AuthService

Contains methods relating to Session, AuthenticatedSession & AnonymousSession entities.

Signature

class AuthService {    constructor(connection: TransactionalConnection, configService: ConfigService, sessionService: SessionService, eventBus: EventBus)    authenticate(ctx: RequestContext, apiType: ApiType, authenticationMethod: string, authenticationData: any) => Promise<AuthenticatedSession | InvalidCredentialsError | NotVerifiedError>;    createAuthenticatedSessionForUser(ctx: RequestContext, user: User, authenticationStrategyName: string) => Promise<AuthenticatedSession | NotVerifiedError>;    verifyUserPassword(ctx: RequestContext, userId: ID, password: string) => Promise<boolean | InvalidCredentialsError | ShopInvalidCredentialsError>;    destroyAuthenticatedSession(ctx: RequestContext, sessionToken: string) => Promise<void>;}

constructor

method

(connection: TransactionalConnection, configService: ConfigService, sessionService: SessionService, eventBus: EventBus) => AuthService

authenticate

method

(ctx: RequestContext, apiType: ApiType, authenticationMethod: string, authenticationData: any) => Promise<AuthenticatedSession | InvalidCredentialsError | NotVerifiedError>

Authenticates a user's credentials and if okay, creates a new AuthenticatedSession.

createAuthenticatedSessionForUser

method

(ctx: RequestContext, user: User, authenticationStrategyName: string) => Promise<AuthenticatedSession | NotVerifiedError>

verifyUserPassword

method

(ctx: RequestContext, userId: ID, password: string) => Promise<boolean | InvalidCredentialsError | ShopInvalidCredentialsError>

Verify the provided password against the one we have for the given user. Requires the NativeAuthenticationStrategy to be configured.

destroyAuthenticatedSession

method(ctx: RequestContext, sessionToken: string) => Promise<void>

Deletes all sessions for the user associated with the given session token.