Application Guide:
Users & Authentication

  1. Introduction
  2. Updating your application.alan
  3. Updating your session-manager
  4. Deploying your changes


This guide explains how to add users and basic password authentication to your Alan application. The guide assumes familiarity with the Alan project structure from the online Alan IDE.

For enabling application users and authentication, the following steps are required:

Updating your application.alan

Read the section on Application users from the application language docs. From the example model that you find there, copy the parts that you need for a 'Users' and 'Passwords' collection, and copy the contents of the users section. For basic password authentication, you can ignore the parts about authorities.

Build your app, and fix any errors that you get. Note that if you removed anonymous from the users section, the compiler will complain about your client settings (systems/client/settings.alan). Fix the error by setting anonymous login: to disabled, as your app no longer supports anonymous users.

Updating your session-manager

An Alan session-manager is responsible for showing the login page, handling authentication, and storing and revoking user sessions. Open the file systems/sessions/config.alan and set password-authentication: to enabled.

In the config.alan file, you can also enable user creation for supporting user sign-up via the login page. For user sign-up, make sure that you have the required user-initializer: section in your application model.

Deploying your changes

You can now run Alan: Deploy with the ‘empty’ option. *

After a succesfull deployment, open your app and sign in with these credentials:

username: root
password: welcome

When asked, choose your own password for the root user. You have now succesfully bootstrapped authentication. You can add Users in your app, and send them urls for signing in.

* If you wish to use your own migration.alan file, follow these steps: