RequestAuth extension
Enhanced authentication extension for HTTP requests
This extension provides comprehensive authentication functionality for HTTP requests, including user management, role checking, permissions, and security features.
- on
Properties
-
authContext
→ Map<
String, dynamic> -
Available on Request, provided by the RequestAuth extension
Gets authentication context for logging/auditing.no setter - authenticatable → Authenticatable?
-
Available on Request, provided by the RequestAuth extension
Returns the currently authenticated Authenticatable instance (if available).no setter - bearerToken → String?
-
Available on Request, provided by the RequestAuth extension
Gets the Bearer token from the Authorization header.no setter - clientIp → String
-
Available on Request, provided by the RequestAuth extension
Gets the user's IP address for security logging.no setter - guard → String?
-
Available on Request, provided by the RequestAuth extension
Gets the user's authentication guard name.no setter - isAdmin → bool
-
Available on Request, provided by the RequestAuth extension
Returns true if the user has admin privileges.no setter - isAttemptingAuth → bool
-
Available on Request, provided by the RequestAuth extension
Checks if the current request is attempting authentication.no setter - isAuthenticated → bool
-
Available on Request, provided by the RequestAuth extension
Returns true if a user is authenticated.no setter - isGuest → bool
-
Available on Request, provided by the RequestAuth extension
Returns true if no user is authenticated.no setter - isSuperAdmin → bool
-
Available on Request, provided by the RequestAuth extension
Returns true if the user has super admin privileges.no setter - isSuspicious → bool
-
Available on Request, provided by the RequestAuth extension
Checks if the request is from a suspicious source.no setter - token → String?
-
Available on Request, provided by the RequestAuth extension
Gets the user's authentication token (if available).no setter -
user
→ Map<
String, dynamic> ? -
Available on Request, provided by the RequestAuth extension
Returns the currently authenticated user data (if any).no setter - userAgent → String
-
Available on Request, provided by the RequestAuth extension
Gets the user's User-Agent for security logging.no setter - userEmail → String?
-
Available on Request, provided by the RequestAuth extension
Returns the email of the authenticated user (if available).no setter - userId → dynamic
-
Available on Request, provided by the RequestAuth extension
Returns the ID of the authenticated user (if available).no setter - userName → String?
-
Available on Request, provided by the RequestAuth extension
Returns the name of the authenticated user (if available).no setter - wasRecentlyAuthenticated → bool
-
Available on Request, provided by the RequestAuth extension
Checks if the user was recently authenticated (within last 5 minutes).no setter
Methods
-
canAccessAdmin(
) → bool -
Available on Request, provided by the RequestAuth extension
Checks if the user can access admin-only resources. -
clearUser(
) → void -
Available on Request, provided by the RequestAuth extension
Clears the authenticated user. -
getUserMeta(
String key) → dynamic -
Available on Request, provided by the RequestAuth extension
Gets user metadata/custom fields. -
hasAllPermissions(
List< String> permissions) → bool -
Available on Request, provided by the RequestAuth extension
Checks if the user has all of the specified permissions. -
hasAllRoles(
List< String> roles) → bool -
Available on Request, provided by the RequestAuth extension
Checks if the user has all of the specified roles. -
hasAnyPermission(
List< String> permissions) → bool -
Available on Request, provided by the RequestAuth extension
Checks if the user has any of the specified permissions. -
hasAnyRole(
List< String> roles) → bool -
Available on Request, provided by the RequestAuth extension
Checks if the user has any of the specified roles. -
hasPermission(
String permission) → bool -
Available on Request, provided by the RequestAuth extension
Checks if the user has a specific permission. -
hasRole(
String role) → bool -
Available on Request, provided by the RequestAuth extension
Checks if the user has a specific role. -
logout(
) → Future< void> -
Available on Request, provided by the RequestAuth extension
Logs out the current user. -
logoutAllDevices(
) → Future< void> -
Available on Request, provided by the RequestAuth extension
Logs out the user from all devices. -
ownsResource(
dynamic resourceOwnerId) → bool -
Available on Request, provided by the RequestAuth extension
Checks if the user owns a resource (by comparing user ID). -
recordAuthTime(
) → void -
Available on Request, provided by the RequestAuth extension
Records the authentication time. -
refreshAuth(
) → Future< Map< String, dynamic> ?> -
Available on Request, provided by the RequestAuth extension
Refreshes the current user's authentication. -
removeAttribute(
String key) → void -
Available on Request, provided by the RequestAuth extension
Removes an attribute from the request. -
requireAdmin(
[String? message]) → void -
Available on Request, provided by the RequestAuth extension
Requires admin privileges - throws exception if not admin. -
requireAuth(
[String? message]) → void -
Available on Request, provided by the RequestAuth extension
Requires authentication - throws exception if not authenticated. -
requireOwnership(
dynamic resourceOwnerId, [String? message]) → void -
Available on Request, provided by the RequestAuth extension
Requires ownership of a resource. -
requirePermission(
String permission, [String? message]) → void -
Available on Request, provided by the RequestAuth extension
Requires a specific permission - throws exception if user doesn't have it. -
requireRole(
String role, [String? message]) → void -
Available on Request, provided by the RequestAuth extension
Requires a specific role - throws exception if user doesn't have it. -
requireSuperAdmin(
[String? message]) → void -
Available on Request, provided by the RequestAuth extension
Requires super admin privileges - throws exception if not super admin. -
setAuthenticatable(
Authenticatable authenticatable) → void -
Available on Request, provided by the RequestAuth extension
Sets the authenticated user from an Authenticatable instance. -
setGuard(
String guardName) → void -
Available on Request, provided by the RequestAuth extension
Sets the user's authentication guard name. -
setToken(
String token) → void -
Available on Request, provided by the RequestAuth extension
Sets the user's authentication token. -
setUser(
Map< String, dynamic> userData) → void -
Available on Request, provided by the RequestAuth extension
Sets the authenticated user from a map (backward compatibility). -
setUserAuthenticatable(
Authenticatable user) → void -
Available on Request, provided by the RequestAuth extension
Sets the authenticated user from an Authenticatable instance. -
setUserMeta(
String key, dynamic value) → void -
Available on Request, provided by the RequestAuth extension
Sets user metadata/custom fields. -
validateAuth(
) → Future< bool> -
Available on Request, provided by the RequestAuth extension
Validates the current user's session/token.