- General Properties
- Mime Types
- Authentication & Authorization
- URL Handling
Note that role appears in the Genelet URL:
Except for the public role, all other roles are protected and thus need authentications. As soon as a user signs in as the role successfully, a self-certified cookie, call ticket, will be saved in her user agent like browser. For follow-up visits, Genelet will act as a gate guard to inspect the ticket, to grant or to deny it based on its validation.
Genelet allows multiple authentication mechanisms (i.e. issuers) to issue the same ticket to a role. For example, for shopping-cart members, they can sign in via Facebook, via Google, or via local accounts which they registered early.
You can add unlimited security roles in Genelet, each working on a different URL group and being protected by own gate.
Authentication and authorization are managed solely by config.json. Web developers don’t need to do extra programming on it. Genelet supports database-based account, Oauth1 and Oauth2 logins, which should cover 95% of cases. We plan to support any major authentication method in the future.