X-Git-Url: http://git.squeep.com/?p=squeep-authentication-module;a=blobdiff_plain;f=README.md;h=d5feea6e6b748df0b0c3558c9b9db740bc59cafa;hp=3004f71e272272300f5530f78cdf3a4067ddb0f1;hb=df9be924442837d9ba2bf6d80bf2563aee264103;hpb=dd173e6b450cbba8100883514610c9fde83d050a

diff --git a/README.md b/README.md
index 3004f71..d5feea6 100644
--- a/README.md
+++ b/README.md
@@ -14,6 +14,27 @@ Class which fetches and validates identifiers and their credentials from databas
 
 There are some methods for dealing with Basic auth in here as well, but they are not used by sessions.
 
+- `sessionRequiredLocal` redirect to login if session does not represent a valid local user
+- `sessionRequired` redirect to login if session does not represent a valid local user or IA profile
+- `sessionOptionalLocal` check if session represents a valid local user
+- `sessionOptional` check if session represents a valid local user or IA profile
+
+If session is valid for any of these, ctx.session will be populated appropriately.
+
+- `ctx.authenticatedId` will be set to either the valid local identifier or the valid profile
+- `ctx.session.authenticatedIdentifier` will be set if valid local identifier
+- `ctx.session.authenticatedProfile` will be set if valid IA profile
+
 ### SessionManager
 
 Class providing service handler functions for rendering and processing session login and logout pages.
+
+- `getAdminLogin` renders the HTML login form
+- `postAdminLogin` ingests login form data, either validating or denying
+  for local users, or redirecting to IndieAuth server and persisting transient state
+  in session cookie.
+- `getAdminIA` interprets the returning redirect from the IndieAuth server.
+
+### Other Notes
+
+The logger used should be able to mask `ctx.parsedBody.credential` context field.