From 15ea4aa54c3347af82838acb1ace1236d0abb0ef Mon Sep 17 00:00:00 2001 From: Cam Findlay Date: Sat, 23 May 2015 17:58:51 +1200 Subject: [PATCH] DOCS Fix issue with bullets and backticks thinking they are code blocks Thanks to @stojg for reporting. --- .../09_Security/03_Authentication.md | 34 ++++++++----------- 1 file changed, 14 insertions(+), 20 deletions(-) diff --git a/docs/en/02_Developer_Guides/09_Security/03_Authentication.md b/docs/en/02_Developer_Guides/09_Security/03_Authentication.md index 03e376dc5..cd1243eed 100644 --- a/docs/en/02_Developer_Guides/09_Security/03_Authentication.md +++ b/docs/en/02_Developer_Guides/09_Security/03_Authentication.md @@ -7,35 +7,29 @@ By default, SilverStripe provides a `[api:MemberAuthenticator]` class which hook authentication system. The main login system uses these controllers to handle the various security requests: -* `[api:Security]` Which is the controller which handles most front-end security requests, including - Logging in, logging out, resetting password, or changing password. This class also provides an interface - to allow configured `[api:Authenticator]` classes to each display a custom login form. -* `[api:CMSSecurity]` Which is the controller which handles security requests within the CMS, and allows - users to re-login without leaving the CMS. + +`[api:Security]` - Which is the controller which handles most front-end security requests, including logging in, logging out, resetting password, or changing password. This class also provides an interface to allow configured `[api:Authenticator]` classes to each display a custom login form. + +`[api:CMSSecurity]` - Which is the controller which handles security requests within the CMS, and allows users to re-login without leaving the CMS. ## Member Authentication The default member authentication system is implemented in the following classes: -* `[api:MemberAuthenticator]` Which is the default member authentication implementation. This uses the email - and password stored internally for each member to authenticate them. -* `[api:MemberLoginForm]` Is the default form used by `MemberAuthenticator`, and is displayed on the public site - at the url `Security/login` by default. -* `[api:CMSMemberLoginForm]` Is the secondary form used by `MemberAuthenticator`, and will be displayed to the - user within the CMS any time their session expires or they are logged out via an action. This form is - presented via a popup dialog, and can be used to re-authenticate that user automatically without them having - to lose their workspace. E.g. if editing a form, the user can login and continue to publish their content. + +`[api:MemberAuthenticator]` - Which is the default member authentication implementation. This uses the email and password stored internally for each member to authenticate them. + +`[api:MemberLoginForm]` - Is the default form used by `MemberAuthenticator`, and is displayed on the public site at the url `Security/login` by default. + +`[api:CMSMemberLoginForm]` - Is the secondary form used by `MemberAuthenticator`, and will be displayed to the user within the CMS any time their session expires or they are logged out via an action. This form is presented via a popup dialog, and can be used to re-authenticate that user automatically without them having to lose their workspace. E.g. if editing a form, the user can login and continue to publish their content. ## Custom Authentication Additional authentication methods (oauth, etc) can be implemented by creating custom implementations of each of the following base classes: -* `[api:Authenticator]` The base class for authentication systems. This class also acts as the factory - to generate various login forms for parts of the system. If an authenticator supports in-cms - reauthentication then it will be necessary to override the `supports_cms` and `get_cms_login_form` methods. -* `[api:LoginForm]` which is the base class for a login form which links to a specific authenticator. At the very - least, it will be necessary to implement a form class which provides a default login interface. If in-cms - re-authentication is desired, then a specialised subclass of this method may be necessary. For example, this form - could be extended to require confirmation of username as well as password. + +`[api:Authenticator]` - The base class for authentication systems. This class also acts as the factory to generate various login forms for parts of the system. If an authenticator supports in-cms reauthentication then it will be necessary to override the `supports_cms` and `get_cms_login_form` methods. + +`[api:LoginForm]` - which is the base class for a login form which links to a specific authenticator. At the very least, it will be necessary to implement a form class which provides a default login interface. If in-cms re-authentication is desired, then a specialised subclass of this method may be necessary. For example, this form could be extended to require confirmation of username as well as password. ## Default Admin