Overview
CloudBase Login Authentication provides a comprehensive user identity management and access control solution for your application. With built-in multiple login methods and security mechanisms, it helps you rapidly build a reliable user management system.
CloudBase Login Authentication performs identity verification and permission checks for every request initiated by the client, thus effectively preventing malicious access or unauthorized use of resources.
Supported Login Methods
CloudBase provides multiple login methods. You can choose an appropriate solution based on your business scenarios:
| Login Method | Applicable Scenarios | Features |
|---|---|---|
| Anonymous Login | Quick experience, Temporary users | No registration required, Temporary identity |
| Username and Password Login | Conventional applications | Username + password |
| SMS Verification Code Login | Mobile applications | Phone number + verification code |
| Email Login | Enterprise applications, Regular users | Email + password, Traditional method |
| WeChat Authorized Login | WeChat ecosystem applications | Official Account, Open Platform |
| Custom Login | Existing user systems | Integration with existing account systems |
| WeChat Mini Program Login | WeChat Mini Program | Automatic login authentication |
User Account System
Visual Management
In CloudBase/Authentication/User Management, you can view and manage user information.
Each user who logs in to CloudBase has an independent CloudBase account, which serves as their identity credential for accessing data and resources.
User Identifier (UID)
- Globally unique: Each account has a globally unique UID that serves as the user's unique identity
- Persistent and stable: The UID remains unchanged throughout the user's lifecycle
- Cross-platform consistency: The UID for the same user remains consistent across different platforms
User Information Management
Each account can store and manage a wealth of user information, including:
- Basic information (nickname, avatar, email, etc.)
- Custom Fields
- Login records and behavioral data
For detailed operations, refer to Manage Users.
Multiple Account Association
Support associating multiple login methods with a single account, enabling:
- Unified identity: Users can log in to the same account using different methods
- Seamless switching: Flexibly switch login methods across different devices or scenarios
- Data Consistency: Ensures user data remains consistent across different login methods
For detailed operations, refer to Account Linking.
Login Status Management
State Persistence
- Web client: Authentication status is retained for 30 days before explicit logout.
- Mobile client: Automatically manages state persistence based on platform characteristics.
Token Mechanism
CloudBase uses a dual-token mechanism to ensure access security:
Access Token (Access Token)
- Purpose: Serves as the identity credential for accessing CloudBase services.
- Validity Period: Default 2 hours
- Automatic management: The SDK automatically maintains the use and refresh of tokens.
Refresh Token (Refresh Token)
- Purpose: Used to obtain new access tokens.
- Validity Period: Default 30 days
- Automatic renewal: Automatically uses refresh tokens to obtain new access tokens when they expire.
The refresh token for "Anonymous Login" will be automatically renewed upon expiration to maintain a long-term anonymous login state.