Introduction

Before knowing exactly how to code things to make them work, a conceptual introduction is necessary before using any type of addon. That being said, understanding at a broad level how Auth Core works is important before considering how to specifically code it's functions.

What is Auth Core?

At the broadest level, Auth Core is an addon that enables logging in to an app, using a "session" in which one can stay logged in for a period of time, until they need to reauthenticate themselves. It is used most often with Group Control, and thus integrated, also uses roles as part of authentication.

How does it work, conceptually?

Auth Core makes heavy use of Aura.Session, and only very lightly implements it so that it can function as an FW Addon, allowing Aura to do most of the work. The idea of Auth Core is to have an authenticated session, which retains a cookie with a short lifetime that enables you to remain "logged in" across all the apps, without having to authenticate yourself every time you make a network request. This session, because it is fed through Group Control, also tells the client which apps and which roles within those apps the current user has access to.

Parts of this documentation

Most of this documentation is more properly concerning Group Control, because most of the functionality for "Auth Core" is augmented by Group Control so that most authentication that is done throughout the apps, in fact, uses Group Control as much or more than Auth Core. This information still needs to be discussed, and as it directly integrates with how to authenticate on the backend of our apps, here seems to be as good of a place as any. So then there are two main parts of this documentation:

  • Using Auth Core Directly. This document gives you a very basic introduction to Auth Core being used directly with Group Control, and gives you a brief starting point for where you can go to learn more about Aura.Session if Group Control needs to be updated.
  • Using Group Control Expansion of Auth Core The second half of the documentation helps you to see how you will more practically integrate authentication into every app, using the augmentations of Auth Core that have been implemented by Group Control. There are three main sections of this part: the Session itself, Authentication, and adding roles through a migration.