Authentication is handled by the Gravity Server authentication process.

When a user opens your app for the first time, they will be asked to sign in (or create a free account). If the user is successfully authenticated on the server, the sign-in form executes a callback to the signin method contained in the AppContext and passes the user object.

The sign-in process then executes three tasks:

1. Stores the user object (token, permission, name) in local storage

2. Sets the Bearer token for all API calls

3. Prompts the user to allow push notifications (if they haven't already)

4. Redirects the user to the dashboard

The next time the app is loaded, the app will check the auth status of the user and direct them to /signin if there isn't an active token.

User Permissions

User permissions for the client app are stored in /app/config.json under permissions.