http://coldfusion.com logo
Join Slack
Powered by
cbauth question: what’s the difference in the post...
# box-products
w
cbauth question: what’s the difference in the postAuthenticate and postLogin interceptors: postAuthenticate because of user/pass and followed by postLogin because you can retrieve the user based on credentials, followed by a login(user) call? Just wondering which of these two I should use to update my lastLogin Time for the user. I guess it makes sense to use postLogin, so we also register password-less logins (e.g in testing) but not sure how often postLogin will be called. Postauthenticate will only be called if my user provides the correct username/password.
g
Note: the 
preLogin
and 
postLogin
interception points will be called during the course of 
authenticate()
. The order of the calls then are 
preAuthentication
-> 
preLogin
-> 
postLogin
-> 
postAuthentication
.
https://forgebox.io/view/cbauth for the full docs on the interception points, but postLogin would be correct for your use case i believe
w
Ok tnx. So in some scenarios prelogin will be called quite often, for example when using jwt where I expect an internal authenticate call on each request.
3 Views
Open in Slack
PreviousNext
Powered by