v-69e747b5 data-v-43f1e123><a class="VPLink link vp-external-link-icon" href="https://odem.hitchy.org/" target="_blank" rel="noreferrer" data-v-43f1e123><!--[-->Odem<!--]--></a></div><!--]--><!--[--><div class="VPMenuLink" data-v-69e747b5 data-v-43f1e123><a class="VPLink link" href="/" data-v-43f1e123><!--[-->Auth<!--]--></a></div><!--]--><!--]--></div><!--]--><!--[--><div class="VPMenuGroup" data-v-b98bc113 data-v-69e747b5><p class="title" data-v-69e747b5>Tools</p><!--[--><!--[--><div class="VPMenuLink" data-v-69e747b5 data-v-43f1e123><a class="VPLink link vp-external-link-icon" href="https://sdt.hitchy.org/" target="_blank" rel="noreferrer" data-v-43f1e123><!--[-->SDT<!--]--></a></div><!--]--><!--]--></div><!--]--><!--]--></div><!--[--><!--]--></div></div></div><!--]--><!--]--></nav><!----><div class="VPNavBarAppearance appearance" data-v-6aa21345 data-v-6c893767><button class="VPSwitch VPSwitchAppearance" type="button" role="switch" title="Switch to dark theme" aria-checked="false" data-v-6c893767 data-v-5337faa4 data-v-1d5665e3><span class="check" data-v-1d5665e3><span class="icon" data-v-1d5665e3><!--[--><span class="vpi-sun sun" data-v-5337faa4></span><span class="vpi-moon moon" data-v-5337faa4></span><!--]--></span></span></button></div><div class="VPSocialLinks VPNavBarSocialLinks social-links" data-v-6aa21345 data-v-0394ad82 data-v-7bc22406><!--[--><a class="VPSocialLink no-icon" href="https://gitlab.com/hitchy/plugin-auth" aria-label="Link to code repository" target="_blank" rel="noopener" data-v-7bc22406 data-v-eee4e7cb><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--!Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free Copyright 2024 Fonticons, Inc.--><path d="M503.5 204.6L502.8 202.8L433.1 21C431.7 17.5 429.2 14.4 425.9 12.4C423.5 10.8 420.8 9.9 417.9 9.6C415 9.3 412.2 9.7 409.5 10.7C406.8 11.7 404.4 13.3 402.4 15.5C400.5 17.6 399.1 20.1 398.3 22.9L351.3 166.9H160.8L113.7 22.9C112.9 20.1 111.5 17.6 109.6 15.5C107.6 13.4 105.2 11.7 102.5 10.7C99.9 9.7 97 9.3 94.1 9.6C91.3 9.9 88.5 10.8 86.1 12.4C82.8 14.4 80.3 17.5 78.9 21L9.3 202.8L8.5 204.6C-1.5 230.8-2.7 259.6 5 286.6C12.8 313.5 29.1 337.3 51.5 354.2L51.7 354.4L52.3 354.8L158.3 434.3L210.9 474L242.9 498.2C246.6 500.1 251.2 502.5 255.9 502.5C260.6 502.5 265.2 500.1 268.9 498.2L300.9 474L353.5 434.3L460.2 354.4L460.5 354.1C482.9 337.2 499.2 313.5 506.1 286.6C514.7 259.6 513.5 230.8 503.5 204.6z"/></svg></a><!--]--></div><div class="VPFlyout VPNavBarExtra extra" data-v-6aa21345 data-v-bb2aa2f0 data-v-b6c34ac9><button type="button" class="button" aria-haspopup="true" aria-expanded="false" aria-label="extra navigation" data-v-b6c34ac9><span class="vpi-more-horizontal icon" data-v-b6c34ac9></span></button><div class="menu" data-v-b6c34ac9><div class="VPMenu" data-v-b6c34ac9 data-v-b98bc113><!----><!--[--><!--[--><!----><div class="group" data-v-bb2aa2f0><div class="item appearance" data-v-bb2aa2f0><p class="label" data-v-bb2aa2f0>Appearance</p><div class="appearance-action" data-v-bb2aa2f0><button class="VPSwitch VPSwitchAppearance" type="button" role="switch" title="Switch to dark theme" aria-checked="false" data-v-bb2aa2f0 data-v-5337faa4 data-v-1d5665e3><span class="check" data-v-1d5665e3><span class="icon" data-v-1d5665e3><!--[--><span class="vpi-sun sun" data-v-5337faa4></span><span class="vpi-moon moon" data-v-5337faa4></span><!--]--></span></span></button></div></div></div><div class="group" data-v-bb2aa2f0><div class="item social-links" data-v-bb2aa2f0><div class="VPSocialLinks social-links-list" data-v-bb2aa2f0 data-v-7bc22406><!--[--><a class="VPSocialLink no-icon" href="https://gitlab.com/hitchy/plugin-auth" aria-label="Link to code repository" target="_blank" rel="noopener" data-v-7bc22406 data-v-eee4e7cb><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--!Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free Copyright 2024 Fonticons, Inc.--><path d="M503.5 204.6L502.8 202.8L433.1 21C431.7 17.5 429.2 14.4 425.9 12.4C423.5 10.8 420.8 9.9 417.9 9.6C415 9.3 412.2 9.7 409.5 10.7C406.8 11.7 404.4 13.3 402.4 15.5C400.5 17.6 399.1 20.1 398.3 22.9L351.3 166.9H160.8L113.7 22.9C112.9 20.1 111.5 17.6 109.6 15.5C107.6 13.4 105.2 11.7 102.5 10.7C99.9 9.7 97 9.3 94.1 9.6C91.3 9.9 88.5 10.8 86.1 12.4C82.8 14.4 80.3 17.5 78.9 21L9.3 202.8L8.5 204.6C-1.5 230.8-2.7 259.6 5 286.6C12.8 313.5 29.1 337.3 51.5 354.2L51.7 354.4L52.3 354.8L158.3 434.3L210.9 474L242.9 498.2C246.6 500.1 251.2 502.5 255.9 502.5C260.6 502.5 265.2 500.1 268.9 498.2L300.9 474L353.5 434.3L460.2 354.4L460.5 354.1C482.9 337.2 499.2 313.5 506.1 286.6C514.7 259.6 513.5 230.8 503.5 204.6z"/></svg></a><!--]--></div></div></div><!--]--><!--]--></div></div></div><!--[--><!--]--><button type="button" class="VPNavBarHamburger hamburger" aria-label="mobile navigation" aria-expanded="false" aria-controls="VPNavScreen" data-v-6aa21345 data-v-e5dd9c1c><span class="container" data-v-e5dd9c1c><span class="top" data-v-e5dd9c1c></span><span class="middle" data-v-e5dd9c1c></span><span class="bottom" data-v-e5dd9c1c></span></span></button></div></div></div></div><div class="divider" data-v-6aa21345><div class="divider-line" data-v-6aa21345></div></div></div><!----></header><div class="VPLocalNav empty fixed" data-v-5d98c3a5 data-v-a6f0e41e><div class="container" data-v-a6f0e41e><!----><div class="VPLocalNavOutlineDropdown" style="--vp-vh:0px;" data-v-a6f0e41e data-v-17a5e62e><button data-v-17a5e62e>Return to top</button><!----></div></div></div><!----><div class="VPContent" id="VPContent" data-v-5d98c3a5 data-v-1428d186><div class="VPDoc has-aside" data-v-1428d186 data-v-39a288b8><!--[--><!--]--><div class="container" data-v-39a288b8><div class="aside" data-v-39a288b8><div class="aside-curtain" data-v-39a288b8></div><div class="aside-container" data-v-39a288b8><div class="aside-content" data-v-39a288b8><div class="VPDocAside" data-v-39a288b8 data-v-3f215769><!--[--><!--]--><!--[--><!--]--><nav aria-labelledby="doc-outline-aria-label" class="VPDocAsideOutline" data-v-3f215769 data-v-a5bbad30><div class="content" data-v-a5bbad30><div class="outline-marker" data-v-a5bbad30></div><div aria-level="2" class="outline-title" id="doc-outline-aria-label" role="heading" data-v-a5bbad30>On this page</div><ul class="VPDocOutlineItem root" data-v-a5bbad30 data-v-b933a997><!--[--><!--]--></ul></div></nav><!--[--><!--]--><div class="spacer" data-v-3f215769></div><!--[--><!--]--><!----><!--[--><!--]--><!--[--><!--]--></div></div></div></div><div class="content" data-v-39a288b8><div class="content-container" data-v-39a288b8><!--[--><!--]--><main class="main" data-v-39a288b8><div style="position:relative;" class="vp-doc _api_service_authorization-tree" data-v-39a288b8><div><h1 id="authorizationtree" tabindex="-1">AuthorizationTree <a class="header-anchor" href="#authorizationtree" aria-label="Permalink to &quot;AuthorizationTree&quot;">​</a></h1><p>This service implements class for tracking state of authorizations by means of granting or revoking access on named resources to/from users and role in a tree of <a href="./authorization-node.html">nodes</a>.</p><p>In opposition to other services, this service is primarily a class which could be instantiated to describe a tree of authorization settings. It complies with existing services by <a href="#current">exposing a single instance as current tree of authorizations</a>, only.</p><p>On starting application, this plugin is processing runtime configuration and local database for existing <a href="./../model/authorization-rule.html">authorization rules</a> building this tree in runtime memory for improved authorizations testing during request routing.</p><h2 id="properties" tabindex="-1">Properties <a class="header-anchor" href="#properties" aria-label="Permalink to &quot;Properties&quot;">​</a></h2><h3 id="current" tabindex="-1">current <a class="header-anchor" href="#current" aria-label="Permalink to &quot;current&quot;">​</a></h3><p>This static property exposes single instance of current runtime representing the tree which has been set up by the plugin on starting application. This instance is implicitly updated by some actions affecting existing users, roles and authorization rules in local database.</p><h2 id="methods" tabindex="-1">Methods <a class="header-anchor" href="#methods" aria-label="Permalink to &quot;Methods&quot;">​</a></h2><div class="warning custom-block"><p class="custom-block-title">Instance methods</p><p>In opposition to other services, these methods are instance methods and thus are available e.g. on current tree, only.</p><p>Instead of writing</p><div class="language-javascript vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">javascript</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">AuthorizationTree.</span><span style="--shiki-light:#6F42C1;--shiki-dark:#B392F0;">addRule</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">( rule )</span></span></code></pre></div><p>you must write</p><div class="language-javascript vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">javascript</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">AuthorizationTree.current.</span><span style="--shiki-light:#6F42C1;--shiki-dark:#B392F0;">addRule</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">( rule )</span></span></code></pre></div></div><h3 id="selectnode" tabindex="-1">selectNode() <a class="header-anchor" href="#selectnode" aria-label="Permalink to &quot;selectNode()&quot;">​</a></h3><p><strong>Signature:</strong> <code>selectNode( selector, [ addIfMissing ], [ callback ] ): AuthorizationNode</code></p><p>This method descends into tree of nodes according to provided selector which is a resource&#39;s hierarchical name. If optional argument <code>addIfMissing</code> is <code>true</code>, any missing node is created on the fly assuring to always return a node representing selected resource.</p><p>When providing callback in third argument, it is invoked on every existing (or implicitly created) node passed while descending into tree. The callback is invoked with</p><ul><li>current node,</li><li>segment of selector a.k.a. resource name selecting this node in context of its parent,</li><li>the segment&#39;s index in list of segments extracted from selector and</li><li>the full list of segments to be processed.</li></ul><p>The callback may return <code>false</code> to prematurely stop descending into tree.</p><h3 id="clear" tabindex="-1">clear() <a class="header-anchor" href="#clear" aria-label="Permalink to &quot;clear()&quot;">​</a></h3><p><strong>Signature:</strong> <code>clear(): AuthorizationTree</code></p><p>Clears tree by recursive deleting all its nodes. Returns tree itself for daisy-chaining calls.</p><h3 id="addrule" tabindex="-1">addRule() <a class="header-anchor" href="#addrule" aria-label="Permalink to &quot;addRule()&quot;">​</a></h3><p><strong>Signature:</strong> <code>addRule( rule ): AuthorizationTree</code></p><p>Adjusts tree to represent provided <a href="./../model/authorization-rule.html">authorization rule</a>. The provided rule may be instance of model <a href="./../model/authorization-rule.html">AuthorizationRule</a> or any other object resembling authorization rules by providing equivalent properties <code>selector</code>, <code>user</code>, <code>role</code> and <code>accept</code>.</p><div class="warning custom-block"><p class="custom-block-title">Note</p><p>Adding a rule doesn&#39;t imply to eventually grant access on some resource.</p></div><p>The method returns current tree for daisy-chaining calls.</p><h3 id="removerule" tabindex="-1">removeRule() <a class="header-anchor" href="#removerule" aria-label="Permalink to &quot;removeRule()&quot;">​</a></h3><p><strong>Signature:</strong> <code>removeRule( rule ): AuthorizationTree</code></p><p>This is the counterpart of <a href="#addrule">addRule()</a>. It adjusts tree to stop representing provided <a href="./../model/authorization-rule.html">authorization rule</a>.</p><div class="warning custom-block"><p class="custom-block-title">Note</p><p>Removing a rule doesn&#39;t imply to eventually revoke access on some resource. It&#39;s reverting some previous change of tree, only.</p></div><div class="warning custom-block"><p class="custom-block-title">Note</p><p>When adding a rule multiple times, it will be counted as such. You need to remove the rule as many times as it has been added before to actually remove it from tree.</p></div><p>The method returns current tree for daisy-chaining calls.</p><h3 id="isauthorized" tabindex="-1">isAuthorized() <a class="header-anchor" href="#isauthorized" aria-label="Permalink to &quot;isAuthorized()&quot;">​</a></h3><p><strong>Signature:</strong> <code>isAuthorized( selector, user, role, [ acceptByDefault ] ): boolean</code></p><p>This method checks, whether tree is currently granting or revoking access on a selected resource to/from user and/or role.</p><div class="warning custom-block"><p class="custom-block-title">Note</p><p>Access on a resource can be granted or revoked on particular resource. It might be granted/revoked on a superordinated resource, too.</p></div><p>The method takes a user or a role and checks if it is affected by any rule tracked for either node of tree which is passed on descending into tree according to provided selector. If there is no rule on any passed node affecting provided user or role, the default provided in optional fourth argument is used, which is false by default, thus preventing access by default.</p><p>The method returns <code>true</code>, if access is granted, and <code>false</code> otherwise.</p><h3 id="gc" tabindex="-1">gc() <a class="header-anchor" href="#gc" aria-label="Permalink to &quot;gc()&quot;">​</a></h3><p><strong>Signature:</strong> <code>gc( [ force ] ): void</code></p><p>This method is meant to search tree for sparse threads and remove them if necessary. It is implicitly invoked each time a rule is removed with <a href="#removerule">removeRule()</a>, though garbage collection is triggered after seeing a certain number of calls, only. You can enforce a garbage collection by setting optional argument <code>force</code>.</p><h3 id="loadfromdatabase" tabindex="-1">loadFromDatabase() <a class="header-anchor" href="#loadfromdatabase" aria-label="Permalink to &quot;loadFromDatabase()&quot;">​</a></h3><p><strong>Signature:</strong> <code>async loadFromDatabase(): void</code></p><p>This method is reading all existing instances of <a href="./../model/authorization-rule.html">AuthorizationRule</a> from local database invoking <a href="#addrule">addRule()</a> on every found rule.</p><h3 id="loadfromconfiguration" tabindex="-1">loadFromConfiguration() <a class="header-anchor" href="#loadfromconfiguration" aria-label="Permalink to &quot;loadFromConfiguration()&quot;">​</a></h3><p><strong>Signature:</strong> <code>loadFromConfiguration( configuration ): void</code></p><p>The method searches provided configuration for describing rules in one of several supported formats and adds them to current tree. The provided configuration can be</p><ul><li>an object mapping resource names into <ul><li>a string naming user or role granted or revoked access on named resource,</li><li>a string naming multiple users and/or roles separated by comma with each granted or revoked access on resource,</li><li>an array of either sort of string or</li><li>an object providing <code>users</code> and <code>roles</code> or <code>grants</code> and <code>revokes</code> in separate properties each supporting a format similar to the one of strings described above and another map of relative resource names into rules for resources subordinated to current one.</li></ul></li></ul></div></div></main><footer class="VPDocFooter" data-v-39a288b8 data-v-e257564d><!--[--><!--]--><!----><!----></footer><!--[--><!--]--></div></div></div><!--[--><!--]--></div></div><!----><!--[--><!--]--></div></div>
21
+ <script>window.__VP_HASH_MAP__=JSON.parse("{\"api_config.md\":\"BiPnBhyk\",\"api_controller_index.md\":\"mhiyhr_C\",\"api_controller_user.md\":\"BiFYPTow\",\"api_index.md\":\"j6eBaebO\",\"api_model_authorization-rule.md\":\"CFNqudsp\",\"api_model_index.md\":\"Dw3UH73J\",\"api_model_role.md\":\"DFCGXTBA\",\"api_model_user-to-role.md\":\"QNC96rs-\",\"api_model_user.md\":\"C2GSzwZj\",\"api_policy_authentication.md\":\"Ccj8Rneb\",\"api_policy_authorization.md\":\"CP3y7VOT\",\"api_policy_index.md\":\"CmaeRtru\",\"api_policy_user.md\":\"ePU_LHGT\",\"api_routing.md\":\"BP98xeNw\",\"api_service_auth-manager.md\":\"CcpV6slZ\",\"api_service_authentication-passport.md\":\"DvhoW1TR\",\"api_service_authentication-strategies.md\":\"DjDT2F9g\",\"api_service_authorization-node.md\":\"DAN4WdDZ\",\"api_service_authorization-policy-generator.md\":\"IaQjgxfZ\",\"api_service_authorization-tree.md\":\"I7ff4vao\",\"api_service_index.md\":\"Bfk1E4Zn\",\"guides_getting-started.md\":\"BMwF59kE\",\"guides_index.md\":\"CUqoqPFW\",\"guides_openid-connect.md\":\"CWezg52j\",\"guides_saml.md\":\"BBlq_CTl\",\"index.md\":\"B8uyAhM4\",\"introduction.md\":\"DjcXFFe8\"}");window.__VP_SITE_DATA__=JSON.parse("{\"lang\":\"en-US\",\"dir\":\"ltr\",\"title\":\"Hitchy Auth Manual\",\"description\":\"A VitePress site\",\"base\":\"/\",\"head\":[],\"router\":{\"prefetchLinks\":true},\"appearance\":true,\"themeConfig\":{\"displayAllHeaders\":true,\"socialLinks\":[{\"icon\":{\"svg\":\"<svg xmlns=\\\"http://www.w3.org/2000/svg\\\" viewBox=\\\"0 0 512 512\\\"><!--!Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free Copyright 2024 Fonticons, Inc.--><path d=\\\"M503.5 204.6L502.8 202.8L433.1 21C431.7 17.5 429.2 14.4 425.9 12.4C423.5 10.8 420.8 9.9 417.9 9.6C415 9.3 412.2 9.7 409.5 10.7C406.8 11.7 404.4 13.3 402.4 15.5C400.5 17.6 399.1 20.1 398.3 22.9L351.3 166.9H160.8L113.7 22.9C112.9 20.1 111.5 17.6 109.6 15.5C107.6 13.4 105.2 11.7 102.5 10.7C99.9 9.7 97 9.3 94.1 9.6C91.3 9.9 88.5 10.8 86.1 12.4C82.8 14.4 80.3 17.5 78.9 21L9.3 202.8L8.5 204.6C-1.5 230.8-2.7 259.6 5 286.6C12.8 313.5 29.1 337.3 51.5 354.2L51.7 354.4L52.3 354.8L158.3 434.3L210.9 474L242.9 498.2C246.6 500.1 251.2 502.5 255.9 502.5C260.6 502.5 265.2 500.1 268.9 498.2L300.9 474L353.5 434.3L460.2 354.4L460.5 354.1C482.9 337.2 499.2 313.5 506.1 286.6C514.7 259.6 513.5 230.8 503.5 204.6z\\\"/></svg>\"},\"link\":\"https://gitlab.com/hitchy/plugin-auth\",\"ariaLabel\":\"Link to code repository\"}],\"nav\":[{\"text\":\"Home\",\"link\":\"/\"},{\"text\":\"Guides\",\"link\":\"/guides/\"},{\"text\":\"API\",\"link\":\"/api/\"},{\"text\":\"Hitchy\",\"items\":[{\"text\":\"Core\",\"link\":\"https://core.hitchy.org/\"},{\"text\":\"Plugins\",\"items\":[{\"text\":\"Odem\",\"link\":\"https://odem.hitchy.org/\"},{\"text\":\"Auth\",\"link\":\"/\"}]},{\"text\":\"Tools\",\"items\":[{\"text\":\"SDT\",\"link\":\"https://sdt.hitchy.org/\"}]}]}]},\"locales\":{},\"scrollOffset\":134,\"cleanUrls\":false}");</script>
22
+
23
+ </body>
24
+ </html>
package/public/api/service/index.html ADDED
@@ -0,0 +1,24 @@
1
+ <!DOCTYPE html>
2
+ <html lang="en-US" dir="ltr">
3
+ <head>
4
+ <meta charset="utf-8">
5
+ <meta name="viewport" content="width=device-width,initial-scale=1">
6
+ <title>Services | Hitchy Auth Manual</title>
7
+ <meta name="description" content="A VitePress site">
8
+ <meta name="generator" content="VitePress v1.3.1">
9
+ <link rel="preload stylesheet" href="/assets/style.C4vbPc5Z.css" as="style">
10
+
11
+ <script type="module" src="/assets/app.Bnek3cfe.js"></script>
12
+ <link rel="preload" href="/assets/inter-roman-latin.Di8DUHzh.woff2" as="font" type="font/woff2" crossorigin="">
13
+ <link rel="modulepreload" href="/assets/chunks/framework.BaHG-QLs.js">
14
+ <link rel="modulepreload" href="/assets/chunks/theme.BUrgq2uM.js">
15
+ <link rel="modulepreload" href="/assets/api_service_index.md.Bfk1E4Zn.lean.js">
16
+ <script id="check-dark-mode">(()=>{const e=localStorage.getItem("vitepress-theme-appearance")||"auto",a=window.matchMedia("(prefers-color-scheme: dark)").matches;(!e||e==="auto"?a:e==="dark")&&document.documentElement.classList.add("dark")})();</script>
17
+ <script id="check-mac-os">document.documentElement.classList.toggle("mac",/Mac|iPhone|iPod|iPad/i.test(navigator.platform));</script>
18
+ </head>
19
+ <body>
20
+ <div id="app"><div class="Layout" data-v-5d98c3a5><!--[--><!--]--><!--[--><span tabindex="-1" data-v-0f60ec36></span><a href="#VPContent" class="VPSkipLink visually-hidden" data-v-0f60ec36> Skip to content </a><!--]--><!----><header class="VPNav" data-v-5d98c3a5 data-v-ae24b3ad><div class="VPNavBar top" data-v-ae24b3ad data-v-6aa21345><div class="wrapper" data-v-6aa21345><div class="container" data-v-6aa21345><div class="title" data-v-6aa21345><div class="VPNavBarTitle" data-v-6aa21345 data-v-ab179fa1><a class="title" href="/" data-v-ab179fa1><!--[--><!--]--><!----><span data-v-ab179fa1>Hitchy Auth Manual</span><!--[--><!--]--></a></div></div><div class="content" data-v-6aa21345><div class="content-body" data-v-6aa21345><!--[--><!--]--><div class="VPNavBarSearch search" data-v-6aa21345><!----></div><nav aria-labelledby="main-nav-aria-label" class="VPNavBarMenu menu" data-v-6aa21345 data-v-dc692963><span id="main-nav-aria-label" class="visually-hidden" data-v-dc692963> Main Navigation </span><!--[--><!--[--><a class="VPLink link VPNavBarMenuLink" href="/" tabindex="0" data-v-dc692963 data-v-9c663999><!--[--><span data-v-9c663999>Home</span><!--]--></a><!--]--><!--[--><a class="VPLink link VPNavBarMenuLink" href="/guides/" tabindex="0" data-v-dc692963 data-v-9c663999><!--[--><span data-v-9c663999>Guides</span><!--]--></a><!--]--><!--[--><a class="VPLink link VPNavBarMenuLink" href="/api/" tabindex="0" data-v-dc692963 data-v-9c663999><!--[--><span data-v-9c663999>API</span><!--]--></a><!--]--><!--[--><div class="VPFlyout VPNavBarMenuGroup" data-v-dc692963 data-v-b6c34ac9><button type="button" class="button" aria-haspopup="true" aria-expanded="false" data-v-b6c34ac9><span class="text" data-v-b6c34ac9><!----><span data-v-b6c34ac9>Hitchy</span><span class="vpi-chevron-down text-icon" data-v-b6c34ac9></span></span></button><div class="menu" data-v-b6c34ac9><div class="VPMenu" data-v-b6c34ac9 data-v-b98bc113><div class="items" data-v-b98bc113><!--[--><!--[--><div class="VPMenuLink" data-v-b98bc113 data-v-43f1e123><a class="VPLink link vp-external-link-icon" href="https://core.hitchy.org/" target="_blank" rel="noreferrer" data-v-43f1e123><!--[-->Core<!--]--></a></div><!--]--><!--[--><div class="VPMenuGroup" data-v-b98bc113 data-v-69e747b5><p class="title" data-v-69e747b5>Plugins</p><!--[--><!--[--><div class="VPMenuLink" data-v-69e747b5 data-v-43f1e123><a class="VPLink link vp-external-link-icon" href="https://odem.hitchy.org/" target="_blank" rel="noreferrer" data-v-43f1e123><!--[-->Odem<!--]--></a></div><!--]--><!--[--><div class="VPMenuLink" data-v-69e747b5 data-v-43f1e123><a class="VPLink link" href="/" data-v-43f1e123><!--[-->Auth<!--]--></a></div><!--]--><!--]--></div><!--]--><!--[--><div class="VPMenuGroup" data-v-b98bc113 data-v-69e747b5><p class="title" data-v-69e747b5>Tools</p><!--[--><!--[--><div class="VPMenuLink" data-v-69e747b5 data-v-43f1e123><a class="VPLink link vp-external-link-icon" href="https://sdt.hitchy.org/" target="_blank" rel="noreferrer" data-v-43f1e123><!--[-->SDT<!--]--></a></div><!--]--><!--]--></div><!--]--><!--]--></div><!--[--><!--]--></div></div></div><!--]--><!--]--></nav><!----><div class="VPNavBarAppearance appearance" data-v-6aa21345 data-v-6c893767><button class="VPSwitch VPSwitchAppearance" type="button" role="switch" title="Switch to dark theme" aria-checked="false" data-v-6c893767 data-v-5337faa4 data-v-1d5665e3><span class="check" data-v-1d5665e3><span class="icon" data-v-1d5665e3><!--[--><span class="vpi-sun sun" data-v-5337faa4></span><span class="vpi-moon moon" data-v-5337faa4></span><!--]--></span></span></button></div><div class="VPSocialLinks VPNavBarSocialLinks social-links" data-v-6aa21345 data-v-0394ad82 data-v-7bc22406><!--[--><a class="VPSocialLink no-icon" href="https://gitlab.com/hitchy/plugin-auth" aria-label="Link to code repository" target="_blank" rel="noopener" data-v-7bc22406 data-v-eee4e7cb><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--!Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free Copyright 2024 Fonticons, Inc.--><path d="M503.5 204.6L502.8 202.8L433.1 21C431.7 17.5 429.2 14.4 425.9 12.4C423.5 10.8 420.8 9.9 417.9 9.6C415 9.3 412.2 9.7 409.5 10.7C406.8 11.7 404.4 13.3 402.4 15.5C400.5 17.6 399.1 20.1 398.3 22.9L351.3 166.9H160.8L113.7 22.9C112.9 20.1 111.5 17.6 109.6 15.5C107.6 13.4 105.2 11.7 102.5 10.7C99.9 9.7 97 9.3 94.1 9.6C91.3 9.9 88.5 10.8 86.1 12.4C82.8 14.4 80.3 17.5 78.9 21L9.3 202.8L8.5 204.6C-1.5 230.8-2.7 259.6 5 286.6C12.8 313.5 29.1 337.3 51.5 354.2L51.7 354.4L52.3 354.8L158.3 434.3L210.9 474L242.9 498.2C246.6 500.1 251.2 502.5 255.9 502.5C260.6 502.5 265.2 500.1 268.9 498.2L300.9 474L353.5 434.3L460.2 354.4L460.5 354.1C482.9 337.2 499.2 313.5 506.1 286.6C514.7 259.6 513.5 230.8 503.5 204.6z"/></svg></a><!--]--></div><div class="VPFlyout VPNavBarExtra extra" data-v-6aa21345 data-v-bb2aa2f0 data-v-b6c34ac9><button type="button" class="button" aria-haspopup="true" aria-expanded="false" aria-label="extra navigation" data-v-b6c34ac9><span class="vpi-more-horizontal icon" data-v-b6c34ac9></span></button><div class="menu" data-v-b6c34ac9><div class="VPMenu" data-v-b6c34ac9 data-v-b98bc113><!----><!--[--><!--[--><!----><div class="group" data-v-bb2aa2f0><div class="item appearance" data-v-bb2aa2f0><p class="label" data-v-bb2aa2f0>Appearance</p><div class="appearance-action" data-v-bb2aa2f0><button class="VPSwitch VPSwitchAppearance" type="button" role="switch" title="Switch to dark theme" aria-checked="false" data-v-bb2aa2f0 data-v-5337faa4 data-v-1d5665e3><span class="check" data-v-1d5665e3><span class="icon" data-v-1d5665e3><!--[--><span class="vpi-sun sun" data-v-5337faa4></span><span class="vpi-moon moon" data-v-5337faa4></span><!--]--></span></span></button></div></div></div><div class="group" data-v-bb2aa2f0><div class="item social-links" data-v-bb2aa2f0><div class="VPSocialLinks social-links-list" data-v-bb2aa2f0 data-v-7bc22406><!--[--><a class="VPSocialLink no-icon" href="https://gitlab.com/hitchy/plugin-auth" aria-label="Link to code repository" target="_blank" rel="noopener" data-v-7bc22406 data-v-eee4e7cb><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--!Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free Copyright 2024 Fonticons, Inc.--><path d="M503.5 204.6L502.8 202.8L433.1 21C431.7 17.5 429.2 14.4 425.9 12.4C423.5 10.8 420.8 9.9 417.9 9.6C415 9.3 412.2 9.7 409.5 10.7C406.8 11.7 404.4 13.3 402.4 15.5C400.5 17.6 399.1 20.1 398.3 22.9L351.3 166.9H160.8L113.7 22.9C112.9 20.1 111.5 17.6 109.6 15.5C107.6 13.4 105.2 11.7 102.5 10.7C99.9 9.7 97 9.3 94.1 9.6C91.3 9.9 88.5 10.8 86.1 12.4C82.8 14.4 80.3 17.5 78.9 21L9.3 202.8L8.5 204.6C-1.5 230.8-2.7 259.6 5 286.6C12.8 313.5 29.1 337.3 51.5 354.2L51.7 354.4L52.3 354.8L158.3 434.3L210.9 474L242.9 498.2C246.6 500.1 251.2 502.5 255.9 502.5C260.6 502.5 265.2 500.1 268.9 498.2L300.9 474L353.5 434.3L460.2 354.4L460.5 354.1C482.9 337.2 499.2 313.5 506.1 286.6C514.7 259.6 513.5 230.8 503.5 204.6z"/></svg></a><!--]--></div></div></div><!--]--><!--]--></div></div></div><!--[--><!--]--><button type="button" class="VPNavBarHamburger hamburger" aria-label="mobile navigation" aria-expanded="false" aria-controls="VPNavScreen" data-v-6aa21345 data-v-e5dd9c1c><span class="container" data-v-e5dd9c1c><span class="top" data-v-e5dd9c1c></span><span class="middle" data-v-e5dd9c1c></span><span class="bottom" data-v-e5dd9c1c></span></span></button></div></div></div></div><div class="divider" data-v-6aa21345><div class="divider-line" data-v-6aa21345></div></div></div><!----></header><div class="VPLocalNav empty fixed" data-v-5d98c3a5 data-v-a6f0e41e><div class="container" data-v-a6f0e41e><!----><div class="VPLocalNavOutlineDropdown" style="--vp-vh:0px;" data-v-a6f0e41e data-v-17a5e62e><button data-v-17a5e62e>Return to top</button><!----></div></div></div><!----><div class="VPContent" id="VPContent" data-v-5d98c3a5 data-v-1428d186><div class="VPDoc has-aside" data-v-1428d186 data-v-39a288b8><!--[--><!--]--><div class="container" data-v-39a288b8><div class="aside" data-v-39a288b8><div class="aside-curtain" data-v-39a288b8></div><div class="aside-container" data-v-39a288b8><div class="aside-content" data-v-39a288b8><div class="VPDocAside" data-v-39a288b8 data-v-3f215769><!--[--><!--]--><!--[--><!--]--><nav aria-labelledby="doc-outline-aria-label" class="VPDocAsideOutline" data-v-3f215769 data-v-a5bbad30><div class="content" data-v-a5bbad30><div class="outline-marker" data-v-a5bbad30></div><div aria-level="2" class="outline-title" id="doc-outline-aria-label" role="heading" data-v-a5bbad30>On this page</div><ul class="VPDocOutlineItem root" data-v-a5bbad30 data-v-b933a997><!--[--><!--]--></ul></div></nav><!--[--><!--]--><div class="spacer" data-v-3f215769></div><!--[--><!--]--><!----><!--[--><!--]--><!--[--><!--]--></div></div></div></div><div class="content" data-v-39a288b8><div class="content-container" data-v-39a288b8><!--[--><!--]--><main class="main" data-v-39a288b8><div style="position:relative;" class="vp-doc _api_service_" data-v-39a288b8><div><h1 id="services" tabindex="-1">Services <a class="header-anchor" href="#services" aria-label="Permalink to &quot;Services&quot;">​</a></h1><p>Select one of the provided <a href="https://core.hitchy.org/internals/components.html#services" target="_blank" rel="noreferrer">services</a>:</p><ul><li><a href="./authentication-passport.html">AuthenticationPassport</a></li><li><a href="./authentication-strategies.html">AuthenticationStrategies</a></li><li><a href="./auth-manager.html">AuthManager</a></li><li><a href="./authorization-tree.html">AuthorizationTree</a></li><li><a href="./authorization-node.html">AuthorizationNode</a></li><li><a href="./authorization-policy-generator.html">AuthorizationPolicyGenerator</a></li></ul></div></div></main><footer class="VPDocFooter" data-v-39a288b8 data-v-e257564d><!--[--><!--]--><!----><!----></footer><!--[--><!--]--></div></div></div><!--[--><!--]--></div></div><!----><!--[--><!--]--></div></div>
21
+ <script>window.__VP_HASH_MAP__=JSON.parse("{\"api_config.md\":\"BiPnBhyk\",\"api_controller_index.md\":\"mhiyhr_C\",\"api_controller_user.md\":\"BiFYPTow\",\"api_index.md\":\"j6eBaebO\",\"api_model_authorization-rule.md\":\"CFNqudsp\",\"api_model_index.md\":\"Dw3UH73J\",\"api_model_role.md\":\"DFCGXTBA\",\"api_model_user-to-role.md\":\"QNC96rs-\",\"api_model_user.md\":\"C2GSzwZj\",\"api_policy_authentication.md\":\"Ccj8Rneb\",\"api_policy_authorization.md\":\"CP3y7VOT\",\"api_policy_index.md\":\"CmaeRtru\",\"api_policy_user.md\":\"ePU_LHGT\",\"api_routing.md\":\"BP98xeNw\",\"api_service_auth-manager.md\":\"CcpV6slZ\",\"api_service_authentication-passport.md\":\"DvhoW1TR\",\"api_service_authentication-strategies.md\":\"DjDT2F9g\",\"api_service_authorization-node.md\":\"DAN4WdDZ\",\"api_service_authorization-policy-generator.md\":\"IaQjgxfZ\",\"api_service_authorization-tree.md\":\"I7ff4vao\",\"api_service_index.md\":\"Bfk1E4Zn\",\"guides_getting-started.md\":\"BMwF59kE\",\"guides_index.md\":\"CUqoqPFW\",\"guides_openid-connect.md\":\"CWezg52j\",\"guides_saml.md\":\"BBlq_CTl\",\"index.md\":\"B8uyAhM4\",\"introduction.md\":\"DjcXFFe8\"}");window.__VP_SITE_DATA__=JSON.parse("{\"lang\":\"en-US\",\"dir\":\"ltr\",\"title\":\"Hitchy Auth Manual\",\"description\":\"A VitePress site\",\"base\":\"/\",\"head\":[],\"router\":{\"prefetchLinks\":true},\"appearance\":true,\"themeConfig\":{\"displayAllHeaders\":true,\"socialLinks\":[{\"icon\":{\"svg\":\"<svg xmlns=\\\"http://www.w3.org/2000/svg\\\" viewBox=\\\"0 0 512 512\\\"><!--!Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free Copyright 2024 Fonticons, Inc.--><path d=\\\"M503.5 204.6L502.8 202.8L433.1 21C431.7 17.5 429.2 14.4 425.9 12.4C423.5 10.8 420.8 9.9 417.9 9.6C415 9.3 412.2 9.7 409.5 10.7C406.8 11.7 404.4 13.3 402.4 15.5C400.5 17.6 399.1 20.1 398.3 22.9L351.3 166.9H160.8L113.7 22.9C112.9 20.1 111.5 17.6 109.6 15.5C107.6 13.4 105.2 11.7 102.5 10.7C99.9 9.7 97 9.3 94.1 9.6C91.3 9.9 88.5 10.8 86.1 12.4C82.8 14.4 80.3 17.5 78.9 21L9.3 202.8L8.5 204.6C-1.5 230.8-2.7 259.6 5 286.6C12.8 313.5 29.1 337.3 51.5 354.2L51.7 354.4L52.3 354.8L158.3 434.3L210.9 474L242.9 498.2C246.6 500.1 251.2 502.5 255.9 502.5C260.6 502.5 265.2 500.1 268.9 498.2L300.9 474L353.5 434.3L460.2 354.4L460.5 354.1C482.9 337.2 499.2 313.5 506.1 286.6C514.7 259.6 513.5 230.8 503.5 204.6z\\\"/></svg>\"},\"link\":\"https://gitlab.com/hitchy/plugin-auth\",\"ariaLabel\":\"Link to code repository\"}],\"nav\":[{\"text\":\"Home\",\"link\":\"/\"},{\"text\":\"Guides\",\"link\":\"/guides/\"},{\"text\":\"API\",\"link\":\"/api/\"},{\"text\":\"Hitchy\",\"items\":[{\"text\":\"Core\",\"link\":\"https://core.hitchy.org/\"},{\"text\":\"Plugins\",\"items\":[{\"text\":\"Odem\",\"link\":\"https://odem.hitchy.org/\"},{\"text\":\"Auth\",\"link\":\"/\"}]},{\"text\":\"Tools\",\"items\":[{\"text\":\"SDT\",\"link\":\"https://sdt.hitchy.org/\"}]}]}]},\"locales\":{},\"scrollOffset\":134,\"cleanUrls\":false}");</script>
22
+
23
+ </body>
24
+ </html>
package/public/assets/api_config.md.BiPnBhyk.js ADDED
@@ -0,0 +1,77 @@
1
+ import{_ as s,c as i,o as a,a2 as n}from"./chunks/framework.BaHG-QLs.js";const g=JSON.parse('{"title":"Runtime Configuration","description":"","frontmatter":{"prev":"/api/service/","next":"routing.md"},"headers":[],"relativePath":"api/config.md","filePath":"api/config.md"}'),t={name:"api/config.md"},e=n(`<h1 id="runtime-configuration" tabindex="-1">Runtime Configuration <a class="header-anchor" href="#runtime-configuration" aria-label="Permalink to &quot;Runtime Configuration&quot;">​</a></h1><p>This plugin&#39;s runtime configuration is expected in section <code>auth</code> of your application&#39;s configuration. When complying with suggested filesystem layout for a Hitchy application, there should be a file <strong>config/auth.js</strong> in your application exposing this section similar to this:</p><div class="language-javascript vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">javascript</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">module</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">.</span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">exports</span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> =</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> {</span></span>
2
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> auth: {</span></span>
3
+ <span class="line"><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> ...</span></span>
4
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
5
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">};</span></span></code></pre></div><p>The following parameters are supported there:</p><h2 id="config-auth-prefix" tabindex="-1">config.auth.prefix <a class="header-anchor" href="#config-auth-prefix" aria-label="Permalink to &quot;config.auth.prefix&quot;">​</a></h2><p>This optional string controls shared prefix of routes set up implicitly for providing basic authentication support. Its default is <code>/api/auth</code> resulting in routes <code>/api/auth/login</code>, <code>/api/auth/current</code> etc.</p><p>Implicit routing setup can be disabled on providing boolean <code>false</code> as prefix here.</p><h2 id="config-auth-admin" tabindex="-1">config.auth.admin <a class="header-anchor" href="#config-auth-admin" aria-label="Permalink to &quot;config.auth.admin&quot;">​</a></h2><p>Provides name and/or password of admin user to create initially when no user with administration privileges has been found in local database. This optional parameter is an object consisting of properties</p><ul><li><strong>role</strong> selecting name of role granting full access to any associated user (default: <code>admin</code>),</li><li><strong>name</strong> selecting name of user to create on start of application if there is no user associated with that role (default: <code>admin</code>) and</li><li><strong>password</strong> providing password of that user to be created in clear text (default: <code>nimda</code>).</li></ul><div class="language-javascript vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">javascript</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">module</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">.</span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">exports</span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> =</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> {</span></span>
6
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> auth: {</span></span>
7
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> admin: {</span></span>
8
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> name: </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;jane.doe&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">,</span></span>
9
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> password: </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;my5ecr3t&quot;</span></span>
10
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
11
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
12
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">};</span></span></code></pre></div><div class="tip custom-block"><p class="custom-block-title">TIP</p><p>Environment variables <strong>HITCHY_ADMIN_NAME</strong>, <strong>HITCHY_ADMIN_PASSWORD</strong> and <strong>HITCHY_ADMIN_ROLE</strong> can be used to override any configuration provided here to e.g. support container-driven setups.</p></div><h2 id="config-auth-roles" tabindex="-1">config.auth.roles <a class="header-anchor" href="#config-auth-roles" aria-label="Permalink to &quot;config.auth.roles&quot;">​</a></h2><p>Lists role names to create on boot if missing in local database. This list is empty by default.</p><div class="language-javascript vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">javascript</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">module</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">.</span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">exports</span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> =</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> {</span></span>
13
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> auth: {</span></span>
14
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> roles: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;guest&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">, </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;customer&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">, </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;manager&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ],</span></span>
15
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
16
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">};</span></span></code></pre></div><h2 id="config-auth-authorizations" tabindex="-1">config.auth.authorizations <a class="header-anchor" href="#config-auth-authorizations" aria-label="Permalink to &quot;config.auth.authorizations&quot;">​</a></h2><p>This section grants or revokes access on named resources to/from users and/or roles. These <em>authorizations</em> are loaded on application start before reading custom rules from local database.</p><div class="tip custom-block"><p class="custom-block-title">TIP</p><p>Authorizations read from local database may replace authorizations given in runtime configuration.</p></div><p>It is an object-style hierarchy mapping resource names into names of users and/or roles access on selected resource is granted to or revoked from.</p><div class="language-javascript vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">javascript</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">module</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">.</span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">exports</span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> =</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> {</span></span>
17
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> auth: {</span></span>
18
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> authorizations: {</span></span>
19
+ <span class="line"><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;"> &quot;backup&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;@managers&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">,</span></span>
20
+ <span class="line"><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;"> &quot;backup.export&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;-@noobs&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">,</span></span>
21
+ <span class="line"><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;"> &quot;backup.import&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;+@admins, -john.doe&quot;</span></span>
22
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
23
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
24
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">};</span></span></code></pre></div><p>Lists of users and roles can be provided as strings using comma for separation as illustrated above. Actual array are supported, too:</p><div class="language-javascript vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">javascript</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">module</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">.</span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">exports</span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> =</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> {</span></span>
25
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> auth: {</span></span>
26
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> authorizations: {</span></span>
27
+ <span class="line"><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;"> &quot;backup&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;@managers&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ],</span></span>
28
+ <span class="line"><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;"> &quot;backup.export&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;-@noobs&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ],</span></span>
29
+ <span class="line"><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;"> &quot;backup.import&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;+@admins&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">, </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;-john.doe&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ],</span></span>
30
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
31
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
32
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">};</span></span></code></pre></div><p>Names of resources can be grouped by shared prefixes:</p><div class="language-javascript vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">javascript</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">module</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">.</span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">exports</span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> =</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> {</span></span>
33
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> auth: {</span></span>
34
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> authorizations: {</span></span>
35
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> backup: {</span></span>
36
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> people: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;@managers&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ],</span></span>
37
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> sub: {</span></span>
38
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> export: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;-@noobs&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ],</span></span>
39
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> import: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;+@admins&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">, </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;-john.doe&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ],</span></span>
40
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
41
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> }</span></span>
42
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
43
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
44
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">};</span></span></code></pre></div><p>Resource names concatenate path segments separated by period from each other. Common prefixes can be stripped off when nesting authorizations as demonstrated before. Nesting requires provision of users and roles moved into separate property named <code>people</code>.</p><p>For improved readability, <code>people</code> list may be replaced with separate lists for <code>users</code> and <code>roles</code> as well as with lists <code>grant</code> and <code>revoke</code> grouping authorizations accordingly:</p><div class="language-javascript vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">javascript</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">module</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">.</span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">exports</span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> =</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> {</span></span>
45
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> auth: {</span></span>
46
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> authorizations: {</span></span>
47
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> backup: {</span></span>
48
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> grant: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;@managers&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ],</span></span>
49
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> sub: {</span></span>
50
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> export: {</span></span>
51
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> revoke: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;@noobs&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ]</span></span>
52
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
53
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> import: {</span></span>
54
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> users: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;-john.doe&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ],</span></span>
55
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> roles: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;+admins&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ]</span></span>
56
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
57
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
58
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> }</span></span>
59
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
60
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
61
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">};</span></span></code></pre></div><h2 id="config-auth-strategies" tabindex="-1">config.auth.strategies <a class="header-anchor" href="#config-auth-strategies" aria-label="Permalink to &quot;config.auth.strategies&quot;">​</a></h2><p>This optional object maps unique names of supported authentication strategies into related implementations for use with <a href="https://www.passportjs.org/" target="_blank" rel="noreferrer">Passport</a>.</p><div class="language-javascript vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">javascript</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;">const</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> { </span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">OAuthStrategy</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> } </span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;">=</span><span style="--shiki-light:#6F42C1;--shiki-dark:#B392F0;"> require</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">( </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;passport-oauth&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> );</span></span>
62
+ <span class="line"></span>
63
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">module</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">.export </span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;">=</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> {</span></span>
64
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> auth: {</span></span>
65
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> strategies: {</span></span>
66
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> oauth: </span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;">new</span><span style="--shiki-light:#6F42C1;--shiki-dark:#B392F0;"> OAuthStrategy</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">( options, localUserSelectorFn ),</span></span>
67
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
68
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> },</span></span>
69
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">};</span></span></code></pre></div><p>Any strategy listed here will be picked up on <a href="./service/authentication-passport.html#integratewithhitchy">integrating Passport with Hitchy&#39;s request routing</a>. When implementing <a href="./policy/authentication.html#login">policy-based</a> authenticating requests, name of either strategy must be picked in request&#39;s parameter <code>strategy</code>:</p><div class="language-javascript vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">javascript</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">module</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">.</span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">exports</span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> =</span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> function</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">() {</span></span>
70
+ <span class="line"><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> const</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> { </span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">login</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> } </span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;">=</span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> this</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">.runtime.policy.Authentication;</span></span>
71
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> </span></span>
72
+ <span class="line"><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;"> return</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> {</span></span>
73
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> routes: {</span></span>
74
+ <span class="line"><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;"> &quot;GET /login/:strategy&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: </span><span style="--shiki-light:#6F42C1;--shiki-dark:#B392F0;">login</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">()</span></span>
75
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> }</span></span>
76
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> };</span></span>
77
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">};</span></span></code></pre></div><p>If request parameter is missing, <a href="#config-auth-defaultstrategy">configured default strategy</a> is used.</p><p>Provide a custom local strategy in property <code>local</code> here to prevent built-in <a href="./service/authentication-strategies.html#generatelocal">local strategy</a> from being used. Omit this configuration to rely on that built-in local strategy for authenticating users against local database, only.</p><h2 id="config-auth-defaultstrategy" tabindex="-1">config.auth.defaultStrategy <a class="header-anchor" href="#config-auth-defaultstrategy" aria-label="Permalink to &quot;config.auth.defaultStrategy&quot;">​</a></h2><p>This optional string names strategy to use by default. Defaults to <code>local</code> itself.</p><p>Any custom strategy named here must be <a href="#config-auth-strategies">set up</a> properly.</p>`,37),p=[e];function l(h,k,r,o,E,d){return a(),i("div",null,p)}const u=s(t,[["render",l]]);export{g as __pageData,u as default};
package/public/assets/api_config.md.BiPnBhyk.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as s,c as i,o as a,a2 as n}from"./chunks/framework.BaHG-QLs.js";const g=JSON.parse('{"title":"Runtime Configuration","description":"","frontmatter":{"prev":"/api/service/","next":"routing.md"},"headers":[],"relativePath":"api/config.md","filePath":"api/config.md"}'),t={name:"api/config.md"},e=n("",37),p=[e];function l(h,k,r,o,E,d){return a(),i("div",null,p)}const u=s(t,[["render",l]]);export{g as __pageData,u as default};
package/public/assets/api_controller_index.md.mhiyhr_C.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as t,c as o,o as l,j as e,a as r}from"./chunks/framework.BaHG-QLs.js";const k=JSON.parse('{"title":"Controllers","description":"","frontmatter":{"prev":"../","next":false},"headers":[],"relativePath":"api/controller/index.md","filePath":"api/controller/index.md"}'),n={name:"api/controller/index.md"},a=e("h1",{id:"controllers",tabindex:"-1"},[r("Controllers "),e("a",{class:"header-anchor",href:"#controllers","aria-label":'Permalink to "Controllers"'},"​")],-1),s=e("p",null,[r("Select one of the provided "),e("a",{href:"https://core.hitchy.org/internals/components.html#controllers",target:"_blank",rel:"noreferrer"},"controllers"),r(":")],-1),c=e("ul",null,[e("li",null,[e("a",{href:"./user.html"},"User")])],-1),i=[a,s,c];function d(h,_,p,f,m,u){return l(),o("div",null,i)}const v=t(n,[["render",d]]);export{k as __pageData,v as default};
package/public/assets/api_controller_index.md.mhiyhr_C.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as t,c as o,o as l,j as e,a as r}from"./chunks/framework.BaHG-QLs.js";const k=JSON.parse('{"title":"Controllers","description":"","frontmatter":{"prev":"../","next":false},"headers":[],"relativePath":"api/controller/index.md","filePath":"api/controller/index.md"}'),n={name:"api/controller/index.md"},a=e("h1",{id:"controllers",tabindex:"-1"},[r("Controllers "),e("a",{class:"header-anchor",href:"#controllers","aria-label":'Permalink to "Controllers"'},"​")],-1),s=e("p",null,[r("Select one of the provided "),e("a",{href:"https://core.hitchy.org/internals/components.html#controllers",target:"_blank",rel:"noreferrer"},"controllers"),r(":")],-1),c=e("ul",null,[e("li",null,[e("a",{href:"./user.html"},"User")])],-1),i=[a,s,c];function d(h,_,p,f,m,u){return l(),o("div",null,i)}const v=t(n,[["render",d]]);export{k as __pageData,v as default};
package/public/assets/api_controller_user.md.BiFYPTow.js ADDED
@@ -0,0 +1,6 @@
1
+ import{_ as e,c as a,o as t,a2 as s}from"./chunks/framework.BaHG-QLs.js";const k=JSON.parse('{"title":"UserController","description":"","frontmatter":{"prev":"../controller/","next":"../policy/"},"headers":[],"relativePath":"api/controller/user.md","filePath":"api/controller/user.md"}'),i={name:"api/controller/user.md"},n=s(`<h1 id="usercontroller" tabindex="-1">UserController <a class="header-anchor" href="#usercontroller" aria-label="Permalink to &quot;UserController&quot;">​</a></h1><p>This controller provides request handlers basically suitable for authenticating as a user. However, neither handler is actually triggering a user&#39;s authentication or its logout, but provides suitable responses following some <a href="./../policy/user.html">additionally required policies</a>.</p><p>Any of the following request handlers can be used as target in your application&#39;s routing declarations in <a href="https://core.hitchy.org/api/hitchy.html#config-routes" target="_blank" rel="noreferrer">section <code>routes</code></a> of <a href="https://core.hitchy.org/api/hitchy.html#configuration" target="_blank" rel="noreferrer">runtime configuration</a>:</p><div class="language-json vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">json</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">{</span></span>
2
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;routes&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: {</span></span>
3
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;/login&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;user.authenticate&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">,</span></span>
4
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;/logout&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;user.unauthenticate&quot;</span></span>
5
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> }</span></span>
6
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">}</span></span></code></pre></div><h2 id="authenticate" tabindex="-1">authenticate() <a class="header-anchor" href="#authenticate" aria-label="Permalink to &quot;authenticate()&quot;">​</a></h2><p>This handler is responding on successful authentication.</p><p>It relies on policy <a href="./../policy/authentication.html#login">authentication.login</a> being processed, first.</p><h2 id="unauthenticate" tabindex="-1">unauthenticate() <a class="header-anchor" href="#unauthenticate" aria-label="Permalink to &quot;unauthenticate()&quot;">​</a></h2><p>This handler is responding on successfully dropping any authentication.</p><p>It relies on policy <a href="./../policy/authentication.html#logout">authentication.logout</a> being processed, first.</p><h2 id="changepassword" tabindex="-1">changePassword() <a class="header-anchor" href="#changepassword" aria-label="Permalink to &quot;changePassword()&quot;">​</a></h2><p>This handler is responding on successfully changing user&#39;s token.</p><p>It relies on policy <a href="./../policy/user.html#changepassword">user.changePassword</a> being processed, first.</p><h2 id="getcurrent" tabindex="-1">getCurrent() <a class="header-anchor" href="#getcurrent" aria-label="Permalink to &quot;getCurrent()&quot;">​</a></h2><p>This handler is delivering additional information on recently authenticated user. See related <a href="./../routing.html#get-api-auth-current">routing description for response examples</a>.</p><p>It doesn&#39;t depend on any additional policy being processed first.</p>`,16),r=[n];function o(l,h,c,p,u,d){return t(),a("div",null,r)}const f=e(i,[["render",o]]);export{k as __pageData,f as default};
package/public/assets/api_controller_user.md.BiFYPTow.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as a,o as t,a2 as s}from"./chunks/framework.BaHG-QLs.js";const k=JSON.parse('{"title":"UserController","description":"","frontmatter":{"prev":"../controller/","next":"../policy/"},"headers":[],"relativePath":"api/controller/user.md","filePath":"api/controller/user.md"}'),i={name:"api/controller/user.md"},n=s("",16),r=[n];function o(l,h,c,p,u,d){return t(),a("div",null,r)}const f=e(i,[["render",o]]);export{k as __pageData,f as default};
package/public/assets/api_index.md.j6eBaebO.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as a,o as t,a2 as i}from"./chunks/framework.BaHG-QLs.js";const m=JSON.parse('{"title":"API Reference","description":"","frontmatter":{"prev":"../guides/","next":false},"headers":[],"relativePath":"api/index.md","filePath":"api/index.md"}'),r={name:"api/index.md"},o=i('<h1 id="api-reference" tabindex="-1">API Reference <a class="header-anchor" href="#api-reference" aria-label="Permalink to &quot;API Reference&quot;">​</a></h1><h2 id="components" tabindex="-1">Components <a class="header-anchor" href="#components" aria-label="Permalink to &quot;Components&quot;">​</a></h2><p>This plugin exposes the following <a href="https://core.hitchy.org/internals/components.html" target="_blank" rel="noreferrer">components</a> in context of your application:</p><h3 id="controllers" tabindex="-1">Controllers <a class="header-anchor" href="#controllers" aria-label="Permalink to &quot;Controllers&quot;">​</a></h3><p>The following <a href="https://core.hitchy.org/internals/components.html#controllers" target="_blank" rel="noreferrer">controlllers</a> are provided for implementing some default endpoints:</p><ul><li><a href="./controller/user.html">User</a></li></ul><h3 id="policies" tabindex="-1">Policies <a class="header-anchor" href="#policies" aria-label="Permalink to &quot;Policies&quot;">​</a></h3><p>Several <a href="https://core.hitchy.org/internals/components.html#policies" target="_blank" rel="noreferrer">policies</a> are available for customizing authentication and authorization support in your application:</p><ul><li><a href="./policy/authentication.html">Authentication</a></li><li><a href="./policy/authorization.html">Authorization</a></li><li><a href="./policy/user.html">User</a></li></ul><h3 id="models" tabindex="-1">Models <a class="header-anchor" href="#models" aria-label="Permalink to &quot;Models&quot;">​</a></h3><p>These <a href="https://core.hitchy.org/internals/components.html#models" target="_blank" rel="noreferrer">models</a> are provided to manage access control at runtime:</p><ul><li><a href="./model/user.html">User</a></li><li><a href="./model/role.html">Role</a></li><li><a href="./model/user-to-role.html">UserToRole</a></li><li><a href="./model/authorization-rule.html">AuthorizationRule</a></li></ul><h3 id="services" tabindex="-1">Services <a class="header-anchor" href="#services" aria-label="Permalink to &quot;Services&quot;">​</a></h3><p>Commonly useful <a href="https://core.hitchy.org/internals/components.html#services" target="_blank" rel="noreferrer">services</a> regarding authentication and authorization are:</p><ul><li><a href="./service/authentication-passport.html">AuthenticationPassport</a></li><li><a href="./service/authentication-strategies.html">AuthenticationStrategies</a></li><li><a href="./service/auth-manager.html">AuthManager</a></li><li><a href="./service/authorization-node.html">AuthorizationNode</a></li><li><a href="./service/authorization-tree.html">AuthorizationTree</a></li><li><a href="./service/authorization-policy-generator.html">AuthorizationPolicyGenerator</a></li></ul><h2 id="configuration" tabindex="-1">Configuration <a class="header-anchor" href="#configuration" aria-label="Permalink to &quot;Configuration&quot;">​</a></h2><p>In addition to components listed above the plugin is processing some optionally available <a href="./config.html">runtime configuration</a>.</p><h2 id="routing-defaults" tabindex="-1">Routing defaults <a class="header-anchor" href="#routing-defaults" aria-label="Permalink to &quot;Routing defaults&quot;">​</a></h2><p>Unless <a href="./config.html#config-auth-prefix">disabled in runtime configuration</a>, this plugin is always setting up <a href="./routing.html">routes providing basic user authentication</a> to a client.</p>',19),n=[o];function l(s,h,c,u,p,d){return t(),a("div",null,n)}const g=e(r,[["render",l]]);export{m as __pageData,g as default};
package/public/assets/api_index.md.j6eBaebO.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as a,o as t,a2 as i}from"./chunks/framework.BaHG-QLs.js";const m=JSON.parse('{"title":"API Reference","description":"","frontmatter":{"prev":"../guides/","next":false},"headers":[],"relativePath":"api/index.md","filePath":"api/index.md"}'),r={name:"api/index.md"},o=i("",19),n=[o];function l(s,h,c,u,p,d){return t(),a("div",null,n)}const g=e(r,[["render",l]]);export{m as __pageData,g as default};
package/public/assets/api_model_authorization-rule.md.CFNqudsp.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as a,o as t,a2 as r}from"./chunks/framework.BaHG-QLs.js";const f=JSON.parse('{"title":"AuthorizationRule","description":"","frontmatter":{"prev":"user-to-role.md","next":"/api/service/"},"headers":[],"relativePath":"api/model/authorization-rule.md","filePath":"api/model/authorization-rule.md"}'),o={name:"api/model/authorization-rule.md"},s=r('<h1 id="authorizationrule" tabindex="-1">AuthorizationRule <a class="header-anchor" href="#authorizationrule" aria-label="Permalink to &quot;AuthorizationRule&quot;">​</a></h1><p>An AuthorizationRule is a rule granting access on a <a href="./../../introduction.html#resources">named resource</a> to a <a href="./user.html">user</a> or <a href="./role.html">role</a> or rejecting access on that resource from a user or role. It is an essential part of authorization management.</p><h2 id="properties" tabindex="-1">Properties <a class="header-anchor" href="#properties" aria-label="Permalink to &quot;Properties&quot;">​</a></h2><h3 id="selector" tabindex="-1">selector <a class="header-anchor" href="#selector" aria-label="Permalink to &quot;selector&quot;">​</a></h3><p>This mandatory <a href="https://odem.hitchy.org/guides/defining-models.html#strings" target="_blank" rel="noreferrer">string</a> property selects a <a href="./../../introduction.html#resources">resource</a> (see the <a href="./../../introduction.html#an-example">example</a>) by its name.</p><h3 id="user" tabindex="-1">user <a class="header-anchor" href="#user" aria-label="Permalink to &quot;user&quot;">​</a></h3><p>This optional <a href="https://odem.hitchy.org/guides/defining-models.html#uuids" target="_blank" rel="noreferrer">UUID</a> selects a single user which is granted access to selected resource.</p><div class="warning custom-block"><p class="custom-block-title">WARNING</p><p>A rule must select at least a user or a role. It may select both.</p></div><h3 id="role" tabindex="-1">role <a class="header-anchor" href="#role" aria-label="Permalink to &quot;role&quot;">​</a></h3><p>This optional <a href="https://odem.hitchy.org/guides/defining-models.html#uuids" target="_blank" rel="noreferrer">UUID</a> selects a single user which is granted access to selected resource.</p><div class="warning custom-block"><p class="custom-block-title">WARNING</p><p>A rule must select at least a user or a role. It may select both.</p></div><h3 id="accept" tabindex="-1">accept <a class="header-anchor" href="#accept" aria-label="Permalink to &quot;accept&quot;">​</a></h3><p>This <a href="https://odem.hitchy.org/guides/defining-models.html#booleans" target="_blank" rel="noreferrer">boolean</a> property indicates, whether rule is granting access to selected resource (<code>true</code>) or revoking it (<code>false</code>). The default value is <code>true</code>.</p><h2 id="methods" tabindex="-1">Methods <a class="header-anchor" href="#methods" aria-label="Permalink to &quot;Methods&quot;">​</a></h2><p>AuthenticationRules don&#39;t have custom methods apart from <a href="https://odem.hitchy.org/api/model.html" target="_blank" rel="noreferrer">basic ones</a>.</p>',15),i=[s];function l(n,h,c,u,d,p){return t(),a("div",null,i)}const g=e(o,[["render",l]]);export{f as __pageData,g as default};
package/public/assets/api_model_authorization-rule.md.CFNqudsp.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as a,o as t,a2 as r}from"./chunks/framework.BaHG-QLs.js";const f=JSON.parse('{"title":"AuthorizationRule","description":"","frontmatter":{"prev":"user-to-role.md","next":"/api/service/"},"headers":[],"relativePath":"api/model/authorization-rule.md","filePath":"api/model/authorization-rule.md"}'),o={name:"api/model/authorization-rule.md"},s=r("",15),i=[s];function l(n,h,c,u,d,p){return t(),a("div",null,i)}const g=e(o,[["render",l]]);export{f as __pageData,g as default};
package/public/assets/api_model_index.md.Dw3UH73J.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as t,o as a,a2 as o}from"./chunks/framework.BaHG-QLs.js";const f=JSON.parse('{"title":"Models","description":"","frontmatter":{"prev":"../","next":false},"headers":[],"relativePath":"api/model/index.md","filePath":"api/model/index.md"}'),l={name:"api/model/index.md"},r=o('<h1 id="models" tabindex="-1">Models <a class="header-anchor" href="#models" aria-label="Permalink to &quot;Models&quot;">​</a></h1><p>Select one of the provided <a href="https://core.hitchy.org/internals/components.html#models" target="_blank" rel="noreferrer">models</a>:</p><ul><li><a href="./user.html">User</a></li><li><a href="./role.html">Role</a></li><li><a href="./user-to-role.html">UserToRole</a></li><li><a href="./authorization-rule.html">AuthorizationRule</a></li></ul>',3),i=[r];function s(n,d,_,h,c,m){return a(),t("div",null,i)}const u=e(l,[["render",s]]);export{f as __pageData,u as default};
package/public/assets/api_model_index.md.Dw3UH73J.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as t,o as a,a2 as o}from"./chunks/framework.BaHG-QLs.js";const f=JSON.parse('{"title":"Models","description":"","frontmatter":{"prev":"../","next":false},"headers":[],"relativePath":"api/model/index.md","filePath":"api/model/index.md"}'),l={name:"api/model/index.md"},r=o("",3),i=[r];function s(n,d,_,h,c,m){return a(),t("div",null,i)}const u=e(l,[["render",s]]);export{f as __pageData,u as default};
package/public/assets/api_model_role.md.DFCGXTBA.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as r,o as a,a2 as t}from"./chunks/framework.BaHG-QLs.js";const _=JSON.parse('{"title":"Role","description":"","frontmatter":{"prev":"user.md","next":"user-to-role.md"},"headers":[],"relativePath":"api/model/role.md","filePath":"api/model/role.md"}'),o={name:"api/model/role.md"},s=t('<h1 id="role" tabindex="-1">Role <a class="header-anchor" href="#role" aria-label="Permalink to &quot;Role&quot;">​</a></h1><p>This model represents a single <em>role</em> in local database. A role can be applied to multiple users. Authorizations can be granted to or revoked from a role instead of a single user, thus affecting all users the role has been applied to.</p><p>It is part of access control management at runtime.</p><h2 id="properties" tabindex="-1">Properties <a class="header-anchor" href="#properties" aria-label="Permalink to &quot;Properties&quot;">​</a></h2><p>These are the properties provided per role:</p><h3 id="name" tabindex="-1">name <a class="header-anchor" href="#name" aria-label="Permalink to &quot;name&quot;">​</a></h3><p>For every role, this <a href="https://odem.hitchy.org/guides/defining-models.html#strings" target="_blank" rel="noreferrer">string</a> property is representing the role&#39;s unique name. It is used in authorization rules to grant access on a resource to a set of users or revoke it from them explicitly.</p><h2 id="methods" tabindex="-1">Methods <a class="header-anchor" href="#methods" aria-label="Permalink to &quot;Methods&quot;">​</a></h2><p>Roles don&#39;t have custom methods apart from <a href="https://odem.hitchy.org/api/model.html" target="_blank" rel="noreferrer">basic ones</a>.</p>',9),i=[s];function l(n,h,d,p,m,c){return a(),r("div",null,i)}const f=e(o,[["render",l]]);export{_ as __pageData,f as default};
package/public/assets/api_model_role.md.DFCGXTBA.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as r,o as a,a2 as t}from"./chunks/framework.BaHG-QLs.js";const _=JSON.parse('{"title":"Role","description":"","frontmatter":{"prev":"user.md","next":"user-to-role.md"},"headers":[],"relativePath":"api/model/role.md","filePath":"api/model/role.md"}'),o={name:"api/model/role.md"},s=t("",9),i=[s];function l(n,h,d,p,m,c){return a(),r("div",null,i)}const f=e(o,[["render",l]]);export{_ as __pageData,f as default};
package/public/assets/api_model_user-to-role.md.QNC96rs-.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as r,o as a,a2 as o}from"./chunks/framework.BaHG-QLs.js";const f=JSON.parse('{"title":"UserToRole","description":"","frontmatter":{"prev":"role.md","next":"authorization-rule.md"},"headers":[],"relativePath":"api/model/user-to-role.md","filePath":"api/model/user-to-role.md"}'),t={name:"api/model/user-to-role.md"},s=o('<h1 id="usertorole" tabindex="-1">UserToRole <a class="header-anchor" href="#usertorole" aria-label="Permalink to &quot;UserToRole&quot;">​</a></h1><p>Every instance of this model links an instance of <a href="./user.html">User model</a> with a instance of <a href="./role.html">Role model</a>.</p><p>This model is part of access control management at runtime.</p><h2 id="properties" tabindex="-1">Properties <a class="header-anchor" href="#properties" aria-label="Permalink to &quot;Properties&quot;">​</a></h2><p>These are the properties provided per role:</p><h3 id="user" tabindex="-1">user <a class="header-anchor" href="#user" aria-label="Permalink to &quot;user&quot;">​</a></h3><p>Provides <a href="https://odem.hitchy.org/guides/defining-models.html#uuids" target="_blank" rel="noreferrer">UUID</a> of user associated with a role.</p><h3 id="user-1" tabindex="-1">user <a class="header-anchor" href="#user-1" aria-label="Permalink to &quot;user&quot;">​</a></h3><p>Provides <a href="https://odem.hitchy.org/guides/defining-models.html#uuids" target="_blank" rel="noreferrer">UUID</a> of role associated with a user.</p><h2 id="methods" tabindex="-1">Methods <a class="header-anchor" href="#methods" aria-label="Permalink to &quot;Methods&quot;">​</a></h2><p>There no custom methods apart from <a href="https://odem.hitchy.org/api/model.html" target="_blank" rel="noreferrer">basic ones</a>.</p>',11),i=[s];function l(h,d,n,p,c,m){return a(),r("div",null,i)}const _=e(t,[["render",l]]);export{f as __pageData,_ as default};
package/public/assets/api_model_user-to-role.md.QNC96rs-.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as r,o as a,a2 as o}from"./chunks/framework.BaHG-QLs.js";const f=JSON.parse('{"title":"UserToRole","description":"","frontmatter":{"prev":"role.md","next":"authorization-rule.md"},"headers":[],"relativePath":"api/model/user-to-role.md","filePath":"api/model/user-to-role.md"}'),t={name:"api/model/user-to-role.md"},s=o("",11),i=[s];function l(h,d,n,p,c,m){return a(),r("div",null,i)}const _=e(t,[["render",l]]);export{f as __pageData,_ as default};
package/public/assets/api_model_user.md.C2GSzwZj.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as a,o as s,a2 as r}from"./chunks/framework.BaHG-QLs.js";const g=JSON.parse('{"title":"User","description":"","frontmatter":{"prev":"../model/","next":"role.md"},"headers":[],"relativePath":"api/model/user.md","filePath":"api/model/user.md"}'),t={name:"api/model/user.md"},o=r('<h1 id="user" tabindex="-1">User <a class="header-anchor" href="#user" aria-label="Permalink to &quot;User&quot;">​</a></h1><p>This model represents a single user in local database. It is meant to support access control management at runtime e.g. to have a user-customizable access control.</p><h2 id="properties" tabindex="-1">Properties <a class="header-anchor" href="#properties" aria-label="Permalink to &quot;Properties&quot;">​</a></h2><p>These are the properties provided per user:</p><h3 id="name" tabindex="-1">name <a class="header-anchor" href="#name" aria-label="Permalink to &quot;name&quot;">​</a></h3><p>The user&#39;s name is a required <a href="https://odem.hitchy.org/guides/defining-models.html#strings" target="_blank" rel="noreferrer">string</a> which is meant to be unique. It is used to pick a user for local authentication. Authorization rules are capable of addressing a user by name, too.</p><h3 id="password" tabindex="-1">password <a class="header-anchor" href="#password" aria-label="Permalink to &quot;password&quot;">​</a></h3><p>This <a href="https://odem.hitchy.org/guides/defining-models.html#strings" target="_blank" rel="noreferrer">string</a> provides a salted one-way hash of user&#39;s password for local authentication or some other kind of token for use with a non-local strategy.</p><p>Passwords for use with local authentication are implicitly hashed with <a href="https://de.wikipedia.org/wiki/Scrypt" target="_blank" rel="noreferrer">SCRYPT</a>.</p><h3 id="strategy" tabindex="-1">strategy <a class="header-anchor" href="#strategy" aria-label="Permalink to &quot;strategy&quot;">​</a></h3><p>Every user can be associated with a particular passport strategy to use for authentication. This <a href="https://odem.hitchy.org/guides/defining-models.html#strings" target="_blank" rel="noreferrer">string</a> property is picking a strategy by its name. Default strategy as configured is used in case this property is empty or unset.</p><h3 id="strategydata" tabindex="-1">strategyData <a class="header-anchor" href="#strategydata" aria-label="Permalink to &quot;strategyData&quot;">​</a></h3><p>This <a href="https://odem.hitchy.org/guides/defining-models.html#strings" target="_blank" rel="noreferrer">string</a> property is meant to provide custom data specific to selected strategy. It&#39;s format is specific to that strategy. It might be used to pick a remote service confirming the user&#39;s authentication or represent additional meta data on it.</p><h2 id="methods" tabindex="-1">Methods <a class="header-anchor" href="#methods" aria-label="Permalink to &quot;Methods&quot;">​</a></h2><h3 id="hashpassword" tabindex="-1">hashPassword() <a class="header-anchor" href="#hashpassword" aria-label="Permalink to &quot;hashPassword()&quot;">​</a></h3><p><strong>Signature:</strong> <code>async hashPassword( cleartext, [ previous ] ): string</code></p><p>This asynchronous method derives salted hash from provided clear-text password. The second argument is optional. When provided, the salt is extracted from it instead of generating a fresh random salt. This is required for comparing password hashes. And it shouldn&#39;t be used for anything else. Using fresh salts whenever possible is essential to password security.</p><h3 id="setpassword" tabindex="-1">setPassword() <a class="header-anchor" href="#setpassword" aria-label="Permalink to &quot;setPassword()&quot;">​</a></h3><p><strong>Signature:</strong> <code>async setPassword( password )</code></p><p>Changes password of user as provided in clear text. This is a helper updating hashed password in local instance. You still need to <a href="https://odem.hitchy.org/api/model.html#instance-save" target="_blank" rel="noreferrer">save the record</a> to persist the change.</p><h3 id="verifypassword" tabindex="-1">verifyPassword() <a class="header-anchor" href="#verifypassword" aria-label="Permalink to &quot;verifyPassword()&quot;">​</a></h3><p><strong>Signature:</strong> <code>async verifyPassword( password ): boolean</code></p><p>Compares this user&#39;s hashed password with a provided clear-text password by hashing the latter with the same salt extracted from the former and compare the hashes. The method is implicitly loading the record from persistent storage if required. It promises <code>true</code> if both hashes are identical and <code>false</code> otherwise.</p>',23),i=[o];function n(h,d,l,p,c,u){return s(),a("div",null,i)}const f=e(t,[["render",n]]);export{g as __pageData,f as default};
package/public/assets/api_model_user.md.C2GSzwZj.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as a,o as s,a2 as r}from"./chunks/framework.BaHG-QLs.js";const g=JSON.parse('{"title":"User","description":"","frontmatter":{"prev":"../model/","next":"role.md"},"headers":[],"relativePath":"api/model/user.md","filePath":"api/model/user.md"}'),t={name:"api/model/user.md"},o=r("",23),i=[o];function n(h,d,l,p,c,u){return s(),a("div",null,i)}const f=e(t,[["render",n]]);export{g as __pageData,f as default};
package/public/assets/api_policy_authentication.md.Ccj8Rneb.js ADDED
@@ -0,0 +1,5 @@
1
+ import{_ as t,c as a,o as e,a2 as i}from"./chunks/framework.BaHG-QLs.js";const f=JSON.parse('{"title":"AuthenticationPolicy","description":"","frontmatter":{"prev":"../policy/","next":"authorization.md"},"headers":[],"relativePath":"api/policy/authentication.md","filePath":"api/policy/authentication.md"}'),s={name:"api/policy/authentication.md"},n=i(`<h1 id="authenticationpolicy" tabindex="-1">AuthenticationPolicy <a class="header-anchor" href="#authenticationpolicy" aria-label="Permalink to &quot;AuthenticationPolicy&quot;">​</a></h1><p>This class implements policy handlers for transparently processing requests for logging in and out by means of authenticating as a user relying on a <a href="./../config.html#config-auth-strategies">configured</a> <a href="https://www.passportjs.org/" target="_blank" rel="noreferrer">passport</a> <a href="https://www.passportjs.org/packages/" target="_blank" rel="noreferrer">strategy</a>.</p><p>These are the provided handlers:</p><h2 id="initialize" tabindex="-1">initialize() <a class="header-anchor" href="#initialize" aria-label="Permalink to &quot;initialize()&quot;">​</a></h2><p>This policy handler is basically integrating passport with a request&#39;s handling. It is unconditionally injected into every incoming request by default.</p><p>The handler is adopting <a href="https://www.passportjs.org/docs/downloads/html/#middleware" target="_blank" rel="noreferrer">passport&#39;s instructions for setting it up as a middleware</a> to work in context of Hitchy framework.</p><h2 id="login" tabindex="-1">login() <a class="header-anchor" href="#login" aria-label="Permalink to &quot;login()&quot;">​</a></h2><p>Handles request for authentication via integrated passport&#39;s strategy as configured.</p><p>This handler is essential for <a href="./../routing.html#post-api-auth-login-strategy">default route supported to authenticate a user</a>.</p><div class="tip custom-block"><p class="custom-block-title">Example</p><p>There is an example for how to use this policy in <a href="./../config.html#config-auth-strategies">section on configuring custom strategies</a>.</p></div><h2 id="logout" tabindex="-1">logout() <a class="header-anchor" href="#logout" aria-label="Permalink to &quot;logout()&quot;">​</a></h2><p>This handler is dropping any user currently authenticated in context of this request.</p><p>It is essential for <a href="./../routing.html#get-api-auth-logout">default route supported to drop user authentication</a>.</p><h2 id="mustbeauthenticated" tabindex="-1">mustBeAuthenticated() <a class="header-anchor" href="#mustbeauthenticated" aria-label="Permalink to &quot;mustBeAuthenticated()&quot;">​</a></h2><p>This handler responds with HTTP status 403 in case there is no authenticated user in context of current request. Use this policy if you want to reject all requests to a URL prefix unless some user has authenticated.</p><div class="language-json vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">json</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">{</span></span>
2
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;policies&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: {</span></span>
3
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;/api/protected&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: [ </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;authentication.mustBeAuthenticated&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ]</span></span>
4
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> }</span></span>
5
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">}</span></span></code></pre></div>`,16),o=[n];function r(l,h,p,c,u,d){return e(),a("div",null,o)}const k=t(s,[["render",r]]);export{f as __pageData,k as default};
package/public/assets/api_policy_authentication.md.Ccj8Rneb.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as t,c as a,o as e,a2 as i}from"./chunks/framework.BaHG-QLs.js";const f=JSON.parse('{"title":"AuthenticationPolicy","description":"","frontmatter":{"prev":"../policy/","next":"authorization.md"},"headers":[],"relativePath":"api/policy/authentication.md","filePath":"api/policy/authentication.md"}'),s={name:"api/policy/authentication.md"},n=i("",16),o=[n];function r(l,h,p,c,u,d){return e(),a("div",null,o)}const k=t(s,[["render",r]]);export{f as __pageData,k as default};
package/public/assets/api_policy_authorization.md.CP3y7VOT.js ADDED
@@ -0,0 +1,8 @@
1
+ import{_ as i,c as s,o as a,a2 as t}from"./chunks/framework.BaHG-QLs.js";const m=JSON.parse('{"title":"AuthorizationPolicy","description":"","frontmatter":{"prev":"authentication.md","next":"user.md"},"headers":[],"relativePath":"api/policy/authorization.md","filePath":"api/policy/authorization.md"}'),e={name:"api/policy/authorization.md"},n=t(`<h1 id="authorizationpolicy" tabindex="-1">AuthorizationPolicy <a class="header-anchor" href="#authorizationpolicy" aria-label="Permalink to &quot;AuthorizationPolicy&quot;">​</a></h1><p>This class provides policy handlers helping with common authorization tasks.</p><h2 id="mustbeadmin" tabindex="-1">mustBeAdmin() <a class="header-anchor" href="#mustbeadmin" aria-label="Permalink to &quot;mustBeAdmin()&quot;">​</a></h2><p>This handler responds with HTTP status 403 in case there is no current user or any authenticated user isn&#39;t associated with the role configured to provide administrative privileges by means of granting access on all resources.</p><div class="tip custom-block"><p class="custom-block-title">TIP</p><p>This policy handler can be combined with <a href="./authentication.html#mustbeauthenticated">authentication.mustBeAuthenticated</a> to deliver more useful response messages on requests completely lacking authentication.</p><div class="language-json vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">json</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">{</span></span>
2
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;policies&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: {</span></span>
3
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;/api/protected&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: [ </span></span>
4
+ <span class="line"><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;"> &quot;authentication.mustBeAuthenticated&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">, </span></span>
5
+ <span class="line"><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;"> &quot;authorization.mustBeAdmin&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> </span></span>
6
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> ]</span></span>
7
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> }</span></span>
8
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">}</span></span></code></pre></div></div>`,5),o=[n];function l(h,p,r,c,d,u){return a(),s("div",null,o)}const E=i(e,[["render",l]]);export{m as __pageData,E as default};
package/public/assets/api_policy_authorization.md.CP3y7VOT.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as i,c as s,o as a,a2 as t}from"./chunks/framework.BaHG-QLs.js";const m=JSON.parse('{"title":"AuthorizationPolicy","description":"","frontmatter":{"prev":"authentication.md","next":"user.md"},"headers":[],"relativePath":"api/policy/authorization.md","filePath":"api/policy/authorization.md"}'),e={name:"api/policy/authorization.md"},n=t("",5),o=[n];function l(h,p,r,c,d,u){return a(),s("div",null,o)}const E=i(e,[["render",l]]);export{m as __pageData,E as default};
package/public/assets/api_policy_index.md.CmaeRtru.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as t,o as i,a2 as a}from"./chunks/framework.BaHG-QLs.js";const m=JSON.parse('{"title":"Policies","description":"","frontmatter":{"prev":"../","next":false},"headers":[],"relativePath":"api/policy/index.md","filePath":"api/policy/index.md"}'),o={name:"api/policy/index.md"},r=a('<h1 id="policies" tabindex="-1">Policies <a class="header-anchor" href="#policies" aria-label="Permalink to &quot;Policies&quot;">​</a></h1><p>Select one of the provided <a href="https://core.hitchy.org/internals/components.html#policies" target="_blank" rel="noreferrer">policies</a>:</p><ul><li><a href="./authentication.html">Authentication</a></li><li><a href="./authorization.html">Authorization</a></li><li><a href="./user.html">User</a></li></ul>',3),l=[r];function n(c,s,_,h,p,d){return i(),t("div",null,l)}const u=e(o,[["render",n]]);export{m as __pageData,u as default};
package/public/assets/api_policy_index.md.CmaeRtru.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as t,o as i,a2 as a}from"./chunks/framework.BaHG-QLs.js";const m=JSON.parse('{"title":"Policies","description":"","frontmatter":{"prev":"../","next":false},"headers":[],"relativePath":"api/policy/index.md","filePath":"api/policy/index.md"}'),o={name:"api/policy/index.md"},r=a("",3),l=[r];function n(c,s,_,h,p,d){return i(),t("div",null,l)}const u=e(o,[["render",n]]);export{m as __pageData,u as default};
package/public/assets/api_policy_user.md.ePU_LHGT.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as t,o as s,a2 as a}from"./chunks/framework.BaHG-QLs.js";const _=JSON.parse('{"title":"UserPolicy","description":"","frontmatter":{"prev":"authorization.md","next":"../model/"},"headers":[],"relativePath":"api/policy/user.md","filePath":"api/policy/user.md"}'),r={name:"api/policy/user.md"},o=a('<h1 id="userpolicy" tabindex="-1">UserPolicy <a class="header-anchor" href="#userpolicy" aria-label="Permalink to &quot;UserPolicy&quot;">​</a></h1><p>This class provides policy handlers helping with common tasks related to some authenticated user.</p><h2 id="mustbeme" tabindex="-1">mustBeMe() <a class="header-anchor" href="#mustbeme" aria-label="Permalink to &quot;mustBeMe()&quot;">​</a></h2><p>This handler tests if current request URL contains parameter named <code>uuid</code> matching current user&#39;s UUID. The request is rejected with HTTP status 403 <strong>on mismatch</strong>.</p><h2 id="mustnotbeme" tabindex="-1">mustNotBeMe() <a class="header-anchor" href="#mustnotbeme" aria-label="Permalink to &quot;mustNotBeMe()&quot;">​</a></h2><p>This handler tests if current request URL contains parameter named <code>uuid</code> matching current user&#39;s UUID. The request is rejected with HTTP status 403 <strong>on match</strong>.</p><h2 id="changepassword" tabindex="-1">changePassword() <a class="header-anchor" href="#changepassword" aria-label="Permalink to &quot;changePassword()&quot;">​</a></h2><p>This request is transparently processing request for changing any currently authenticated user&#39;s password. It requires provision of authenticated user&#39;s current password and the desired new password in request body.</p><p>This policy handler is essential to <a href="./../routing.html#post-api-auth-password">default route supporting change of a user&#39;s password</a>.</p>',9),i=[o];function n(c,u,d,h,p,l){return s(),t("div",null,i)}const f=e(r,[["render",n]]);export{_ as __pageData,f as default};
package/public/assets/api_policy_user.md.ePU_LHGT.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as e,c as t,o as s,a2 as a}from"./chunks/framework.BaHG-QLs.js";const _=JSON.parse('{"title":"UserPolicy","description":"","frontmatter":{"prev":"authorization.md","next":"../model/"},"headers":[],"relativePath":"api/policy/user.md","filePath":"api/policy/user.md"}'),r={name:"api/policy/user.md"},o=a("",9),i=[o];function n(c,u,d,h,p,l){return s(),t("div",null,i)}const f=e(r,[["render",n]]);export{_ as __pageData,f as default};
package/public/assets/api_routing.md.BP98xeNw.js ADDED
@@ -0,0 +1,17 @@
1
+ import{_ as s,c as i,o as a,a2 as t}from"./chunks/framework.BaHG-QLs.js";const g=JSON.parse('{"title":"Routing defaults","description":"","frontmatter":{"prev":"config.md","next":false},"headers":[],"relativePath":"api/routing.md","filePath":"api/routing.md"}'),e={name:"api/routing.md"},n=t(`<h1 id="routing-defaults" tabindex="-1">Routing defaults <a class="header-anchor" href="#routing-defaults" aria-label="Permalink to &quot;Routing defaults&quot;">​</a></h1><p>Unless <a href="./config.html#config-auth-prefix">disabled in runtime configuration</a>, this plugin is always setting up routes providing basic user authentication to a client.</p><div class="warning custom-block"><p class="custom-block-title">Customizable prefix</p><p>The following documentation relies on default prefix <code>/api/auth</code>. You may <a href="./config.html#config-auth-prefix">change this default in runtime configuration</a>. Adopt URLs listed below according to your setup if required.</p></div><p>Some basic initialization is required in every request. This can&#39;t be disabled using runtime configuration.</p><h2 id="post-api-auth-login-strategy" tabindex="-1"><code>POST /api/auth/login/:strategy?</code> <a class="header-anchor" href="#post-api-auth-login-strategy" aria-label="Permalink to &quot;\`POST /api/auth/login/:strategy?\`&quot;">​</a></h2><p>This route is authenticating some user by processing its credentials found in request body which is either JSON-formatted or some URL-encoded form data.</p><p>Actual format of provided credentials depend on passport strategy being used. The built-in local strategy used by default expects <code>username</code> and <code>password</code> being provided in properties named accordingly:</p><div class="language-http vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">http</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;">POST</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> /api/auth/login </span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;">HTTP</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">/</span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">1.0</span></span>
2
+ <span class="line"><span style="--shiki-light:#22863A;--shiki-dark:#85E89D;">Content-Type</span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;">:</span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;"> application/x-www-form-urlencoded</span></span>
3
+ <span class="line"></span>
4
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">username=john.doe&amp;password=my-secret-token</span></span></code></pre></div><p>The result is always provided as JSON object.</p><div class="tip custom-block"><p class="custom-block-title">Background</p><p>This routing combines policy <a href="./policy/authentication.html#login">authentication.login</a> with controller <a href="./controller/user.html#authenticate">user.authenticate</a>.</p></div><h2 id="get-api-auth-login-strategy" tabindex="-1"><code>GET /api/auth/login/:strategy</code> <a class="header-anchor" href="#get-api-auth-login-strategy" aria-label="Permalink to &quot;\`GET /api/auth/login/:strategy\`&quot;">​</a></h2><p>This route is integrating authentication code for optionally picking up external authentication on returning from remote service. You need to provide a strategy here.</p><h2 id="get-api-auth-logout" tabindex="-1"><code>GET /api/auth/logout</code> <a class="header-anchor" href="#get-api-auth-logout" aria-label="Permalink to &quot;\`GET /api/auth/logout\`&quot;">​</a></h2><p>This route is triggering removal any server-side session data suitable for implicitly re-authenticating some current user.</p><p>The result is provided as JSON object.</p><div class="tip custom-block"><p class="custom-block-title">Background</p><p>This routing combines policy <a href="./policy/authentication.html#logout">authentication.logout</a> with controller <a href="./controller/user.html#unauthenticate">user.unauthenticate</a>.</p></div><h2 id="get-api-auth-current" tabindex="-1"><code>GET /api/auth/current</code> <a class="header-anchor" href="#get-api-auth-current" aria-label="Permalink to &quot;\`GET /api/auth/current\`&quot;">​</a></h2><p>The route delivers information on some currently authenticated user as JSON object.</p><p>If no user is authenticated, the result is:</p><div class="language-json vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">json</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">{</span></span>
5
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;success&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: </span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">true</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">,</span></span>
6
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;authenticated&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: </span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">false</span></span>
7
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">}</span></span></code></pre></div><p>Following a successful authentication, the result is similar to this one:</p><div class="language-json vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">json</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">{</span></span>
8
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;success&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: </span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">true</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">,</span></span>
9
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;authenticated&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: {</span></span>
10
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;uuid&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;12345678-1234-1234-1234-1234-123456789012&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">,</span></span>
11
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;name&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;john.doe&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">,</span></span>
12
+ <span class="line"><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;"> &quot;roles&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">: [</span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;users&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">, </span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;">&quot;customers&quot;</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">]</span></span>
13
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> }</span></span>
14
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">}</span></span></code></pre></div><div class="tip custom-block"><p class="custom-block-title">Background</p><p>This routing targets controller <a href="./controller/user.html#getcurrent">user.getCurrent</a>.</p></div><h2 id="post-api-auth-password" tabindex="-1"><code>POST /api/auth/password</code> <a class="header-anchor" href="#post-api-auth-password" aria-label="Permalink to &quot;\`POST /api/auth/password\`&quot;">​</a></h2><p>This route is processing request for changing some previously authenticated user&#39;s token a.k.a. password.</p><p>All information is read from request body which is either JSON-formatted or some URL-encoded form data. It must contain properties <code>current</code> and <code>next</code> providing user&#39;s current password and the one to become user&#39;s next password.</p><div class="language-http vp-adaptive-theme"><button title="Copy Code" class="copy"></button><span class="lang">http</span><pre class="shiki shiki-themes github-light github-dark vp-code" tabindex="0"><code><span class="line"><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;">POST</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;"> /api/auth/password </span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;">HTTP</span><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">/</span><span style="--shiki-light:#005CC5;--shiki-dark:#79B8FF;">1.0</span></span>
15
+ <span class="line"><span style="--shiki-light:#22863A;--shiki-dark:#85E89D;">Content-Type</span><span style="--shiki-light:#D73A49;--shiki-dark:#F97583;">:</span><span style="--shiki-light:#032F62;--shiki-dark:#9ECBFF;"> application/x-www-form-urlencoded</span></span>
16
+ <span class="line"></span>
17
+ <span class="line"><span style="--shiki-light:#24292E;--shiki-dark:#E1E4E8;">current=my-old-secret&amp;next=my-new-secret</span></span></code></pre></div><p>The result is provided as JSON object.</p><div class="warning custom-block"><p class="custom-block-title">Current user, only</p><p>By intention, this request handler is limited to changing current user&#39;s password, only. A custom request handler is required to change password of different users.</p></div><div class="tip custom-block"><p class="custom-block-title">Background</p><p>This routing combines policy <a href="./policy/user.html#changepassword">user.changePassword</a> with controller <a href="./controller/user.html#changepassword">user.changePassword</a>.</p></div>`,30),o=[n];function l(p,r,h,c,d,u){return a(),i("div",null,o)}const E=s(e,[["render",l]]);export{g as __pageData,E as default};
package/public/assets/api_routing.md.BP98xeNw.lean.js ADDED
@@ -0,0 +1 @@
1
+ import{_ as s,c as i,o as a,a2 as t}from"./chunks/framework.BaHG-QLs.js";const g=JSON.parse('{"title":"Routing defaults","description":"","frontmatter":{"prev":"config.md","next":false},"headers":[],"relativePath":"api/routing.md","filePath":"api/routing.md"}'),e={name:"api/routing.md"},n=t("",30),o=[n];function l(p,r,h,c,d,u){return a(),i("div",null,o)}const E=s(e,[["render",l]]);export{g as __pageData,E as default};