docs: move session_auth_event_and_logging.md contents to authenticati…

…on/session.md
codeigniter4 · Sep 22, 2023 · 5567353 · 5567353
1 parent 4914538
commit 5567353
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 47 deletions.
diff --git a/docs/references/authentication/session.md b/docs/references/authentication/session.md
@@ -5,7 +5,9 @@ on their device. This is the standard password-based login used in most web site
 secure remember-me feature, and more. This can also be used to handle authentication for
 single page applications (SPAs).
 
-## attempt()
+## Method References
+
+### attempt()
 
 When a user attempts to login with their email and password, you would call the `attempt()` method
 on the auth class, passing in their credentials.
@@ -44,7 +46,7 @@ to set a secure remember-me cookie.
 $loginAttempt = auth()->remember()->attempt($credentials);
 ```
 
-## check()
+### check()
 
 If you would like to check a user's credentials without logging them in, you can use the `check()`
 method.
@@ -64,7 +66,7 @@ if (! $validCreds->isOK()) {
 
 The Result instance returned contains the valid user as `extraInfo()`.
 
-## loggedIn()
+### loggedIn()
 
 You can determine if a user is currently logged in with the aptly titled method, `loggedIn()`.
 
@@ -74,7 +76,7 @@ if (auth()->loggedIn()) {
 }
 ```
 
-## logout()
+### logout()
 
 You can call the `logout()` method to log the user out of the current session. This will destroy and
 regenerate the current session, purge any remember-me tokens current for this user, and trigger a
@@ -84,7 +86,50 @@ regenerate the current session, purge any remember-me tokens current for this us
 auth()->logout();
 ```
 
-## forget()
+### forget()
 
 The `forget` method will purge all remember-me tokens for the current user, making it so they
 will not be remembered on the next visit to the site.
+
+## Events and Logging
+
+The following is a list of Events and Logging for Session Authenticator.
+
+### Register
+
+- Default Register
+    - Post email/username/password
+        - OK → event `register` and `login`
+        - NG → no event
+- Register with Email Activation
+    1. Post email/username/password
+        - OK → event `register`
+        - NG → no event
+    2. Post token
+        - OK → event `login`
+        - NG → no event
+
+### Login
+
+- Default Login
+    - Post email/password
+        - OK → event `login` / table `auth_logins`
+        - NG → event `failedLogin` / table `auth_logins`
+- Email2FA Login
+    1. Post email/password
+        - OK → no event / table `auth_logins`
+        - NG → event `failedLogin` / table `auth_logins`
+    2. Post token
+        - OK → event `login`
+        - NG → no event
+- Remember-me
+    - Send remember-me cookie w/o session cookie
+        - OK → no event
+        - NG → no event
+- Magic-link
+    1. Post email
+        - OK → no event
+        - NG → no event
+    2. Send request with token
+        - OK → event `login` and `magicLogin` / table `auth_logins`
+        - NG → event `failedLogin` / table `auth_logins`
diff --git a/docs/references/session_auth_event_and_logging.md b/docs/references/session_auth_event_and_logging.md