cbSecurity
CommunitySlackSupport
v3.x
v3.x
  • 🔏Introduction
    • Release History
      • What's New With 3.4.0
      • What's New With 3.3.0
      • What's New With 3.2.0
      • What's New With 3.1.0
      • What's New With 3.0.0
    • Upgrade to 3.0.0
    • About This Book
      • Author
  • Getting Started
    • Installation
    • Overview
    • Configuration
      • 🔏Authentication
      • 🥸Basic Auth
      • 🙈CSRF
      • 🌐JWT
      • 🧱Firewall
        • DB Rules
        • JSON Rules
        • Model Rules
        • XML Rules
      • ☢️Security Headers
      • 🔬Visualizer
  • Usage
    • Authentication Services
    • Basic Authentication
    • Security Rules
    • Security Annotations
    • cbSecurity Model
      • Authentication Methods
      • Authorization Contexts
      • Blocking Methods
      • Securing Views
      • Utility Methods
      • Verification Methods
    • Secured URL
    • Interceptions
    • Cross Site Request Forgery
    • Delegates
    • Auth User
  • Security Validators
    • Auth Validator
    • BasicAuth Validator
    • CFML Security Validator
    • Custom Validator
  • JWT
    • JWT Services
    • JWT Validator
    • Refresh Tokens
    • Token Storage
    • JWT Interceptions
  • External links
    • Issue Tracker
    • Source code
    • Sponsor Us
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub
Export as PDF
  1. Usage

Auth User

CBSecurity comes bundled with a basic authentication User

PreviousDelegatesNextAuth Validator

Last updated 1 year ago

Was this helpful?

CBSecurity ships with a basic User object that already implements the auth and JWT interfaces and gives you basic properties.

cbsecurity.models.auth.User

This powerful component provides a comprehensive representation of users, with robust authorization and JSON Web Token (JWT) capabilities. With this basic user, you can effortlessly manage your application's user authentication and access control. It offers a user-friendly interface for handling user profiles, permissions, and JWT generation, ensuring a secure and seamless experience for developers and end-users.

Check out the ColdBox REST Starter Templates to see it in action.

coldbox create app name=restapp skeleton=rest
https://github.com/coldbox-modules/cbsecurity/blob/master/models/auth/User.cfc
/**
 * Copyright since 2016 by Ortus Solutions, Corp
 * www.ortussolutions.com
 * ---
 * This is a basic user object that can be used with CBSecurity.
 *
 * It implements the following interfaces via it's delegates
 * - cbsecurity.interfaces.jwt.IJwtSubject
 * - cbsecurity.interfaces.IAuthUser
 */
component
	accessors     ="true"
	transientCache="false"
	delegates     ="
		Auth@cbSecurity,
		Authorizable@cbSecurity,
		JwtSubject@cbSecurity
	"
{

	/**
	 * --------------------------------------------------------------------------
	 * Properties
	 * --------------------------------------------------------------------------
	 */
	property name="id";
	property name="firstName";
	property name="lastName";
	property name="username";
	property name="password";
	property name="permissions";
	property name="roles";

	/**
	 * --------------------------------------------------------------------------
	 * Validation constraints
	 * --------------------------------------------------------------------------
	 * https://coldbox-validation.ortusbooks.com/overview/valid-constraints
	 */
	this.constraints = {
		firstName : { required : true, size : "1..255" },
		lastName  : { required : true, size : "1..255" },
		username  : { required : true, size : "1..255" },
		password  : { required : true, size : "1..255" }
	};

	/**
	 * --------------------------------------------------------------------------
	 * Validation profiles
	 * --------------------------------------------------------------------------
	 * https://coldbox-validation.ortusbooks.com/overview/validating-constraints/validating-with-profiles
	 */
	this.constraintProfiles = { "update" : "firstName,lastName,username" };

	/**
	 * --------------------------------------------------------------------------
	 * Mementifier Serialization
	 * --------------------------------------------------------------------------
	 * https://forgebox.io/view/mementifier
	 */
	this.memento = {
		// Default properties to serialize
		defaultIncludes : [
			"id",
			"firstName",
			"lastName",
			"username",
			"permissions",
			"roles"
		],
		// Default Exclusions
		defaultExcludes : [],
		// Never Include
		neverInclude    : [ "password" ]
	};

	/**
	 * --------------------------------------------------------------------------
	 * Population Control
	 * --------------------------------------------------------------------------
	 * https://coldbox.ortusbooks.com/readme/release-history/whats-new-with-7.0.0#population-enhancements
	 */
	this.population = {
		include : [], // if empty, tries to include them all
		exclude : [ "permissions", "roles" ] // These are not mass assignable
	}

	/**
	 * Constructor
	 */
	function init(){
		variables.id          = "";
		variables.firstName   = "";
		variables.lastName    = "";
		variables.username    = "";
		variables.password    = "";
		variables.permissions = [];
		variables.roles       = [];

		return this;
	}

	/**
	 * Set roles into the object
	 *
	 * @roles array or list of roles
	 */
	User function setRoles( roles ){
		if ( isSimpleValue( arguments.roles ) ) {
			arguments.roles = listToArray( arguments.roles );
		}
		variables.roles = arguments.roles;
		return this;
	}

	/**
	 * Set permissions into this object
	 *
	 * @permissions array or list of permissions
	 */
	User function setPermissions( permissions ){
		if ( isSimpleValue( arguments.permissions ) ) {
			arguments.permissions = listToArray( arguments.permissions );
		}
		variables.permissions = arguments.permissions;
		return this;
	}

	/**
	 * Verify if this is a valid user or not
	 */
	boolean function isLoaded(){
		return ( !isNull( variables.id ) && len( variables.id ) );
	}

}