fixup! fix: add custom integration authentication section.

serverpod · Mar 28, 2024 · c535411 · c535411
1 parent 41fffa0
commit c535411
Showing 1 changed file with 20 additions and 21 deletions.
diff --git a/docs/05-concepts/10-authentication/05-custom-integration.md b/docs/05-concepts/10-authentication/05-custom-integration.md
@@ -8,9 +8,9 @@ After successfully authenticating a user, for example, through a username and pa
 
 ### Create auth token
 
-To create a token, call the `signInUser` method in the `UserAuthentication` class, accessible through the `session.auth` field on the `session` object. 
+To create an auth token, call the `signInUser` method in the `UserAuthentication` class, accessible through the `session.auth` field on the `session` object. 
 
-The `signInUser` method takes three arguments: the first is a unique `integer` identifier for the user, the second stores information about the method used to authenticate the user, and the third is a set of scopes the token has.
+The `signInUser` method takes three arguments: the first is a unique `integer` identifier for the user, the second is information about the method used to authenticate the user, and the third is a set of scopes granted to the auth token.
 
 ```dart
 var authToken = await session.auth.signInUser(myUserObject.id, 'myAuthMethod', scopes: {
@@ -19,20 +19,20 @@ var authToken = await session.auth.signInUser(myUserObject.id, 'myAuthMethod', s
 });
 ```
 
-The example above creates an auth token for a user with the unique identifier taken from `myUserObject`. The token was created using the method `myAuthMethod` and has the scopes `delete` and `create`.
+The example above creates an auth token for a user with the unique identifier taken from `myUserObject`. The auth token preserves that it was created using the method `myAuthMethod` and has the scopes `delete` and `create`.
 
 
 :::info
-The unique identifier for the user should uniquely identify the user regardless of authentication method. The information makes it possible to group authentication tokens associated with the same user.
+The unique identifier for the user should uniquely identify the user regardless of authentication method. The information allows authentication tokens associated with the same user to be grouped.
 :::
 
-#### Custom tokens
+#### Custom auth tokens
 
-The `UserAuthentication` class simplifies the token management, but makes assumptions around what information should be stored in the token. If your project has different requirements it is possible to replace the tokens used. This requires that the token validation is overriden and adjusted to the new token format, explained in [Override token validation](#override-token-validation). 
+The `UserAuthentication` class simplifies the token management but makes assumptions about what information should be stored in the auth token. If your project has different requirements, managing auth tokens manually with your defined model is possible. Custom auth tokens require that the token validation is overridden and adjusted to the new auth token format, explained in [override token validation](#override-token-validation). 
 
 ### Token validation format
 
-The framework requires tokens to be of `String` type. The default token validation expects the token to be in the format `userId:key`. The `userId` is the unique identifier for the user, and the `key` is a generated key. Tthe `userId` and `key` is then retrieved from the token and validated towards the auth token stored as a result of the call to `session.auth.signInUser(...)`.
+The framework requires tokens to be of `String` type, and the default token validation expects the token to be in the format `userId:key`. The `userId` is the unique identifier for the user, and the `key` is a generated auth token key. The `userId` and `key` are then retrieved from the token and validated towards the auth token stored as a result of the call to `session.auth.signInUser(...)`.
 
 ```dart
 var authToken = await session.auth.signInUser(....);
@@ -64,7 +64,7 @@ In the above example, the `authenticationHandler` callback is overridden with a
 
 ### Send token to client
 
-After creating the token, it should be sent to the client. The client is then responsible for storing the token and including it in communication with the server. The token is usually sent in the response to a sign-in request if authentication is successful.
+After creating the token, it should be sent to the client. The client is then responsible for storing the token and including it in communication with the server. The token is usually sent in response to a successful sign-in request.
 
 ```dart
 class UserEndpoint extends Endpoint {
@@ -105,7 +105,7 @@ class AuthenticatedEndpoint extends Endpoint {
 In the above example, the `logout` endpoint removes all auth tokens associated with the user. The user is then signed out and loses access to any protected endpoints.
 
 #### Remove specific tokens
-To remove a specific tokens the `AuthKey` table can be interacted with directly. The `AuthKey` table stores all auth tokens and can be interacted with in the same way as any other model with a database in Serverpod.
+The `AuthKey` table stores all auth tokens and can be interacted with in the same way as any other model with a database in Serverpod. To remove specific tokens, the `AuthKey` table can be interacted with directly.
 
 ```dart
 await AuthKey.db.deleteWhere(
@@ -118,14 +118,13 @@ In the above example, all auth tokens associated with the user `userId` and crea
 
 
 #### Custom token solution
-If a [custom token](#custom-tokens) solution has been implemented, token removal will need to be handled manually. The `signOutUser` method does not provide an interface to interact with other database tables.
+If a [custom auth token](#custom-tokens) solution has been implemented, auth token removal must be handled manually. The `signOutUser` method does not provide an interface to interact with other database tables.
 
 ## Client setup
-Enabling authentication in the client is as simple as configuring a key manager and placing any auth token in it.
-If a key manager is configured, the client will automatically query the manager for auth tokens and include them in communication with the server.
+Enabling authentication in the client is as simple as configuring a key manager and placing any token in it. If a key manager is configured, the client will automatically query the manager for a token and include it in communication with the server.
 
 ### Configure key manager
-Key managers need to implement the `AuthenticationKeyManager` interface. The key manager is provided when creating the client by passing it as the named parameter `authenticationKeyManager`. If no key manager is configured, the client will not include auth tokens in requests to the server.
+Key managers need to implement the `AuthenticationKeyManager` interface. The key manager is configured when creating the client by passing it as the named parameter `authenticationKeyManager`. If no key manager is configured, the client will not include tokens in requests to the server.
 
 ```dart
 class SimpleAuthKeyManager extends AuthenticationKeyManager {
@@ -167,29 +166,29 @@ The key manager is then available through the client's `authenticationKeyManager
 var keyManager = client.authenticationKeyManager;
 ```
 
-### Store auth token 
-When the client receives an auth token from the server, it is responsible for storing it in the key manager using the `put` method. The key manager will then include the token in all requests to the server.
+### Store token 
+When the client receives a token from the server, it is responsible for storing it in the key manager using the `put` method. The key manager will then include the token in all requests to the server.
 
 ```dart
 await client.authenticationKeyManager?.put(token);
 ```
 
 In the above example, the `token` is placed in the key manager. It will now be included in communication with the server.
 
-### Remove auth token
-To remove the auth token from the key manager, call the `remove` method.
+### Remove token
+To remove the token from the key manager, call the `remove` method.
 
 ```dart
 await client.authenticationKeyManager?.remove();
 ```
 
-The above example removes the any auth token from the key manager.
+The above example removes any token from the key manager.
 
-### Retrieve auth token
-To retrieve the auth token from the key manager, call the `get` method.
+### Retrieve token
+To retrieve the token from the key manager, call the `get` method.
 
 ```dart
 var token = await client.authenticationKeyManager?.get();
 ```
 
-The above example retrieves the auth token from the key manager and stores it in the `token` variable.
+The above example retrieves the token from the key manager and stores it in the `token` variable.