import BaseAuthenticator from 'ember-simple-auth/authenticators/base';

The base class for all authenticators. This serves as a starting point for implementing custom authenticators and must not be used directly.

The authenticator authenticates the session. The actual mechanism used to do this might e.g. be posting a set of credentials to a server and in exchange retrieving an access token, initiating authentication against an external provider like Facebook etc. and depends on the specific authenticator. Any data that the authenticator receives upon successful authentication and resolves with from the authenticate method is stored in the session and can be accessed via the session service and be used by the authorizer (see authorize) to e.g. authorize outgoing requests.

The authenticator also decides whether a set of data that was restored from the session store (see restore) makes up an authenticated session or not.

Authenticators for an application are defined in the app/authenticators directory, e.g.:

// app/authenticators/oauth2.js
          import OAuth2PasswordGrantAuthenticator from 'ember-simple-auth/authenticators/oauth2-password-grant';
          
          export default OAuth2PasswordGrantAuthenticator.extend({
            ...
          });
          

and can then be used with the name Ember CLI automatically registers them with in the Ember container:

// app/components/login-form.js
          export default Ember.Controller.extend({
            session: Ember.inject.service(),
          
            actions: {
              authenticate: function() {
                this.get('session').authenticate('authenticator:oauth2');
              }
            }
          });
          

Methods

source public

authenticate([args]) Ember.RSVP.Promise

Authenticates the session with the specified args. These options vary depending on the actual authentication mechanism the authenticator implements (e.g. a set of credentials or a Facebook account id etc.). The session will invoke this method in order to authenticate itself (see authenticate).

This method returns a promise. A resolving promise will result in the session becoming authenticated. Any data the promise resolves with will be saved in and accessible via the session service's data.authenticated property (see data). A rejecting promise indicates that authentication failed and will result in the session remaining unauthenticated.

The BaseAuthenticator's implementation always returns a rejecting promise and thus never authenticates the session. This method must be overridden in subclasses.

Arguments

[...args]: Any

The arguments that the authenticator requires to authenticate the session

Returns

Ember.RSVP.Promise

A promise that when it resolves results in the session becoming authenticated

source public

invalidate(data) Ember.RSVP.Promise

This method is invoked as a callback when the session is invalidated. While the session will invalidate itself and clear all authenticated session data, it might be necessary for some authenticators to perform additional tasks (e.g. invalidating an access token on the server side).

This method returns a promise. A resolving promise will result in the session becoming unauthenticated. A rejecting promise will result in invalidation being intercepted and the session remaining authenticated.

The BaseAuthenticator's implementation always returns a resolving promise and thus never intercepts session invalidation. This method doesn't have to be overridden in custom authenticators if no actions need to be performed on session invalidation.

Arguments

data: Object

The current authenticated session data

Returns

Ember.RSVP.Promise

A promise that when it resolves results in the session being invalidated

source public

restore(data) Ember.RSVP.Promise

Restores the session from a session data object. This method is invoked by the session either on application startup if session data is restored from the session store or when properties in the store change due to external events (e.g. in another tab) and the new session data needs to be validated for whether it constitutes an authenticated session.

This method returns a promise. A resolving promise results in the session becoming or remaining authenticated. Any data the promise resolves with will be saved in and accessible via the session service's data.authenticated property (see data). A rejecting promise indicates that data does not constitute a valid session and will result in the session being invalidated or remaining unauthenticated.

The BaseAuthenticator's implementation always returns a rejecting promise. This method must be overridden in subclasses.

Arguments

data: Object

The data to restore the session from

Returns

Ember.RSVP.Promise

A promise that when it resolves results in the session becoming or remaining authenticated

Events

source

sessionDataInvalidated

Triggered when the authenciation data is invalidated by the authenticator due to an external or scheduled event. This might happen e.g. if a token expires or an event is triggered from an external authentication provider that the authenticator uses. The session handles that event and will invalidate itself when it is triggered.

source

sessionDataUpdated

Triggered when the authentication data is updated by the authenticator due to an external or scheduled event. This might happen e.g. if the authenticator refreshes an expired token or an event is triggered from an external authentication provider that the authenticator uses. The session handles that event, passes the updated data back to the authenticator's restore method and handles the result of that invocation accordingly.

Arguments

data: Object

The updated session data

Extends

Ember.Object

Uses

    Ember.Evented