Header Small Ahoy!

What Is the Objective?

Our primary goal is to be able to build secure, large scale apps that have multiple secure and private areas, custom-made for multiple different types of user levels. For example, the user levels required for a university IT system might include:

It's possible that the different user levels, in such a system, could have entirely different experiences from each other. For example, the admin panel that gets presented to lecturers might be entirely different from the admin panel that gets presented to students. Furthermore, it's possible that the mechanisms and rules for logging users in and out of the system could differ dramatically - depending on 'user level'.

Trongate makes this possible by usage of a token system. A 'token' is simply a random string of characters that has been generated by the framework. This random string of characters may be presented to users who have successfully logged in and, later, used for authentication and authorization purposes. Of course, from the perspective of the end user, this will all be an effortless and automatic process. End users (i.e., site visitors) should not be aware of the mechanisms that are going on behind the scenes, when authentication and authorization is being handled.

The word 'authentication', in this context, refers to the mechanism by which an app can ascertain who a user is. 'Authorization' (which people from the UK spell with an 's') refers to the mechanism by which an app either grants or denies access to a user. Authentication and authorization are strongly tied together, but strictly speaking they are two different things.