AngelAuth<User> class

Handles authentication within an Angel application.


AngelAuth({String jwtKey, FutureOr serializer(User), FutureOr<User> deserializer(Object), num jwtLifeSpan, bool allowCookie: true, bool allowTokenInQuery: true, bool enforceIp: true, String cookieDomain, String cookiePath: '/', bool secureCookies: true, String reviveTokenEndpoint: "/auth/token"})
jwtLifeSpan - should be in milliseconds.


allowCookie → bool
If true (default), then JWT's will be stored and retrieved from a token cookie.
allowTokenInQuery → bool
If true (default), then users can include a JWT in the query string as token.
cookieDomain → String
A domain to restrict emitted cookies to. [...]
cookiePath → String
A path to restrict emitted cookies to. [...]
deserializer ↔ FutureOr<User> Function(Object)
Deserializes a unique identifier into its associated identity. In most cases, this is a user object or model instance.
read / write
enforceIp → bool
If true (default), then JWT's will be considered invalid if used from a different IP than the first user's it was issued to. [...]
hmac Hmac
The Hmac being used to encode JWT's.
onLogin → Stream<User>
Fires the result of deserializer whenever a user signs in to the application.
onLogout → Stream<User>
Fires req.user, which is usually the result of deserializer, whenever a user signs out of the application.
reviveTokenEndpoint ↔ String
The endpoint to mount reviveJwt at. If null, then no revival route is mounted. Default: /auth/token.
read / write
secureCookies → bool
Whether emitted cookies should have the secure and HttpOnly flags, as well as being restricted to a specific domain.
serializer ↔ FutureOr Function(User)
Serializes a user into a unique identifier associated only with one identity.
read / write
strategies ↔ Map<String, AuthStrategy<User>>
A set of AuthStrategy instances used to authenticate users.
read / write
hashCode → int
The hash code for this object.
read-only, inherited
runtimeType → Type
A representation of the runtime type of the object.
read-only, inherited


authenticate(dynamic type, [AngelAuthOptions<User> options]) RequestHandler
Attempts to authenticate a user using one or more strategies. [...]
configureServer(Angel app) → Future<void>
Configures an Angel server to decode and validate JSON Web tokens on demand, whenever an instance of User is injected.
decodeJwt(RequestContext req, ResponseContext res) → Future
DEPRECATED: A middleware that decodes a JWT from a request, and injects a corresponding user. [...]
getJwt(RequestContext req) → String
Retrieves a JWT from a request, if any was sent at all.
login(AuthToken token, RequestContext req, ResponseContext res) → Future
Log a user in on-demand.
loginById(dynamic userId, RequestContext req, ResponseContext res) → Future
Log a user in on-demand.
logout([AngelAuthOptions<User> options]) RequestHandler
Log an authenticated user out.
protectCookie(Cookie cookie) → Cookie
Applies security protections to a cookie.
reviveJwt(RequestContext req, ResponseContext res) → Future<Map<String, dynamic>>
Attempts to revive an expired (or still alive) JWT.
noSuchMethod(Invocation invocation) → dynamic
Invoked when a non-existent method or property is accessed.
toString() → String
Returns a string representation of this object.


operator ==(dynamic other) → bool
The equality operator.