PHP Class Webiny\Component\Security\Authentication\Firewall

The firewall class check if users is authenticated and holds the methods for authentication.

Inheritance: use trait Webiny\Component\Http\HttpTrait, use trait Webiny\Component\StdLib\StdLibTrait, use trait Webiny\Component\StdLib\FactoryLoaderTrait, use trait Webiny\Component\EventManager\EventManagerTrait

Show file Open project: Webiny/Framework Class Usage Examples

Public Methods

Method	Description
__construct ( string $firewallKey, ConfigObject $firewallConfig, array $userProviders, Encoder $encoder )	Constructor.
createPasswordHash ( string $password ) : string	Create a hash for the given password.
getAnonymousAccess ( ) : boolean	Check if anonymous access is allowed or not.
getConfig ( ) : ConfigObject	Get config for current firewall.
getFirewallKey ( ) : string	Returns the name of the current firewall. Don't mistake it for realm name.
getRealmName ( ) : string	Get realm name.
getToken ( ) : Token	Get the current token.
getUser ( ) : boolean \| AbstractUser	Tries to retrieve the user from current token.
isUserAllowedAccess ( ) : boolean	Checks if current user has access to current area based by access rules.
processLogin ( string $authProvider = '' ) : boolean	Call this method on your login submit page, it will trigger the authentication provider and validate the provided credentials.
processLogout ( )	This method deletes user auth token and calls the logoutCallback on current login provider.
verifyPasswordHash ( string $password, string $hash ) : boolean	Verify if the $password matches the $hash.

Private Methods

Method	Description
authenticate ( Login $login ) : boolean \| AbstractUser	Method that validates the submitted credentials with defined firewall user providers.
getAuthProvider ( string $authProvider ) : Webiny\Component\Security\Authentication\Providers\AuthenticationInterface	Get the authentication provider.
getAuthProviderConfig ( string $authProvider ) : ConfigObject	Returns the config of current auth provider.
getTokenName ( ) : string	Returns the token name.
initRoleHierarchy ( )	Initializes role hierarchy.
initToken ( )	Initializes the Token.
setUserRoles ( )	Sets roles for current user.

Method Details

__construct() public method

Constructor.

public __construct ( string $firewallKey, ConfigObject $firewallConfig, array $userProviders, Encoder $encoder )
$firewallKey	string	Name of the current firewall.
$firewallConfig	Webiny\Component\Config\ConfigObject	Firewall config.
$userProviders	array	Array of user providers for this firewall.
$encoder	Webiny\Component\Security\Encoder\Encoder	Instance of encoder for this firewall.

createPasswordHash() public method

Create a hash for the given password.

public createPasswordHash ( string $password ) : string
$password	string
return	string	Password hash.

getAnonymousAccess() public method

If anonymous access is not defined in the config, by default it will be set to false.

public getAnonymousAccess ( ) : boolean
return	boolean	Is anonymous access allowed or not.

getConfig() public method

Get config for current firewall.

public getConfig ( ) : ConfigObject
return	Webiny\Component\Config\ConfigObject

getFirewallKey() public method

Returns the name of the current firewall. Don't mistake it for realm name.

public getFirewallKey ( ) : string
return	string

getRealmName() public method

Get realm name.

public getRealmName ( ) : string
return	string	Realm name.

getToken() public method

Get the current token.

public getToken ( ) : Token
return	Webiny\Component\Security\Token\Token

getUser() public method

If the token does not exist, AnonymousUser is returned.

public getUser ( ) : boolean \| AbstractUser
return	boolean \| Webiny\Component\Security\User\AbstractUser

isUserAllowedAccess() public method

Checks if current user has access to current area based by access rules.

public isUserAllowedAccess ( ) : boolean
return	boolean

processLogin() public method

Call this method on your login submit page, it will trigger the authentication provider and validate the provided credentials.

public processLogin ( string $authProvider = '' ) : boolean
$authProvider	string	Name of the auth provider you wish to use to process the login. If you don't set it, the first registered provider will be used.
return	boolean	True if login is valid, false if login has failed.

processLogout() public method

After that, it replaces the current user instance with an instance of AnonymousUser and redirects the request to the logout.target.

public processLogout ( )

verifyPasswordHash() public method

Verify if the $password matches the $hash.

public verifyPasswordHash ( string $password, string $hash ) : boolean
$password	string
$hash	string
return	boolean	True if $password matches $hash. Otherwise false is returned.