AngelAuth<User> class

Handles authentication within an Angel application.


AngelAuth({String jwtKey, FutureOr serializer(User), FutureOr<User> deserializer(Object), num jwtLifeSpan, bool allowCookie: true, bool allowTokenInQuery: true, bool enforceIp: true, String cookieDomain, String cookiePath: '/', bool secureCookies: true, String reviveTokenEndpoint: "/auth/token"})
jwtLifeSpan - should be in milliseconds.


allowCookie bool
If true (default), then JWT's will be stored and retrieved from a token cookie.
allowTokenInQuery bool
If true (default), then users can include a JWT in the query string as token.
cookieDomain String
A domain to restrict emitted cookies to. [...]
cookiePath String
A path to restrict emitted cookies to. [...]
deserializer FutureOr<User> Function(Object)
Deserializes a unique identifier into its associated identity. In most cases, this is a user object or model instance.
read / write
enforceIp bool
If true (default), then JWT's will be considered invalid if used from a different IP than the first user's it was issued to. [...]
hashCode int
The hash code for this object. [...]
read-only, inherited
hmac Hmac
The Hmac being used to encode JWT's.
onLogin Stream<User>
Fires the result of deserializer whenever a user signs in to the application.
onLogout Stream<User>
Fires req.user, which is usually the result of deserializer, whenever a user signs out of the application.
reviveTokenEndpoint String
The endpoint to mount reviveJwt at. If null, then no revival route is mounted. Default: /auth/token.
read / write
runtimeType Type
A representation of the runtime type of the object.
read-only, inherited
secureCookies bool
Whether emitted cookies should have the secure and HttpOnly flags, as well as being restricted to a specific domain.
serializer FutureOr Function(User)
Serializes a user into a unique identifier associated only with one identity.
read / write
strategies Map<String, AuthStrategy<User>>
A set of AuthStrategy instances used to authenticate users.
read / write


authenticate(dynamic type, [AngelAuthOptions<User> options]) RequestHandler
Attempts to authenticate a user using one or more strategies. [...]
configureServer(Angel app) Future<void>
Configures an Angel server to decode and validate JSON Web tokens on demand, whenever an instance of User is injected.
decodeJwt(RequestContext req, ResponseContext res) Future
DEPRECATED: A middleware that decodes a JWT from a request, and injects a corresponding user. [...]
getJwt(RequestContext req) String
Retrieves a JWT from a request, if any was sent at all.
login(AuthToken token, RequestContext req, ResponseContext res) Future
Log a user in on-demand.
loginById(dynamic userId, RequestContext req, ResponseContext res) Future
Log a user in on-demand.
logout([AngelAuthOptions<User> options]) RequestHandler
Log an authenticated user out.
noSuchMethod(Invocation invocation) → dynamic
Invoked when a non-existent method or property is accessed. [...]
protectCookie(Cookie cookie) Cookie
Applies security protections to a cookie.
reviveJwt(RequestContext req, ResponseContext res) Future<Map<String, dynamic>>
Attempts to revive an expired (or still alive) JWT.
toString() String
Returns a string representation of this object.


operator ==(Object other) bool
The equality operator. [...]