Config 3: Authentication and Authorization

1. General Properties
2. Mime Types
3. Authentication & Authorization
   1. Roles and Gates
   2. Login and Issuers
   3. Issuer plain
   4. Issuer db
   5. OAuth
   6. Logout
4. URL Handling 
5. Tasks

Note that role appears in the Genelet URL:

http://WEBSITE/HANDLER/role/mime/component?action=string&query...

Except for the public role, all other roles are protected and thus need authentications. As soon as a user signs in as the role successfully, a self-certified cookie, call ticket, will be saved in her user agent like browser. For follow-up visits, Genelet will act as a gate guard to inspect the ticket, to grant or to deny it based on its validation.

Genelet allows multiple authentication mechanisms (i.e. issuers) to issue the same ticket to a role. For example, for shopping-cart members, they can sign in via Facebook, via Google, or via local accounts which they registered early.

You can add unlimited security roles in Genelet, each working on a different URL group and being protected by own gate.

Authentication and authorization are managed solely by config.json. Web developers don’t need to do extra programming on it. Genelet supports database-based account, Oauth1 and Oauth2 logins, which should cover 95% of cases. We plan to support any major authentication method in the future.