Defines the properties and permissions of a user who has authenticated successfully and will be able to participate in the Ditto mesh.
More...
|
|
string | UserId [get, set] |
| | Gets or sets the remote user's canonical user identifier within an application. This does not have to be meaningful or unique but it may be useful to identify a user by their login or email address.
|
| |
|
Dictionary< string, string > | UserInfo [get, set] |
| | Gets or sets extra properties of their user such as location, job title, or any other metadata which may be needed when exploring other peers in the mesh.
|
| |
|
DateTime | AccessExpires [get, set] |
| | Gets or sets the time at which this login will expire.
|
| |
| DateTime | OfferRefreshUntil [get, set] |
| | Gets or sets the time up to which a user may refresh their login without reauthentication. By having a shorter access expiry, they can be required to check in to get their latest permissions, without necessarily needing to supply their credentials again.
|
| |
|
List< string > | Audiences [get, set] |
| | Gets or sets the audiences for which the returned token is valid. Normally the default of ["sync"] is correct.
|
| |
|
bool | ReadEverythingPermission [get, set] |
| | Gets or sets a value indicating whether the user will be able to read every document in every collection.
|
| |
|
bool | WriteEverythingPermission [get, set] |
| | Gets or sets a value indicating whether the user will be able to write to every document in every collection. Note that write permissions are needed to share a document onward to another peer.
|
| |
|
Dictionary< string, List< string > > | ReadPermissions [get, set] |
| | Gets or sets the collection of read permissions. The keys are names of collections and the values are a list of queries. If a document matches one of the queries, then read permission is granted.
|
| |
|
Dictionary< string, List< string > > | WritePermissions [get, set] |
| | Gets or sets the collection of write permissions. The keys are names of collections and the values are a list of queries. If a document matches one of the queries, then write permission is granted.
|
| |
Defines the properties and permissions of a user who has authenticated successfully and will be able to participate in the Ditto mesh.
◆ DittoAuthenticationSuccess()
| DittoSDK.DittoAuthenticationSuccess.DittoAuthenticationSuccess |
( |
| ) |
|
|
inline |
Initializes a new instance of the DittoAuthenticationSuccess class.
At minimum you should configure:
-
UserId is their canonical username. Consider that the same user may log in from multiple devices.
-
AccessExpires must be set to a time in the future.
-
Permissions must be granted. This can be done by editing
ReadPermissions and WritePermissions directly, by using the helper methods for adding specific allowed queries, or by setting the "everything" booleans to permit the user to read or write.
The information contained in this response is signed so that it can be trusted by other peers in the mesh.
◆ AddReadPermissionForCollection()
| void DittoSDK.DittoAuthenticationSuccess.AddReadPermissionForCollection |
( |
string |
collection, |
|
|
string |
query |
|
) |
| |
|
inline |
Adds a query for which the user should be able to read documents.
- Parameters
-
| collection | Ditto collection name |
| query | Ditto query string that matches the relevant documents |
◆ AddWritePermissionForCollection()
| void DittoSDK.DittoAuthenticationSuccess.AddWritePermissionForCollection |
( |
string |
collection, |
|
|
string |
query |
|
) |
| |
|
inline |
Adds a query for which the user should be able to write or share documents.
- Parameters
-
| collection | Ditto collection name |
| query | Ditto query string that matches the relevant documents |
◆ OfferRefreshUntil
| DateTime DittoSDK.DittoAuthenticationSuccess.OfferRefreshUntil |
|
getset |
Gets or sets the time up to which a user may refresh their login without reauthentication. By having a shorter access expiry, they can be required to check in to get their latest permissions, without necessarily needing to supply their credentials again.
This is not yet implemented but may be used in future if specified.
