new User()
Built-in User model.
Extends LoopBack [PersistedModel](#persistedmodel-new-persistedmodel).
Default `User` ACLs.
- DENY EVERYONE `*`
- ALLOW EVERYONE `create`
- ALLOW OWNER `deleteById`
- ALLOW EVERYONE `login`
- ALLOW EVERYONE `logout`
- ALLOW OWNER `findById`
- ALLOW OWNER `updateAttributes`
Properties:
| Name | Type | Description | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
username |
String | Must be unique. | |||||||||||||||||||||||||||
password |
String | Hidden from remote clients. | |||||||||||||||||||||||||||
email |
String | Must be valid email. | |||||||||||||||||||||||||||
emailVerified |
Boolean | Set when a user's email has been verified via `confirm()`. | |||||||||||||||||||||||||||
verificationToken |
String | Set when `verify()` is called. | |||||||||||||||||||||||||||
realm |
String | The namespace the user belongs to. See [Partitioning users with realms](http://loopback.io/doc/en/lb2/Partitioning-users-with-realms.html) for details. | |||||||||||||||||||||||||||
settings |
Object | Extends the `Model.settings` object.
Properties
|
- Source:
Methods
(static) generateVerificationToken(user, options, cb)
A default verification token generator which accepts the user the token is
being generated for and a callback function to indicate completion.
This one uses the crypto library and 64 random bytes (converted to hex)
for the token. When used in combination with the user.verify() method this
function will be called with the `user` object as it's context (`this`).
Parameters:
| Name | Type | Description |
|---|---|---|
user |
object | The User this token is being generated for. |
options |
object | remote context options. |
cb |
function | The generator must pass back the new token with this function call. |
- Source:
(static) getVerifyOptions()
Returns default verification options to use when calling User.prototype.verify()
from remote method /user/:id/verify.
NOTE: the User.getVerifyOptions() method can also be used to ease the
building of identity verification options.
```js
var verifyOptions = MyUser.getVerifyOptions();
user.verify(verifyOptions);
```
This is the full list of possible params, with example values
```js
{
type: 'email',
mailer: {
send(verifyOptions, options, cb) {
// send the email
cb(err, result);
}
},
to: 'test@email.com',
from: 'noreply@email.com'
subject: 'verification email subject',
text: 'Please verify your email by opening this link in a web browser',
headers: {'Mime-Version': '1.0'},
template: 'path/to/template.ejs',
templateFn: function(verifyOptions, options, cb) {
cb(null, 'some body template');
}
redirect: '/',
verifyHref: 'http://localhost:3000/api/user/confirm',
host: 'localhost'
protocol: 'http'
port: 3000,
restApiRoot= '/api',
generateVerificationToken: function (user, options, cb) {
cb(null, 'random-token');
}
}
```
NOTE: param `to` internally defaults to user's email but can be overriden for
test purposes or advanced customization.
Static default params can be modified in your custom user model json definition
using `settings.verifyOptions`. Any default param can be programmatically modified
like follows:
```js
customUserModel.getVerifyOptions = function() {
const base = MyUser.base.getVerifyOptions();
return Object.assign({}, base, {
// custom values
});
}
```
Usually you should only require to modify a subset of these params
See `User.verify()` and `User.prototype.verify()` doc for params reference
and their default values.
- Source:
(static) normalizeCredentials(credentials, realmRequired, realmDelimiter) → {Object}
Normalize the credentials
Parameters:
| Name | Type | Description |
|---|---|---|
credentials |
Object | The credential object |
realmRequired |
Boolean | |
realmDelimiter |
String | The realm delimiter, if not set, no realm is needed |
- Source:
Returns:
The normalized credential object
- Type
- Object