The session component should be added to a layout that has registered users. It has no default markup.
You can check the logged in user by accessing the {{ user }} Twig variable:
{% if user %}
<p>Hello {{ user.first_name }}</p>
{% else %}
<p>Nobody is logged in</p>
{% endif %}The Session component allows a user to sign out of their session.
<a data-request="onLogout" data-request-data="{ redirect: '/good-bye' }">Sign out</a>The Session component allows the restriction of a page or layout by allowing only signed in users, only guests or no restriction. This example shows how to restrict a page to users only:
title = "Restricted page"
url = "/users-only"
[session]
security = "user"
redirect = "home"The security property can be user, guest or all. The redirect property refers to a page name to redirect to when access is restricted.
Access to routes can be restricted by applying the AuthMiddleware.
Route::group(['middleware' => \RainLab\User\Classes\AuthMiddleware::class], function () {
// All routes here will require authentication
});The token Twig variable can be used for generating a new bearer token for the signed in user.
{% do response(
ajaxHandler('onLogin').withVars({
token: session.token
})
) %}The checkToken property of the component is used to verify a supplied token in the request headers (Authorization: Bearer TOKEN).
[session]
checkToken = 1