Hawkin
/
arangodb
mirror of https://gitee.com/bigwinds/arangodb
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Reformatted docs for consistency.

This commit is contained in:
Alan Plum 2014-06-24 17:14:35 +02:00
parent 96d1452c47
commit 7ef8e7d9d4
4 changed files with 76 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
Documentation/Books/Users/FoxxBundledApps/OAuth2.mdpp
View File

@ -2,10 +2,6 @@
The OAuth2 authentication app provides authentication abstractions over OAuth2 providers like Facebook, GitHub and Google. If you want to support additional providers, you can easily define your own. The OAuth2 authentication app provides authentication abstractions over OAuth2 providers like Facebook, GitHub and Google. If you want to support additional providers, you can easily define your own.
```js
var providers = Foxx.requireApp('/_oauth2').providers;
```
!SECTION Configuration !SECTION Configuration
The app requires no configuration, but you need to update its *providers* collection with your client ID and client secret for each provider you wish to support. The app requires no configuration, but you need to update its *providers* collection with your client ID and client secret for each provider you wish to support.
@ -46,9 +42,17 @@ If you want to use the *google* provider, you need to obtain a client ID and cli
7. When the Client ID is ready, note down the *Client ID* and *Client secret*. 7. When the Client ID is ready, note down the *Client ID* and *Client secret*.
8. Update the *google* provider by settiing its *clientId* attribute to the *Client ID* and its *clientSecret* attribute to the *Client secret*. Don't forget to save your changes. 8. Update the *google* provider by settiing its *clientId* attribute to the *Client ID* and its *clientSecret* attribute to the *Client secret*. Don't forget to save your changes.
!SECTION Exceptions !SECTION JavaScript API: *providers*
!SUBSECTION Provider Not Found This app exposes its functionality via a JavaScript API named *providers*.
```js
var providers = Foxx.requireApp('/_oauth2').providers;
```
!SUBSECTION Exceptions
!SUBSUBSECTION Provider Not Found
Indicates a provider could not be found in the database. Indicates a provider could not be found in the database.
@ -66,7 +70,7 @@ try {
} }
``` ```
!SECTION The provider object !SUBSECTION The provider object
Provider objects are instances of a Foxx model with the following attributes: Provider objects are instances of a Foxx model with the following attributes:
@ -79,7 +83,7 @@ Provider objects are instances of a Foxx model with the following attributes:
* *clientId*: the client ID of the app registered with the provider. * *clientId*: the client ID of the app registered with the provider.
* *clientSecret*: the client secret of the app registered with the provider. * *clientSecret*: the client secret of the app registered with the provider.
!SECTION List available OAuth2 providers !SUBSECTION List available OAuth2 providers
Returns a list of OAuth2 providers that can be presented to the front-end. Returns a list of OAuth2 providers that can be presented to the front-end.
@ -101,7 +105,7 @@ var supportedProviders = providers.list().filter(function(obj) {
}); });
``` ```
!SECTION Define a new OAuth2 provider !SUBSECTION Define a new OAuth2 provider
Creates a new OAuth2 provider with the given data. Creates a new OAuth2 provider with the given data.
@ -129,7 +133,7 @@ var provider = providers.create({
}); });
``` ```
!SECTION Fetch an existing OAuth2 provider !SUBSECTION Fetch an existing OAuth2 provider
Fetches an existing OAuth2 provider from the database. Fetches an existing OAuth2 provider from the database.
@ -148,14 +152,14 @@ var provider = providers.get('github');
assertTrue(provider.get('_key'), 'github'); assertTrue(provider.get('_key'), 'github');
``` ```
!SECTION Delete a provider !SUBSECTION Delete a provider
There are two ways to delete a provider from the database: There are two ways to delete a provider from the database:
* calling the provider storage's *delete* method with a provider's *_key* directly * calling the provider storage's *delete* method with a provider's *_key* directly
* telling a provider to delete itself * telling a provider to delete itself
!SUBSECTION Delete a provider by its ID !SUBSUBSECTION Delete a provider by its ID
Delete a provider with a given ID. Delete a provider with a given ID.
@ -173,7 +177,7 @@ Attempts to delete the provider with the given *providerId* from the database. I
providers.delete('github'); providers.delete('github');
``` ```
!SUBSECTION Tell a provider to delete itself !SUBSUBSECTION Tell a provider to delete itself
Delete a provider from the database. Delete a provider from the database.
@ -192,7 +196,7 @@ var provider = providers.get('github');
provider.delete(); provider.delete();
``` ```
!SECTION Save a provider !SUBSECTION Save a provider
Save a provider to the database. Save a provider to the database.
@ -209,7 +213,7 @@ provider.save();
``` ```
!SECTION Get the authorization URL of a provider !SUBSECTION Get the authorization URL of a provider
Generates the authorization URL for the authorization endpoint of the provider. Generates the authorization URL for the authorization endpoint of the provider.
@ -223,7 +227,7 @@ Returns a fully-qualified URL for the authorization endpoint of the provider by
* *args* (optional): an object with any of the following properties: * *args* (optional): an object with any of the following properties:
* *response_type* (optional): See [RFC 6749](http://tools.ietf.org/html/rfc6749). Default: *"code"*. * *response_type* (optional): See [RFC 6749](http://tools.ietf.org/html/rfc6749). Default: *"code"*.
!SECTION _getTokenRequest !SUBSECTION _getTokenRequest
(Internal.) Generates the token URL and request body for token endpoint of the provider. (Internal.) Generates the token URL and request body for token endpoint of the provider.
@ -241,7 +245,7 @@ Returns an object with two properties:
* *args* (optional): an object with any of the following properties: * *args* (optional): an object with any of the following properties:
* *grant_type* (optional): see [RFC 6749](http://tools.ietf.org/html/rfc6749). Default: *"authorization_code"*. * *grant_type* (optional): see [RFC 6749](http://tools.ietf.org/html/rfc6749). Default: *"authorization_code"*.
!SECTION Exchange a grant code for an access token !SUBSECTION Exchange a grant code for an access token
Exchanges a grant code for an access token. Exchanges a grant code for an access token.
@ -258,7 +262,7 @@ Throws an exception if the remote server responds with an empty response body.
* *args* (optional): an object with any of the following properties: * *args* (optional): an object with any of the following properties:
* *grant_type* (optional): see [RFC 6749](http://tools.ietf.org/html/rfc6749). Default: *"authorization_code"*. * *grant_type* (optional): see [RFC 6749](http://tools.ietf.org/html/rfc6749). Default: *"authorization_code"*.
!SECTION Fetch the active user !SUBSECTION Fetch the active user
Fetches details of the active user. Fetches details of the active user.
@ -281,7 +285,7 @@ var authData = provider.exchangeGrantToken(code, redirect_uri);
var userData = provider.fetchActiveUser(authData.access_token); var userData = provider.fetchActiveUser(authData.access_token);
``` ```
!SECTION Get a user's identifier !SUBSECTION Get a user's identifier
Fetches the user's identifier from a user object returned by the provider. Fetches the user's identifier from a user object returned by the provider.

40
Documentation/Books/Users/FoxxBundledApps/Sessions.mdpp
View File

@ -2,20 +2,28 @@
The sessions app provides a session storage JavaScript API that can be used in other Foxx apps. The sessions app provides a session storage JavaScript API that can be used in other Foxx apps.
*Configuration* !SECTION Configuration
This app has the following configuration options:
* *timeToLive* (optional): number of milliseconds until the session expires. Default: *604800000* (one week). * *timeToLive* (optional): number of milliseconds until the session expires. Default: *604800000* (one week).
* *ttlType* (optional): attribute against which the *timeToLive* is enforced. Valid options: *lastAccess*, *lastUpdate*, *created*. Default: *"created"*. * *ttlType* (optional): attribute against which the *timeToLive* is enforced. Valid options: *lastAccess*, *lastUpdate*, *created*. Default: *"created"*.
* *sidTimestamp* (optional): whether to append a timestamp to the random part of generated session IDs. Default: *false*. * *sidTimestamp* (optional): whether to append a timestamp to the random part of generated session IDs. Default: *false*.
* *sidLength* (optional): number of random characters to use for new session IDs. Default *20*. * *sidLength* (optional): number of random characters to use for new session IDs. Default *20*.
!SECTION JavaScript API: *sessionStorage*
This app exposes a session storage via a JavaScript API named *sessionStorage*.
@EXAMPLES
```js ```js
var sessionStorage = Foxx.requireApp('/_sessions').sessionStorage; var sessionStorage = Foxx.requireApp('/_sessions').sessionStorage;
``` ```
!SECTION Exceptions !SUBSECTION Exceptions
!SUBSECTION Session Not Found !SUBSUBSECTION Session Not Found
Indicates a session could not be found in the database. Indicates a session could not be found in the database.
@ -33,7 +41,7 @@ try {
} }
``` ```
!SUBSECTION Session Expired !SUBSUBSECTION Session Expired
Indicates the session exists in the database but has expired. Indicates the session exists in the database but has expired.
@ -52,7 +60,7 @@ try {
} }
``` ```
!SECTION The session object !SUBSECTION The session object
Session objects are instances of a Foxx model with the following attributes: Session objects are instances of a Foxx model with the following attributes:
@ -63,7 +71,7 @@ Session objects are instances of a Foxx model with the following attributes:
* *lastAccess*: timestamp of the last time the session was fetched from the database. * *lastAccess*: timestamp of the last time the session was fetched from the database.
* *lastUpdate*: timestamp of the last time the session was written to the database. * *lastUpdate*: timestamp of the last time the session was written to the database.
!SECTION Create a session !SUBSECTION Create a session
Creates and saves a new instance of the session model. Creates and saves a new instance of the session model.
@ -80,14 +88,14 @@ var session = sessionStorage.create(sessionData);
assertEqual(session.get('sessionData'), sessionData); assertEqual(session.get('sessionData'), sessionData);
``` ```
!SECTION Fetch an existing session !SUBSECTION Fetch an existing session
There are two ways to fetch a session via the session storage API: There are two ways to fetch a session via the session storage API:
* resolving a session cookie with the *fromCookie* method * resolving a session cookie with the *fromCookie* method
* calling the session storage's *get* method with a session ID directly * calling the session storage's *get* method with a session ID directly
!SUBSECTION Resolve a session cookie !SUBSUBSECTION Resolve a session cookie
Fetch a session matching a cookie in a Foxx request. Fetch a session matching a cookie in a Foxx request.
@ -118,7 +126,7 @@ controller.get('/hello', function(request, response) {
}); });
``` ```
!SUBSECTION Resolve a session ID directly !SUBSUBSECTION Resolve a session ID directly
Fetch a session from the database for a given ID. Fetch a session from the database for a given ID.
@ -136,14 +144,14 @@ Attempts to load the session with the given session ID from the database. If the
var session = sessionStorage.get(sessionId); var session = sessionStorage.get(sessionId);
``` ```
!SECTION Delete a session !SUBSECTION Delete a session
There are two ways to delete a session from the database: There are two ways to delete a session from the database:
* calling the session storage's *delete* method with a session ID directly * calling the session storage's *delete* method with a session ID directly
* telling a session to delete itself * telling a session to delete itself
!SUBSECTION Delete a session by its ID !SUBSUBSECTION Delete a session by its ID
Delete a session with a given ID. Delete a session with a given ID.
@ -161,7 +169,7 @@ Attempts to delete the session with the given session ID from the database. If t
sessionStorage.delete(sessionId); sessionStorage.delete(sessionId);
``` ```
!SUBSECTION Tell a session to delete itself !SUBSUBSECTION Tell a session to delete itself
Delete a session from the database. Delete a session from the database.
@ -179,7 +187,7 @@ Returns *false* if the session already didn't exist.
session.delete(); session.delete();
``` ```
!SECTION Save a session !SUBSECTION Save a session
Save a session to the database. Save a session to the database.
@ -194,7 +202,7 @@ session.setUser(user);
session.save(); session.save();
``` ```
!SECTION Set a session's active user !SUBSECTION Set a session's active user
Set the active user of a session. Set the active user of a session.
@ -214,7 +222,7 @@ assertEqual(session.get('uid'), user.get('_key'));
assertEqual(session.get('userData'), user.get('userData')); assertEqual(session.get('userData'), user.get('userData'));
``` ```
!SECTION Add a session cookie to a response !SUBSECTION Add a session cookie to a response
Add a session cookie to a Foxx response. Add a session cookie to a Foxx response.
@ -240,7 +248,7 @@ controller.get('/hello', function(request, response) {
}); });
``` ```
!SECTION Clear a session cookie !SUBSECTION Clear a session cookie
Clear the session cookie of a Foxx response. Clear the session cookie of a Foxx response.

14
Documentation/Books/Users/FoxxBundledApps/SimpleAuth.mdpp
View File

@ -2,16 +2,24 @@
The simple auth app provides hashed password-based authentication with automatically generated salts and constant-time password verification. The simple auth app provides hashed password-based authentication with automatically generated salts and constant-time password verification.
*Configuration* !SECTION Configuration
This app has the following configuration options:
* *saltLength* (optional): length of newly generated salts. Default: *16*. * *saltLength* (optional): length of newly generated salts. Default: *16*.
* *hashMethod* (optional): hash algorithm to use. Supported values: *sha1*, *sha224*, *sha256*, *md5*. Default: *"sha256"*. * *hashMethod* (optional): hash algorithm to use. Supported values: *sha1*, *sha224*, *sha256*, *md5*. Default: *"sha256"*.
!SECTION JavaScript API: *auth*
This app exposes its functionality via a JavaScript API named *auth*.
@EXAMPLES
```js ```js
var auth = Foxx.requireApp('/_auth').auth; var auth = Foxx.requireApp('/_auth').auth;
``` ```
!SECTION Generate an authentication object !SUBSECTION Generate an authentication object
Generates an authentication object for a given password. Generates an authentication object for a given password.
@ -27,7 +35,7 @@ Returns an authentication object with the following properties:
* *password*: the password to hash. * *password*: the password to hash.
!SECTION Verify a password !SUBSECTION Verify a password
Verifies a password against a given authentication object. Verifies a password against a given authentication object.

30
Documentation/Books/Users/FoxxBundledApps/Users.mdpp
View File

@ -2,13 +2,19 @@
The users app provides a username-based user storage JavaScript API that can be used in other Foxx apps. The users app provides a username-based user storage JavaScript API that can be used in other Foxx apps.
!SECTION JavaScript API: *userStorage*
This app exposes a user storage via a JavaScript API named *userStorage*.
@EXAMPLES
```js ```js
var userStorage = Foxx.requireApp('/_users').userStorage; var userStorage = Foxx.requireApp('/_users').userStorage;
``` ```
!SECTION Exceptions !SUBSECTION Exceptions
!SUBSECTION User Not Found !SUBSUBSECTION User Not Found
Indicates a user could not be found in the database. Indicates a user could not be found in the database.
@ -26,7 +32,7 @@ try {
} }
``` ```
!SUBSECTION Username Not Available !SUBSUBSECTION Username Not Available
Indicates a username is already in use. Indicates a username is already in use.
@ -44,14 +50,14 @@ try {
} }
``` ```
!SECTION The user object !SUBSECTION The user object
User objects are instances of a Foxx model with the following attributes: User objects are instances of a Foxx model with the following attributes:
* *userData*: application-specific user data. This is an arbitrary object that must at least have a *username* property set to the user's username. * *userData*: application-specific user data. This is an arbitrary object that must at least have a *username* property set to the user's username.
* *authData*: an arbitrary object used by authentication apps to store sensitive data. For password authentication this could be a hash, for third-party authentication services this could be information about the user's identity. This attribute should never be exposed to the user directly. * *authData*: an arbitrary object used by authentication apps to store sensitive data. For password authentication this could be a hash, for third-party authentication services this could be information about the user's identity. This attribute should never be exposed to the user directly.
!SECTION Create a user !SUBSECTION Create a user
Creates and saves a new instance of the user model. Creates and saves a new instance of the user model.
@ -70,14 +76,14 @@ var user = userStorage.create({username: 'malaclypse'});
assertEqual(user.get('userData').username, 'malaclypse'); assertEqual(user.get('userData').username, 'malaclypse');
``` ```
!SECTION Fetch an existing user !SUBSECTION Fetch an existing user
There are two ways to fetch a user via the user storage API: There are two ways to fetch a user via the user storage API:
* resolving a *username* with the user storage's *resolve* method * resolving a *username* with the user storage's *resolve* method
* calling the user storage's *get* method with a user ID directly * calling the user storage's *get* method with a user ID directly
!SUBSECTION Resolve a *username* !SUBSUBSECTION Resolve a *username*
Fetches a user with a given *username*. Fetches a user with a given *username*.
@ -96,7 +102,7 @@ var user = userStorage.resolve('malaclypse');
assertEqual(user.get('userData').username, 'malaclypse'); assertEqual(user.get('userData').username, 'malaclypse');
``` ```
!SUBSECTION Resolve a user ID directly !SUBSUBSECTION Resolve a user ID directly
Fetches a user with a given ID. Fetches a user with a given ID.
@ -115,14 +121,14 @@ var user = userStorage.get(userId);
assertEqual(user.get('_key'), userId); assertEqual(user.get('_key'), userId);
``` ```
!SECTION Delete a user !SUBSECTION Delete a user
There are two ways to delete a user from the database: There are two ways to delete a user from the database:
* calling the user storage's *delete* method with a user ID directly * calling the user storage's *delete* method with a user ID directly
* telling a user to delete itself * telling a user to delete itself
!SUBSECTION Delete a user by its ID !SUBSUBSECTION Delete a user by its ID
Delete a user with a given ID. Delete a user with a given ID.
@ -140,7 +146,7 @@ Attempts to delete the user with the given user ID from the database. If the use
userStorage.delete(userId); userStorage.delete(userId);
``` ```
!SUBSECTION Tell a user to delete itself !SUBSUBSECTION Tell a user to delete itself
Delete a user from the database. Delete a user from the database.
@ -159,7 +165,7 @@ var user = userStorage.get(userId);
user.delete(); user.delete();
``` ```
!SECTION Save a user !SUBSECTION Save a user
Save a user to the database. Save a user to the database.