Bureaucrats, editor, reviewer, Administrators
13,550
edits
Changes
Jump to navigation
Jump to search
→Checking Permissions
This page presents the web application permission layer of BaseX, which can be used along with [[RESTXQ]].
Non-trivial web applications require a user management: Users need to log in to a web site in order to get access to protected pages; Depending on their status (role, user group, …), they can be offered different views; etc. With {{Version|9.0}} of BaseX, a The light-weight permission layer has been added that simplifies permission checks a lot:
* Permission strings can be attached to RESTXQ functions.
** If no path argument is specified, {{Code|/}} is assigned instead.
* A variable can be specified in the second argument. A map with the following keys will be bound to that variable:
** {{Code|allow}}: Permission strings attached to the requested function; may be empty.
** {{Code|path}}: Original path of the client request.
** {{Code|method}}: Method of the client request ({{Code|GET}}, {{Code|POST}}, …).
** {{Code|authorization}}: Value of the HTTP Authorization header string; may be empty.
An example:
=Authentication=
There are numerous ways how users can be authenticated in a web application (via OAuth, LDAP, …). The approach demonstrated in on this article page is pretty basic and straightforward:
* A login HTML page allows you to enter your credentials (user name, password).
=Changelog=
;Version 9.1
* Added: {{Code|authorization}} value in permissions map variable
The Module was introduced with Version 9.0.
