Skip to content
aeropage-round-dark
Aeropage Documentation
Documentation
Coming Soon
Users, Portals & Members

How Login Systems Work

This might seem like something you don't really need to know in a nocode builder. But even as a user, you interact with these systems every day so I really think its worth understanding how they work. Let's imagine your application as a building with a public entry - that looks nice, welcomes people and directs them where to go. Anyone can access these areas, like the public pages of your project.

Untitled.png
Your homepage is a building lobby - where anyone can enter and be welcomed.

Authentication (Who are you?)

To get to some areas, people need to go through a security check. The security checkpoint confirms who you are, and gives you a token such as a keycard - so that you don't need to get checked again repeatedly. The token on a website is a cookie stored in your browser.

Untitled 1.png
When logging in you confirm your identity (’Authentication’) and receive a token to use in future.

Authorization (Are you allowed here?)

Now you confirmed who you are but you still can’t move around freely. Some rooms require you to scan a keycard before they let you in. This check is called Authorization. Its just checking a list to see if you’re a member, and if you are - allowing you access.

Untitled 2.png
To enter portals the authenticated email needs to be found in the user group (’Authorization’) .

Accessing Data

Once they have completed authentication and authorization, the user is given access to the page, and the data in their user record can be used to display, edit and filter content on the page.

Untitled 3.png

Logging out

When done the user can just leave the page and keep the token for next time - or remove the token by logging out. This will remove the cookie from your browser and require them to authenticate again next time. Tokens will automatically expire after a period for security reasons.

Summary


Authentication happens once and makes sure we are dealing with a real person. It gives them a token to confirm they have been checked, and who they are.
Once authenticated, a user can try to access locked areas called portals. Each one has a user group and configuration on how it should check for membership.
Members are allowed to see the page and their record is available as a data source in the page - to show personalized content.
When they're done they can logout, which will remove their token, or they can leave it and it will expire after a convenient period.


Authentication (Who are you?)
Authorization (Are you allowed here?)
Accessing Data
Logging out
Summary
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.