SudoSOS Back-end API / internal/controllers / AuthenticationSecureController
Class: AuthenticationSecureController ​
Handles authenticated-only authentication endpoints for token management and specialized flows. All endpoints require valid JWT tokens and build upon existing authentication.
Internal Implementation Notes ​
- Token refresh maintains the same access level by preserving the posId property (if present)
- POS authentication uses custom expiry settings from server settings
- QR confirmation integrates with WebSocket service for real-time notifications
- All methods use the role manager for permission validation
Extends ​
Constructors ​
Constructor ​
ts
new AuthenticationSecureController(options, tokenHandler): AuthenticationSecureController;Creates a new authentication secure controller instance.
Parameters ​
| Parameter | Type | Description |
|---|---|---|
options | BaseControllerOptions | The options passed to the base controller. |
tokenHandler | TokenHandler | The token handler for creating signed tokens. |
Returns ​
AuthenticationSecureController
Overrides ​
Properties ​
| Property | Modifier | Type | Description | Inherited from |
|---|---|---|---|---|
roleManager | protected | RoleManager | A reference to the role manager passed in the base controller options. | BaseController.roleManager |
specification | public | SwaggerSpecification | A reference to the swagger specification passed in the base controller options. | BaseController.specification |
tokenHandler | protected | TokenHandler | Reference to the token handler of the application. | - |
Methods ​
getPolicy() ​
ts
getPolicy(): Policy;Gets the policy defined by child classes. This policy includes all routes that the controller accepts, the authorization middleware, and the final handler function for every route.
Returns ​
The policy of this controller.
Overrides ​
getRouter() ​
ts
getRouter(): Router;Returns ​
Router
the router used by this controller.