General - Authentication/Authorization

SapphireDb has mechanisms to identity users and to control what the user is allowed to do.
Make sure to setup the server before trying to use this options: Server setup

Attributes

SapphireDb includes auth attributes that can be used to control which user can do what.

Every auth-attribute can be used in three ways.

Without attributes: Authentication required
Policies: A comma separated string of policy-names. All policies have to succeed. Check out Policies for more details
Function name: You can optionally pass the name of a function in the class that has to return a boolean. The function will get executed to check if the user is allowed for the action.

Multiple attributes: You can define multiple Attributes for each model. Only one of the attributes defined condition has to succeed.
Heredity: If you define AuthAttributes for a base class all sub classes will inherit this attributes until custom attributes of the same type are defined in the subclasses.

Model attributes

The model attributes can be used on model classes to control which user can do what. Available model attributes: [QueryAuth], [CreateAuth], [UpdateAuth] and [RemoveAuth].

Action attribute

The [ActionAuth]-attribute can be used on action handler classes or actions to control which user can do what.

Server options

You can also control the permissions for some actions using the server side configuration. Check out this section for more details: Server - Configuration

Authenticate client

You can authenticate the client using any method you like.
After obtaining a token you want to use for authentication pass it to sapphiredb by calling: this.db.setAuthToken(AuthToken)

Get auth state

You can get the current state of authentication by calling: this.db.getAuthTokenState()

Define token on startup

If you want to use a token that is stored anywhere else and use it on startup you can pass it as a parameter during configuration of SapphireDb