SECURITY

CBSecurity logo

CBSECURITY is a powerful module that you can to secure your ColdBox applications.

It provides a range of security features and code APIs for authentication, authorization, JWT, CSRF, code blocks and much more.

ColdBox Security is highly customizable, making it easy to tailor it to the specific needs of your application and talk to ANY authentication system.

install cbsecurity 
    function doLogin( event, rc, prc ){

    if( !csrfVerify( rc.token ?: '' ) ){
        flash.put( "message", "Invalid security token, try again!" )
        relocate( "security/login" )
    }

    try {
        prc.oUser = cbsecure().authenticate( rc.username ?: "", rc.password ?: "" )
        csrfRotate()
        relocate( "admin.dashboard" )
    } catch ( "InvalidCredentials" e ) {
        flash.put( "message", "Invalid credentials, try again!" )
        relocate( "security/login" )
    }
  

    function doLogout( event, rc, prc ){
        cbsecure().logout()
        csrfRotate()
        flash.put( "message", "Bye bye!" )
        relocate( "security/login" )
    }

    /**
    * Easily annotate actions with a secured annotation and permissions
    */
    function save( event, rc, prc ) secured="WRITE" {
        // Save operations
    }
	
   }

ColdBox Security is an essential tool for any developer looking to secure their ColdBox applications. You can even visualize your firewall activity and settings so you can make sure your application is being protected correctly.

Read more about ColdBox Security in the documentation.