{user:field}

Description

Returns information about the currently logged-in user. With no parameter it returns the login username (a quick lookup that does not touch the database). The keyword password returns the plain-text password, but only when the request used HTTP Basic auth. The keywords role and permission both return the user permission role for the current slice: super, administrator, editor, author, or undefined. The keyword id returns the long item id of the user Reader record. Any other value is read as a field id (or a _#ALIAS) from the logged-in user Reader item, so user headline........ returns that field, typically the display name. Because the result depends on who is logged in, any view that uses this command is never cached, and on a public page with nobody logged in the user-specific values are empty. Note: a bare username read returns nothing in an anonymous context; prefer a field read such as user headline........ for display. For a cacheable variant that reads the same Reader item see xuser; to look up another user by id see userinfo.

Parameters

field optional

Which piece of the current user to return. Empty returns the login username (no database lookup, so it is fast). The special keywords password, role, permission, and id are recognized; any other value is read as a field id (or _#ALIAS) from the logged-in user's Reader item. permission is a synonym of role.

Examples

virtual{user:role}

Expected(super, administrator, editor, author, or undefined - the logged-in user's role for the current slice)

Actualundefined

Returns the current user's permission role. On a public page with nobody logged in it is undefined. This example is auth-dependent, so it is illustrative, not asserted.

virtual{user:id}

Expected(the long item id of the logged-in user's Reader record; empty when nobody is logged in)

Actualnobody

Returns the internal item id of the logged-in user's Reader item. Useful as a key to look the user up in other slices.

virtual{user:headline........}

Expected(the value of that field on the logged-in user's Reader item, e.g. their display name)

Any other value is treated as a field id (or alias) read from the logged-in user's Reader item. Here headline........ is the display-name field on a typical Reader slice.

virtual[{user:password}]

Expected([] - the plain-text password from HTTP Basic auth, empty in a normal session)

Actual[]

Returns the plain-text password only when the request used HTTP Basic auth; in a normal cookie session it is empty. Wrapped in brackets so the empty result is visible. Avoid exposing this on public output.

virtualSigned in as {user:headline........} ({user:role})

Expected(Signed in as Jane Editor (editor) - values depend on the logged-in user)

ActualSigned in as (undefined)

A typical real-world pattern: greet the logged-in user by name and show their role. Both pieces are auth-dependent.

← All expressions