observe_auth_confirm/3
Confirm a user id.
observe_auth_reset/2
First to check for password reset forms, return undefined, ok, or \{error, Reason\}.
observe_auth_options_update/3
Update the given (accumulator) authentication options with the request options.
observe_auth_precheck/2
First for logon of user with username, check for ratelimit, blocks etc.
observe_auth_postcheck/2
First for logon of user with username, called after successful password check.
observe_auth_logoff/3
User is about to log off. Modify (if needed) the logoff request context.
observe_auth_checked/2
Notify after logon of user with username, communicates valid or invalid password
observe_auth_confirm_done/2
A user id has been confirmed.
observe_auth_validate/2
First to validate a password. Return \{ok, RscId\} or \{error, Reason\}.
observe_auth_logon/3
User logs on. Add user-related properties to the logon request context.
observe_auth_validated/2
Authentication against some (external or internal) service was validated
observe_auth_client_logon_user/2
Send a request to the client to login a user. The zotonic.auth.worker.js will
observe_auth_client_switch_user/2
Send a request to the client to switch users. The zotonic.auth.worker.js will
observe_auth_identity_types/3
Return the list of identity types that allow somebody to logon and become an active user of the system. Defaults to [ username_pw \]. In the future more types…

ACL notifications Notifications Dispatch notifications

Referred by

Access control

Access control is about defining who is allowed to access certain resources. It takes two steps: