updates to support IndieAuth spec 20220212 metadata and issuer

[squeep-authentication-module] / README.md

diff --git a/README.md b/README.md
index 3004f71e272272300f5530f78cdf3a4067ddb0f1..13d210d54bf24a6e3f6d28af8c0b5098e5208922 100644 (file)
--- a/README.md
+++ b/README.md
@@ -14,6 +14,23 @@ Class which fetches and validates identifiers and their credentials from databas
 
 There are some methods for dealing with Basic auth in here as well, but they are not used by sessions.
 
+- `sessionRequiredLocal` redirect to login if session does not represent a valid local user
+- `sessionRequired` redirect to login if session does not represent a valid local user or IA profile
+- `sessionOptionalLocal` check if session represents a valid local user
+- `sessionOptional` check if session represents a valid local user or IA profile
+
+If session is valid for any of these, ctx.session will be populated appropriately.
+
+- `ctx.authenticatedId` will be set to either the valid local identifier or the valid profile
+- `ctx.session.authenticatedIdentifier` will be set if valid local identifier
+- `ctx.session.authenticatedProfile` will be set if valid IA profile
+
 ### SessionManager
 
 Class providing service handler functions for rendering and processing session login and logout pages.
+
+- `getAdminLogin` renders the HTML login form
+- `postAdminLogin` ingests login form data, either validating or denying
+  for local users, or redirecting to IndieAuth server and persisting transient state
+  in session cookie.
+- `getAdminIA` interprets the returning redirect from the IndieAuth server.