Introduction
Welcome to our comprehensive developer guide. This guide aims to provide you with an in-depth understanding of the Empress User Authentication System, an integral feature of the Empress system. This robust, pre-built authentication system offers a plethora of features, making it an indispensable tool for developers.
Understanding the Empress User Authentication System
Empress User Authentication System is a feature that handles user accounts, role-based permissions, and cookie-based user sessions. Let’s delve into the various functionalities that come out of the box with this system:
- User
- Role
- DocType Permissions
- Permission Level
- Role Permission Manager
- User Permissions
- Password Hashing
- Password strength checking
- Throttling of login attempts
- Third party authentication like OAuth, Google, Facebook, etc
- Restricting Views and Forms
User and Role
In Empress, a User record stands for an authenticated user who can perform authorized actions in the system. A User can possess multiple roles assigned to it. A Role describes the capabilities a User has on a DocType.
For instance, the role Blogger has read, write, and create permissions on the DocType Blog Post, but only read permission on Blog Category.
DocType Permissions
DocTypes can have a default set of Roles applied when you install your app. To configure roles for a DocType, you must add them in the Permissions table in DocType. You can further configure them by expanding the row, which will show many more options.
Permission Level
Permission Levels are used to group fields in a document and apply separate roles to each level. By default, all fields have the permlevel set as 0.
Role Permissions Manager
Role Permissions Manager is a user tool to manage role permissions. The default set of permissions show up here and can be overridden.
User Permissions
User Permissions are another set of rules that can be applied per user basis. It can be used to restrict documents which contain a specific value for a Link field.
Automatic Roles
Empress also provides certain roles that are automatically hidden to users. These include:
- “Guest”
- “All”
- “Administrator”
- “Desk User”
Restricting Views and Forms
Empress Framework allows you to configure what modules, doctypes, and views are visible to the user. To configure which modules are shown to a user, go to the Allow Modules section of the User form.
Password Hashing
Empress handles password hashing out of the box. Passwords are encrypted and saved in a separate database table named __Auth.
Password Policy
Empress also supports password strength checking. This can be enabled from System Settings in the Security section.
Login Attempts
Empress allows you to configure how many consecutive login attempts should be allowed before locking the account for a set time period.
Third Party Authentication
Empress supports third-party login providers. To setup a login provider, you need to setup a Social Login Key.
Summary
In conclusion, the Empress User Authentication System is a sophisticated feature that enhances the development and customization of business solutions in Empress. Its robust functionality, from comprehensive role and permission management to secure password handling and third-party authentication support, makes it a crucial tool for developers. Integrating and utilizing this feature can streamline user management, bolster security, and augment the overall system productivity.