只是想确认Nitrogen 身份验证和授权API 的使用。API 描述如下:
wf:user() -> User or 'undefined'
Return the user value that was previously set by wf:user(User)
wf:user(User) -> ok
Set the user for the current session.
wf:clear_user() -> ok
Same as wf:user(undefined).
wf:role(Role) -> 'true' or 'false'
Check if the current user has a specified role.
wf:role(Role, IsInRole) -> ok
Set whether the current user is in a specified role.
wf:clear_roles() -> ok
Remove the user from all roles.
要使用此 API,我将首先针对存储凭据的数据库验证用户登录,然后将 wf:user(User) 设置为成功通过身份验证的用户?然后我可以做一些事情,比如检查undefined = wf:user()用户是否已经通过身份验证来保护受限页面?同样,我会为用户设置角色等,然后我也可以对角色执行验证?Nitrogen 在后台以某种方式将这些信息存储在我的会话中?