-
-
Notifications
You must be signed in to change notification settings - Fork 10
Home
Tom King edited this page Jun 6, 2018
·
6 revisions
This sample application is not a complete Content Management System, and is more of a starting point for your own applications; it aims to demonstrate some of the framework's features such as Database migrations, routing etc.
Initial Alpha Release
- Create, update & disable users
- Assume user accounts
- Disabled (soft deleted) users can then be deleted
- Searchable/Filterable User Index
- Optional User Registration
- Email confirmation on registration
- 3 Default roles: Admin, Editor, User
- New roles can be added via web interface
- Each role can have default permissions set
- Automatic cascading Controller Based Permissions based on controller/action path
- User Permission Overrides
- Permissions can be altered via web interface
- Named Permissions in addition to controller permissions
- Tableless models used for Authentication
- "Local" user accounts are the default
- This app uses session based authentication, session rotation and session invalidation
- Sets Set Cache-Control: must-re-validate for authenticated pages
- Sets HTTPOnly attribute on Cookies
- Simple "Remember Me" Cookie function
- Passwords hashed via bCrypt (AuthenticateThis plugin)
- Password reset feature / emails
- Password reset can be turned off
- Add Require password change on login
- Database based configuration and settings
- Rudimentary logging for auditing activity
- Automatic logging of changed properties on models when specified in controller
- Facility to skip sensitive fields from automatic changed property logging
- Ability to store extended log data as serialized JSON
- Log files have type, severity, message, as well as IP and authenticated user
- Uses Database Migrations