M01

Security

Auth and RBAC foundation for enterprise multi-tenant software.

Centralized authentication, authorization, and session controls that enforce who can access what, when, and how across tenants, accounts, and admin surfaces.

LoginPage.jsxtsx

import { useState } from 'react';
import { Input, Button, Checkbox, FormGroup } from '@cleen/cleen-components';
import { useAuth } from '@/hooks/useAuth';

export function LoginPage() {
  const { login, loading } = useAuth();
  const [email, setEmail]       = useState('');
  const [password, setPassword] = useState('');
  const [remember, setRemember] = useState(true);

  const onSubmit = (e) => {
    e.preventDefault();
    login({ email, password, remember });
  };

  return (
    <form className="auth-card" onSubmit={onSubmit}>
      <h1>Sign in</h1>
      <FormGroup label="Email">
        <Input type="email" value={email} onChange={setEmail} required />
      </FormGroup>
      <FormGroup label="Password">
        <Input type="password" value={password} onChange={setPassword} required />
      </FormGroup>
      <Checkbox checked={remember} onChange={setRemember}>Remember me</Checkbox>
      <Button type="submit" variant="primary" loading={loading} block>Sign in</Button>
    </form>
  );
}

CleenUI components used

Capabilities

User login/signup/social login and token refresh
Session token workflows for public and private paths
Role and permission management
Role to user assignment
Auth-secured health and policy enforcement patterns

Benefits

Reduces privilege drift
Improves security auditability
Supports enterprise access governance

Flow of work

01Authenticate identity
02Resolve tenant/account context
03Evaluate role and permission set
04Authorize endpoint action
05Return data or policy error

Subfeatures

Login
Signup
Social login
Refresh token
Role filter
Role save
Permission add/remove
Role-user assignment
Auth-secured health check

Source surfaces (technical reference)

Internal code areas in the licensed Full-Stack codebase that back this module.

ApiAuth
ApiAdmin roles and permissions
ApiPublic session token
Api error code authorization handling

In the stack

Where it lives. What it exposes.

A quick visual of how Security participates across the CleenUI stack, alongside the named operations it adds to the API surface.

M01 · architecture

Frontend

React · TailwindCSS · 60+ components

API

C# Web API · production-ready · role-aware

Auth endpointsRole CRUDPermission CRUDSession tokenHealth check

Database

AzureSQL · 300+ tables · 700+ procedures

UsersRolesPermissionsSessions

Async Services and Batch Jobs

WebJobs & Functions · queue-backed

Session monitorToken cleanup

All four layers ship together as the Full-Stack license. M01 blocks are highlighted.

API operations

Named operations on this surface

Try these in Postman

POSTLogin/auth/login
POSTSignup/auth/signup
POSTSocial login/auth/social-login
POSTRefresh token/auth/refresh-token
POSTRole filter/auth/role-filter
POSTRole save/auth/role-save
POSTPermission add/remove/auth/permission-add-remove
POSTRole-user assignment/auth/role-user-assignment
POSTAuth-secured health check/auth/auth-secured-health-check

Each operation maps to an endpoint in the licensed C# Web API surface.