Authentication & Authorization
By default, Iridium operates without user logins or a permission/authorization system.
You need to include certain elements in your application to enable these and start allowing users to login and controlling their access across your Iridium application.
Authentication
Iridium provides a default login page, login process, and authentication middleware.
We use gorilla/sessions internally to manage user session allowing you to access the currently logged in User's model and session details throughout your Iridium application.
Authorization
Iridium's authorization system is inspired by Laravel's authorization system. To control access to certain Iridium pages, actions, etc. easily, you are able to define model policies and gates.
FAQ
- When should I use a gate over a policy, and vice versa?
- TBW
- Do I need to have user logins to use gates and policies?
- Yes. Please setup authentication properly for your Iridium application before integrating authorization checks
- Can I use my own User model?
- Yes! In fact, this is a requirement. Iridium operates over a User interface internally, and you are required to define your own User struct that implements it.