The sign in authentication process is managed in the authController located in /controller directory.

This method checks that:

  • the user exists

  • the correct password has been provided

  • an active subscription exists

  • the account is active

If these conditions are met, an auth token is generated and returned to the client along with the user permission level, name and subscription.

Authentication Model

The authentication model is located in /model directory and contains several methods for encoding and decoding the JSON web token.