4.16.1Class DBCheckUser
Hook that can be used to check for users in a configuration table.
Class DBCheckUser from \
Hook(( "check_user"))
This hook engages with the "check_user" function, and receives a user/password pair to be authenticated.
Authentication happens by checking a userid/password pair in a given database entity.
Passwords may be hashed through an arbitrary algorithm. In that case, the configuration must include a hash key pointing to the function used to obfuscate the passwords.
Known configuration keys are:
- entity: DBEntity providing the user table. The table must be searchable so that the user id is also a valid eid for the table.
- password_field: Name of the field where the password is stored.
- level_field: Optional; if given, the logged in users will receive the level specified in this field. the field should be an integer, with higher levels represented as lower number (0 = admin); or, it may be a string that is maped through the levels configuration variable.
- levels: Optional; if given, must be a dictionary of strings => auth_level, where each string corresponds to a value in the level_field column. If a level is not mapped, the user will receive the lowest authorization level possible.
- data_maker: Optional; if given, must be a function receiving the whole record and returning the data that will be stored in "auth_data" nest ambient variable. If not given, the whole record will be stored in auth_data (this may cause problems with session, so better have it, unless you know what you're doing).
- hash: Optional; if given, the incoming password will be processed through this function prior being checked against the password field in the database.