In this section, we will look at a customized way to handle authentication that gives us all the core features that we need along with some additional enhancements. We are going to create a CFC for the user and nest the logic for authentication inside the user object. We will instantiate the user class as a session-based object. We will also take this logic and wrap it up into the
Application.cfc so that it becomes portable and easier to implement in our programs. In the end, we will have more function and flexibility than the native authentication permission handling system. Here is the code for the session start of the
<cffunction name="onSessionStart" output="false"> <cfscript> // create ...