Identity & Authentication Class
The User class is the central security and identity management engine for GeniXCMS. It handles the entire user lifecycle, from secure registration and role-based access control (RBAC) to profile management, session persistence, and multi-level administrative permissions.
🔐 Authentication & Session Security
GeniXCMS implements a robust session-based security layer linked to the Session Class.
User::secure()
The primary middleware for protected pages. It verifies the active user session; if no session is detected, it automatically redirects the visitor to the login page with an encoded backto return URL.
User::isLoggedin()
Returns a bool indicating if the visitor is currently authenticated within the system.
🛡️ Role-Based Access Control (RBAC)
GeniXCMS uses a tiered numeric level system. Access is granted if the user's level is equal to or lower (smaller numeric value) than the requirement.
| Level |
Role |
Description |
0 |
Administrator |
Full system-wide orchestration. |
1 |
Supervisor |
Site-wide management without kernel access. |
2 |
Editor |
Content curation and comment moderation. |
3 |
Author |
Authoring activities and personal content management. |
4 |
Contributor |
Can submit content for review. |
5 |
VIP Member |
Premium member level. |
6 |
General Member |
Default level for registered subscribers. |
User::access(string $lvl)
Checks if the current user meets the specified clearance level.
// Only allow Editors and above
if (User::access('2')) {
echo "Access granted to editorial tools.";
}
🏗️ User Management API
User::create(array $data) / User::update(array $data)
Standardized methods for committing user records to the database.
- Data Encryption: Passwords are automatically hashed using the current system-wide encryption algorithms (e.g.,
PASSWORD_BCRYPT).
- Validation: Ensures unique User IDs and Email addresses during the creation process.
📂 Identity Retrieval Helpers
Quickly resolve specific user attributes using their unique ID or Username.
User::avatar($id): Resolves the user's profile image or Gravatar based on site settings.User::email($id): Fetches the unique contact address for a specific user ID.User::group($id): Returns the plain-text role name associated with the user's numeric level.
priority_highImportantPassword Security: Never attempt to manually hash passwords using md5() or sha1(). Always use the User::create() and User::update() methods, which leverage modern, salt-aware PHP password hashing functions.
lightbulbTipCustom Redirects: The User::secure() method is typically called at the top of protected controller files to prevent unauthorized execution of your business logic.
See Also
