CurrentUser

V1.0 F1.7

File Name: PageController.asp
Class Name: cCurrentUser.asp

Overview
This class is part of the PageControler.asp and is normally used to implement Templated solutions with Role based authorization.

Public Constructors

You should use the global object CurrentUser which is already instanciated and available.

Public Properties

IsAuthenticated

Boolean

Indicates wether or not the page is public (allows anonynous access).

Public Methods

	Authenticate(UserName,FirstName,LastName,Email,Roles)	Call it when to signal the framework that the user was authenticated. It will persist the information supplied in the parameters in session variables. Roles can be an array or a comma delimited string.
	RedirectFromLoginPage(UserName,FirstName,LastName,Email,Roles)	Same as Authenticate but it redirects to the page that caused the login event, if inside the application.
	IsInRole(RoleName)	Returns true if RoleName is in any of the roles assigned to the user.
	IsInRoles(Roles)	Return true if any of the User's roles is in Roles.
	LogOut	Logs out the user (Session.Abandon) and clears used information.
	GoToLoginPage()	Redirects to the login page.
	Authorize()	Authorize the use using PageController.AuthorizedRoles. If the user is not in any of the roles in PageController.AuthorizedRoles then the response is redirected to "NoAccess.asp"
	LoginURL	If an application variable named CLASP_LOGIN_URL exists it will be used as the path of the login page, else it will default to login.asp. It can be overrided by changing this property.
	NoAccessURL	If an application variable name CLASP_NOACCESS_URL exists it will be used as the path of the noaccess page, else it will default to NoAccess.asp. It can be overrided by changing this property.

Public Events

Protected Properties

mAuthToken	String	The Name of the Session variable where to store a value indicating wether or not
serSessionPrefix	String	String used to prefix any Authentication variable.
mUserSecLocation	Int	User Credentials Location (0) Session, (1) Cookies. Not yet in use.
mUserID	String	UserID of the current user.
mFirstName	String	FirstName of the current user.
mLastName	String	LastName of the current user.
mRoles	String	Array of Roles of the current user.

Protected Methods

	LoadUser	Loads the user from the Session or Cookie, depending on the location.
	SaveUser	Saves the user into the Session or Cookie, depending on the location.
	ClearUser	Clears the user data from the Session.

Protected Events

	Class_Initialize	If the contents of mAuthToken (in the session or cookie) = "YES" then load the user from the location (session or cookie)
	Page_Logout	Calls CurrentUser.LogOut

The Security Works as follows:

Public Function Page_Authenticate_Request()
       If PageController.RequiresAuthentication Then
         If Not CurrentUser.IsAuthenticated Then
           CurrentUser.GoToLoginPage
         End If
       End If
End Function

Public Function Page_Authorize_Request()
       If PageController.RequiresAuthentication And PageController.RequiresAuthorization Then
         Call CurrentUser.Authorize()
       End If
End Function