Auth

Built-in authentication and authorization module.

Auth module provides authentication and authorization for your application, including user management, group management, user registration, login, and related functions. It is installed automatically when the project is created. By default, the module's middleware is attached to every endpoint and grants access to any user group. Detailed access controls can be configured by adjusting the middleware settings in every endpoint.

Default User Login & Password

Login: admin@appmaster.io Password: appmaster

Data models

• User

• User Session

Data Model UserData Model User Session

Business processes

• Authentication

• Authorization

• Logout

• Get Current User

• Registration

• Add User to Group

• Remove User from Group

• Change Password

• Restore Password

• Generate Auth Token

• Hash Password

• Probe Password

Group Auth

Endpoints

• /logout/ - the current user exits the application.
• /auth/ - user authentication with login and password.
• /register/ - registration of a new user.
• /confirm/ - confirmation of registration of a new user.
• /user/change-password/ - change the user's password.
• /user/restore-password/ - reset the user's password.
• /user/profile/ - getting the profile of the current user.

Middleware

• Token Auth

Middleware: Token Auth

UI компоненты

Web application

• Login Form

• Signup Form

Mobile app

• Sign In Screen

• Sign Up Screen

Settings

Setting	Default Value	Description
Signup	On	Allows users to independently create accounts (register) in your application. This setting is enabled by default. If you want to only manually register users, turn off this setting.
Signup Groups	Users	List of user groups to which the user will be automatically added after registration.
Session Timeout	60 min.	How long the user's session will be active if they do not perform any actions in the application. After the timeout expires, the user will have to log in again.
Signed-up User Active	On	State of new users after registration. By default, all users become active after registration. If you want to activate each account manually, turn off this setting.
Failed login delay (in ms)	0	Setting of delay time for retry of failed login request to prevent bruteforce. By default, the delay is disabled (set to 0).
Groups Tab	Admins, Users	Defines what user groups your application will have. You can add new groups to configure user privileges granularly across the application. ❗ Remove user groups with extreme caution because some business processes and components may be dependent on them.