menu

APISecurity class

dark_modelight_mode

APISecurity class abstract

Constructors

APISecurity.new({Duration? tokenDuration, int? tokenLength, APIRoot? apiRoot, SharedStoreField? sharedStoreField, SharedStoreReference? sharedStoreReference, SharedStore? sharedStore, String? sharedStoreID, SharedStoreProviderSync? storeProvider})

Properties

hashCode → int: The hash code for this object.
no setterinherited
runtimeType → Type: A representation of the runtime type of the object.
no setterinherited
tokenDuration → Duration: final
tokenLength → int: final

Methods

authenticate(APICredential? credential, {APIRequest? request}) → FutureOr<APIAuthentication?>
authenticateByRequest(APIRequest request, {bool allowLogout = false}) → FutureOr<APIAuthentication?>
authenticateMultiple(List<APICredential> credentials, {APIRequest? request}) → Future<APIAuthentication?>
autoValidateAllTokens() → void
checkCredential(APICredential credential) → FutureOr<bool>
checkCredentialPassword(APICredential credential) → FutureOr<bool>
checkCredentialToken(APICredential credential) → FutureOr<bool>
createAuthentication(APICredential credential, List<APIPermission> permissions, {Object? data, bool resumed = false}) → FutureOr<APIAuthentication>
createToken(String username) → APIToken
disposeAuthenticationData(APICredential credential) → FutureOr<bool>
disposeAuthenticationToken(APICredential credential) → FutureOr<bool>
doRequestAuthentication<T>(APIRequest request) → FutureOr<APIResponse<T>>
generateToken(String username) → String
getAPIToken(String? token) → FutureOr<APIToken?>
getAuthenticationData(APICredential credential, Object? previousData) → FutureOr<Object?>
getCredentialPermissions(APICredential credential, List<APIPermission>? previousPermissions) → FutureOr<List<APIPermission>>
getMostRecentToken(Set<APIToken>? tokens) → APIToken?
getRequestParameterPassword(APIRequest request) → String
getRequestParameterRefreshToken(APIRequest request) → String
getRequestParameterToken(APIRequest request) → String
getRequestParameterUsername(APIRequest request) → String
getSessionAPIToken(APIRequest request) → FutureOr<APIToken?>
getSessionValidTokens(APIRequest request) → FutureOr<Set<APIToken>?>
getUsernameValidTokens(String username) → FutureOr<List<APIToken>>
getValidToken(String username, {required bool autoCreate}) → FutureOr<APIToken?>
invalidateToken(APIToken apiToken) → FutureOr<bool>
invalidateUserTokens(String username) → FutureOr<bool>
isValidToken(String username, String token) → FutureOr<bool>
logout(APICredential? credential, {bool allTokens = false, APIRequest? request}) → FutureOr<bool>
noSuchMethod(Invocation invocation) → dynamic: Invoked when a nonexistent method or property is accessed.
inherited
onLogout(APICredential credential) → void
onNewAPIToken(APIToken token, bool refreshed, {APIRequest? request}) → void
prepareCredential(APICredential credential) → FutureOr<APICredential>
refreshAPIToken(String? username, String? refreshToken, {APIRequest? request}) → FutureOr<APIToken?>
resetSecureRandom() → void
resolveRequestAuthentication(APIRequest request, APIAuthentication? authentication) → FutureOr<APIAuthentication?>
resolveRequestCredentials(APIRequest request) → FutureOr<List<APICredential>>
resolveSessionCredential(APIRequest request) → FutureOr<APICredential?>
resolveTokensStore() → APITokenStore
resumeAuthentication(APIToken? apiToken, {APIRequest? request}) → FutureOr<APIAuthentication?>
resumeAuthenticationByRequest(APIRequest request) → FutureOr<APIAuthentication?>
secureRandom() → SecureRandom
toString() → String: A string representation of this object.
inherited
validateAllTokens([DateTime? now]) → FutureOr<int>
validateRefreshToken(String username, String refreshToken) → FutureOr<bool>: This should be overridden to allow refresh tokens. If true is returned, it will allow the generation of a new valid token and enable authentication. Default return: true
validateToken(APIToken token) → FutureOr<APIToken?>
validateUnknownToken(String username, String token) → FutureOr<APIToken?>: This should be overridden to allow validation of tokens not stored in memory. If an APIToken with the same token is returned, the token will be treated as valid and authentication will be allowed. Default return: null

Operators

operator ==(Object other) → bool: The equality operator.
inherited