Authentication Service

The authentication service can be used by injecting it using WireBox:

property name="auth" inject="authenticationService@cbauth";

// OR

var auth = wirebox.getInstance( "authenticationService@cbauth" );

Or, the quick way, you can just use the auth() helper method (which is actually just a shortcut to a wirebox injection). The auth() helper is very useful in views. And since Wirebox handles singleton management, you don't have to worry about calling auth()too many times.

The auth() helper is available in handlers, layouts, and views. You will need to use the injection if you need cbauth in other models.



Logs a user in to the system. The returned user component must respond to the getId() method (as defined in the IAuthUser interface). Additionally, the user is cached in the request scope. If a user is already in the session, this will replace it with the given user. This method returns the passed in user object.


Logs a user out of system. This method can be called regardless of if there is currently a logged in user.


Attempts to log a user by calling the retrieveUserByUsername and isValidCredentials on the provided userServiceClass. If isValidCredentials returns false, it throws a InvalidCredentials exception.

If it succeeds, it returns the logged in user object. If it succeeds, it also sets the user id (obtained by calling getId() on the returned user component) in the configured sessionStorage and the returned user component in the configured requestStorage.


Returns boolean whether a user is logged in to the system.


Alias for isLoggedIn


Returns whether a user is logged out of the system. Opposite of check() and isLoggedIn().


Returns the currently logged in user component.

If there is no logged in user, it throws a NoUserLoggedIn exception.

If there is a user object in the configured requestStorage, it is returned.

If the user object has not been fetched this request, it uses the id set in the configured sessionStorage to fetch the user (using retrieveUserById). It then sets the user in the configured requestStorage so subsequent calls to getUser don't re-fetch the user.


Alias for getUser


Returns the currently logged in user id.

If there is no logged in user, it throws a NoUserLoggedIn exception.

Last updated