Authentication helper. Used by other controllers. Short-circuits on certain conditions and may render a response.

Initial session sess will serve as a configuration source to create a new session and inject it into a request map req under configured session key.

Session status will be added to a response body (under the :response/body key of the processed request map) and the detected or given language will be set in using amelinium.http.middleware.language/force on the returned request map.

Logs user in when user e-mail and password are given, or checks if the session is valid to serve a current page.

Takes a request map and obtains database connection, client IP address and authentication configuration from it. Also gets a user e-mail and a password from a map associated with the :parameters key and then with :form key of the req. Calls auth-with-password! to get the result or a redirect if authentication was not successful.

If there is no e-mail nor password given (the value is nil, false or an empty string) then the password authentication is not performed but instead the validity of a session is tested. If the detected session is valid then the given request map is returned as is.

If there was no login nor password given and the session is invalid then a redirect to a login page is performed. Its destination URL is obtained via a route name taken from the :auth/info key of a route data, or from the :auth/info route identifier (as a default fallback).

Logs user in when user e-mail and password are given.

Takes a request map and obtains a database connection, client IP address and authentication configuration from it. Also gets user’s e-mail and a password from a map associated with the :parameters key and then :form key of the req. Calls amelinium.common.controller/auth-user-with-password! to get the authentication result with auth-only-mode argument set to true.

If there is no e-mail nor password given (the value is nil, false or an empty string) then authentication is not performed.

Contrary to the authenticate!, session information is not checked nor injected into a prepared response body and a language is not forced.

Verifies confirmation code or token against a database, and if it matches, creates a new user.

Gets user’s identities.

Verifies confirmation code or token against a database and if it matches, creates new identity.

Initiates process of changing user’s identity (e-mail or phone).

Returns login information.

Changes a password for the user authenticated with an old password and a session token.

Sets new user password using a valid session and a current password OR recovery token or code and identity.

Sets password for a user authenticated with the given recovery key or code and identity (an e-mail or a phone number).

Re-sends verification e-mail or SMS to confirm the given identity when creating new account.

Returns an expiration date and time formatted according to the RFC 1123.

Performs the identity verification by sending an e-mail or SMS with a URL to complete confirmation.