Permission Validation Examples

When a user logs into their account, the flexi auth library authenticates their credentials are valid and then sets data into their current session related to their login method, user group and user privileges.

Once the user has been authenticated, flexi auth offers numerous different methods of checking the users credentials, which can then be used to determine whether a user should have access to either specific pages within a site, or should be able to see specific sections within a page.

To properly demonstrate the privilege checks on this page, try logging into all 3 demo accounts and then revisit this page to view the differences.


Login Check

Check the status of whether a user is currently logged in.

This includes whether they logged into this session via entering their password, or via using a 'Remember me' cookie.

  • User is not logged in.

Login Method

Check how a logged in user logged into their current session.

Users that have logged in via a password have positively confirmed their identity for this session, whilst a user logged in via a "Remember me" cookie should have limited access rights, until they confirm their identity via a password.

An example of limited access would be to allow users access to their account, but prevent data from being updated until they login via a password.

  • User is not logged in.

Admin Check

Check whether a logged in user is considered an 'Admin'.

This function should be considered as an indicator that the user is trusted to use 'backend' areas of the site, however, that does not mean they would necessarily have read/write permissions to all areas.

Specific permissions can be further allocated to users via the 'User Group' and 'User Account Privileges' that are displayed below.

  • User is not logged in.

User Group

Check which group a logged in user is assigned to.

By grouping users, specific access rights can be granted/prohibited based on their custom group.

  • User is not logged in.

User Account Privileges

Check the specific privileges a logged in user currently has.

Specific privileges can be granted for any specific custom task, and can then be assigned on an individual user basis.

  • User is not logged in.