From cd9b3602923cb23eba94655417144738eff0ec38 Mon Sep 17 00:00:00 2001 From: James Date: Sat, 2 Jan 2021 13:29:46 -0500 Subject: [PATCH] docs: removes unused files --- .../accessing-logged-in-user.mdx | 9 --------- docs/Authentication/overview.mdx | 5 +++++ docs/Authentication/security.mdx | 7 ------- docs/Authentication/using-middleware.mdx | 2 +- docs/Configuration/collections.mdx | 18 ++++++++++-------- docs/Configuration/globals.mdx | 16 ++++++++-------- 6 files changed, 24 insertions(+), 33 deletions(-) delete mode 100644 docs/Authentication/accessing-logged-in-user.mdx delete mode 100644 docs/Authentication/security.mdx diff --git a/docs/Authentication/accessing-logged-in-user.mdx b/docs/Authentication/accessing-logged-in-user.mdx deleted file mode 100644 index 30881cdb7b8..00000000000 --- a/docs/Authentication/accessing-logged-in-user.mdx +++ /dev/null @@ -1,9 +0,0 @@ ---- -title: Accessing the User -label: Accessing the User -order: 50 ---- - -Talk about how to access the User in custom code like hooks and access control. The User is on the req. - -Show code examples. diff --git a/docs/Authentication/overview.mdx b/docs/Authentication/overview.mdx index d29e89c9dfb..cc7b59a4180 100644 --- a/docs/Authentication/overview.mdx +++ b/docs/Authentication/overview.mdx @@ -66,6 +66,11 @@ Once enabled, each document that is created within the Collection can be thought Successfully logging in returns a `JWT` (JSON web token) which is how a user will identify themselves to Payload. By providing this JWT via either an HTTP-only cookie or an `Authorization` header, Payload will automatically identify the user and add its user JWT data to the Express `req`, which is available throughout Payload including within access control, hooks, and more. + + Tip:
+ You can access the logged in user from access control functions and hooks via the Express req. The logged in user is automatically added as the user property. + + ### HTTP-only cookies Payload `login`, `logout`, and `refresh` operations make use of HTTP-only cookies for authentication purposes. HTTP-only cookies are a highly secure method of storing identifiable data on a user's device so that Payload can automatically recognize a returning user until their cookie expires. They are totally protected from common XSS attacks and cannot be read at all via JavaScript in the browser. diff --git a/docs/Authentication/security.mdx b/docs/Authentication/security.mdx deleted file mode 100644 index eb69e254820..00000000000 --- a/docs/Authentication/security.mdx +++ /dev/null @@ -1,7 +0,0 @@ ---- -title: Authentication Security -label: Security -order: 40 ---- - -Talk about how Payload securely authenticates here. diff --git a/docs/Authentication/using-middleware.mdx b/docs/Authentication/using-middleware.mdx index c5a63262d87..7eb9b2f6e03 100644 --- a/docs/Authentication/using-middleware.mdx +++ b/docs/Authentication/using-middleware.mdx @@ -1,7 +1,7 @@ --- title: Using the Payload Auth Middleware label: Using the Middleware -order: 50 +order: 40 --- Talk about how to use `payload.authenticate()` outside of Payload - show examples diff --git a/docs/Configuration/collections.mdx b/docs/Configuration/collections.mdx index a5fe9ed778d..be45b5eaea6 100644 --- a/docs/Configuration/collections.mdx +++ b/docs/Configuration/collections.mdx @@ -12,14 +12,16 @@ It's often best practice to write your Collections in separate files and then im | Option | Description | | ---------------- | -------------| -| `slug` | Unique, URL-friendly string that will act as an identifier for this Collection. | -| `labels` | Singular and plural labels for use in identifying this Collection throughout Payload. | -| `fields` | Array of field types that will determine the structure and functionality of the data stored within this Collection. [Click here](/docs/fields/overview) for a full list of field types as well as how to configure them. | -| `admin` | Admin-specific configuration. See below for [more detail](/docs/collections#admin). | -| `hooks` | Entry points to "tie in" to Collection actions at specific points. [More](/docs/hooks/config#collection-hooks) | -| `access` | Provide access control functions to define exactly who should be able to do what with Documents in this Collection. [More](/docs/access-control/config/#collections) | -| `auth` | Specify options if you would like this Collection to feature authentication. For more, consult the [Authentication](/docs/authentication/config) documentation. | -| `upload` | Specify options if you would like this Collection to support file uploads. For more, consult the [Uploads](/docs/uploads/config) documentation. | +| **`slug`** * | Unique, URL-friendly string that will act as an identifier for this Collection. | +| **`fields`** * | Array of field types that will determine the structure and functionality of the data stored within this Collection. [Click here](/docs/fields/overview) for a full list of field types as well as how to configure them. | +| **`labels`** | Singular and plural labels for use in identifying this Collection throughout Payload. | +| **`admin`** | Admin-specific configuration. See below for [more detail](/docs/collections#admin). | +| **`hooks`** | Entry points to "tie in" to Collection actions at specific points. [More](/docs/hooks/config#collection-hooks) | +| **`access`** | Provide access control functions to define exactly who should be able to do what with Documents in this Collection. [More](/docs/access-control/config/#collections) | +| **`auth`** | Specify options if you would like this Collection to feature authentication. For more, consult the [Authentication](/docs/authentication/config) documentation. | +| **`upload`** | Specify options if you would like this Collection to support file uploads. For more, consult the [Uploads](/docs/uploads/config) documentation. | + +*\* An asterisk denotes that a property is required.* #### Simple collection example diff --git a/docs/Configuration/globals.mdx b/docs/Configuration/globals.mdx index dde62855005..f6e27b5b86e 100644 --- a/docs/Configuration/globals.mdx +++ b/docs/Configuration/globals.mdx @@ -12,14 +12,14 @@ As with Collection configs, it's often best practice to write your Globals in se | Option | Description | | ---------------- | -------------| -| `slug` | Unique, URL-friendly string that will act as an identifier for this Global. | -| `label` | Singular label for use in identifying this Global throughout Payload. | -| `fields` | Array of field types that will determine the structure and functionality of the data stored within this Global. [Click here](/docs/fields/overview) for a full list of field types as well as how to configure them. | -| `admin` | Admin-specific configuration. See below for [more detail](/docs/configuration/globals#admin-options). | -| `hooks` | Entry points to "tie in" to collection actions at specific points. [More](/docs/hooks/config#global-hooks) | -| `access` | Provide access control functions to define exactly who should be able to do what with this Global. [More](/docs/access-control/config/#globals) | -| `auth` | Specify options if you would like this collection to feature authentication. For more, consult the [Authentication](/docs/authentication/config) documentation. | -| `upload` | Specify options if you would like this collection to support file uploads. For more, consult the [Uploads](/docs/uploads/config) documentation. | +| **`slug`** * | Unique, URL-friendly string that will act as an identifier for this Global. | +| **`fields`** * | Array of field types that will determine the structure and functionality of the data stored within this Global. [Click here](/docs/fields/overview) for a full list of field types as well as how to configure them. | +| **`label`** | Singular label for use in identifying this Global throughout Payload. | +| **`admin`** | Admin-specific configuration. See below for [more detail](/docs/configuration/globals#admin-options). | +| **`hooks`** | Entry points to "tie in" to collection actions at specific points. [More](/docs/hooks/config#global-hooks) | +| **`access`** | Provide access control functions to define exactly who should be able to do what with this Global. [More](/docs/access-control/config/#globals) | + +*\* An asterisk denotes that a property is required.* #### Simple Global example