PHP Class lithium\security\auth\adapter\Form

When a request is submitted, the adapter will take the form data from the Request object, apply any filters as appropriate (see the 'filters' configuration setting below), and query a model class using using the filtered data. By default, the adapter uses a model called User, and lookup fields called 'username' and 'password'. These can be customized by setting the 'model' and 'fields' configuration keys, respectively. The 'model' key accepts either a model name (i.e. Customer), or a fully-namespaced path to a model class (i.e. \app\models\Customer). The 'fields' setting accepts an array of field names to use when looking up a user. An example configuration, including a custom model class and lookup fields might look like the following: {{{ Auth::config(array( 'customer' => array( 'model' => 'Customer', 'fields' => array('email', 'password') ) )); }}} If the field names present in the form match the fields used in the database lookup, the above will suffice. If, however, the form fields must be matched to non-standard database column names, you can specify an array which matches up the form field names to their corresponding database column names. Suppose, for example, user authentication information in a MongoDB database is nested within a sub-object called login. The adapter could be configured as follows: {{{ Auth::config(array( 'customer' => array( 'model' => 'Customer', 'fields' => array('username' => 'login.username', 'password' => 'login.password'), 'scope' => array('active' => true) ) )); }}} Note that any additional fields may be specified which should be included in the query. For example, if a user must select a group when logging in, you may override the 'fields' key with that value as well (i.e. 'fields' => array('username', 'password', 'group'); note that if a field is specified which is not present in the request, the value in the query will be null). However, this will only submit data that is specified in the incoming request. If you would like to further limit the query using fixed data, use the 'scope' key, as shown in the example above. As mentioned, prior to any queries being executed, the request data is modified by any filters configured. Filters are callbacks which accept the value of a field as input, and return a modified version of the value as output. Filters can be any PHP callable, i.e. a closure or array('ClassName', 'method'). The only filter that is configured by default is for the password field, which is filtered by lithium\util\String::hash(). Note that if you are specifying the 'fields' configuration using key/value pairs, the key used to specify the filter must match the key side of the 'fields' assignment.
See also: lithium\net\http\Request::$data
See also: lithium\data\Model::find()
See also: lithium\util\String::hash()
Inheritance: extends lithium\core\Object
Datei anzeigen Open project: unionofrad/lithium Class Usage Examples

Protected Properties

Property Type Description
$_autoConfig array List of configuration properties to automatically assign to the properties of the adapter when the class is constructed.
$_fields array This can either be a simple array of field names, or a set of key/value pairs, which map the field names in the request to database field names. For example, if you had a form field name username, which mapped to a database field named username, you could use the following in the 'fields' configuration: embed:lithium\tests\cases\security\auth\adapter\FormTest::testMixedFieldMapping(3-3) This is especially relevant for document databases, where you may want to map a form field to a nested document field: 'fields' => array('username' => 'login.username', 'password'),
$_filters array Optionally, you can specify a callback with no key, which will receive (and can modify) the entire credentials array before the query is executed, as in the following example: Auth::config(array( 'members' => array( 'adapter' => 'Form', 'model' => 'Member', 'fields' => array('email', 'password'), 'filters' => array(function($data) { If the user is outside the company, then their account must have the 'private' field set to true in order to log in: if (!preg_match('/@mycompany\.com$/', $data['email'])) { $data['private'] = true; } return $data; }) ) ));
$_model string 'Users'), or a fully-namespaced class reference (i.e. 'app\models\Users'). When authenticating users, the magic first() method is invoked against the model to return the first record found when combining the conditions in the $_scope property with the authentication data yielded from the Request object in Form::check(). (Note that the model method called is configurable using the $_query property).
$_query string If you require custom model logic in your authentication query, use this setting to specify which model method to call, and this method will receive the authentication query. In return, the Form adapter expects a Record object which implements the data() method. See the constructor for more information on setting this property. Defaults to 'first', which calls, for example, Users::first().
$_scope array array('active' => true) to disallow authenticating against inactive user accounts.
$_validators array An array of callbacks, keyed by form field name, which make an assertion about a piece of submitted form data. Each validator should accept the value of the form field submitted (which will be modified by any applied filters), and return a boolean value indicating the success of the validation. If a validator is specified with no key, it will receive all form data and all database data. See the _validate() method for more information.

Public Methods

Method Description
__construct ( array $config = [] ) : void Constructor. Sets the initial configuration for the Form adapter, as detailed below.
check ( object $credentials, array $options = [] ) : array Called by the Auth class to run an authentication check against a model class using the credentials in a data container (a Request object), and returns an array of user information on success, or false on failure.
clear ( array $options = [] ) : void Called by Auth when a user session is terminated. Not implemented in the Form adapter.
set ( array $data, array $options = [] ) : array A pass-through method called by Auth. Returns the value of $data, which is written to a user's session. When implementing a custom adapter, this method may be used to modify or reject data before it is written to the session.

Protected Methods

Method Description
_data ( array $data ) : array Checks if the data container values are inside indexed arrays from binding.
_filters ( array $data ) : array Iterates over the filters configured in $_filters which are applied to submitted form data _before_ it is used in the query.
_init ( ) : void Initializes values configured in the constructor.
_validate ( object $user, array $data ) : array After an authentication query against the configured model class has occurred, this method iterates over the configured validators and checks each one by passing the submitted form value as the first parameter, and the corresponding database value as the second. The validator then returns a boolean to indicate success. If the validator fails, it will cause the entire authentication operation to fail. Note that any filters applied to a form field will affect the data passed to the validator.

Method Details

__construct() public method

Constructor. Sets the initial configuration for the Form adapter, as detailed below.
See also: lithium\security\auth\adapter\Form::$_model
See also: lithium\security\auth\adapter\Form::$_fields
See also: lithium\security\auth\adapter\Form::$_filters
See also: lithium\security\auth\adapter\Form::$_validators
See also: lithium\security\auth\adapter\Form::$_query
public __construct ( array $config = [] ) : void
$config array Available configuration options: `'model'` _string_: The name of the model class to use. See the `$_model` property for details. `'fields'` _array_: The model fields to query against when taking input from the request data. See the `$_fields` property for details. `'scope'` _array_: Any additional conditions used to constrain the authentication query. For example, if active accounts in an application have an `active` field which must be set to `true`, you can specify `'scope' => array('active' => true)`. See the `$_scope` property for more details. `'filters'` _array_: Named callbacks to apply to request data before the user lookup query is generated. See the `$_filters` property for more details. `'validators'` _array_: Named callbacks to apply to fields in request data and corresponding fields in database data in order to do programmatic authentication checks after the query has occurred. See the `$_validators` property for more details. `'query'` _string_: Determines the model method to invoke for authentication checks. See the `$_query` property for more details.
return void

_data() protected method

Get the values from the binding coresponding to the model if such exists.
See also: lithium\security\auth\adapter\Form::check
protected _data ( array $data ) : array
$data array The array of raw form data.
return array Original or sub array of the form data.

_filters() protected method

Iterates over the filters configured in $_filters which are applied to submitted form data _before_ it is used in the query.
See also: lithium\security\auth\adapter\Form::$_filters
protected _filters ( array $data ) : array
$data array The array of raw form data to be filtered.
return array Callback result.

_init() protected method

Initializes values configured in the constructor.
protected _init ( ) : void
return void

_validate() protected method

After an authentication query against the configured model class has occurred, this method iterates over the configured validators and checks each one by passing the submitted form value as the first parameter, and the corresponding database value as the second. The validator then returns a boolean to indicate success. If the validator fails, it will cause the entire authentication operation to fail. Note that any filters applied to a form field will affect the data passed to the validator.
See also: lithium\security\auth\adapter\Form::__construct()
See also: lithium\security\auth\adapter\Form::$_validators
protected _validate ( object $user, array $data ) : array
$user object The user object returned from the database. This object must support a `data()` method, which returns the object's array representation, and also returns individual field values by name.
$data array The form data submitted in the request and passed to `Form::check()`.
return array Returns an array of authenticated user data on success, otherwise `false` if any of the configured validators fails. See `'validators'` in the `$config` parameter of `__construct()`.

check() public method

Called by the Auth class to run an authentication check against a model class using the credentials in a data container (a Request object), and returns an array of user information on success, or false on failure.
public check ( object $credentials, array $options = [] ) : array
$credentials object A data container which wraps the authentication credentials used to query the model (usually a `Request` object). See the documentation for this class for further details.
$options array Additional configuration options. Not currently implemented in this adapter.
return array Returns an array containing user information on success, or `false` on failure.

clear() public method

Called by Auth when a user session is terminated. Not implemented in the Form adapter.
public clear ( array $options = [] ) : void
$options array Adapter-specific options. Not implemented in the `Form` adapter.
return void

set() public method

A pass-through method called by Auth. Returns the value of $data, which is written to a user's session. When implementing a custom adapter, this method may be used to modify or reject data before it is written to the session.
public set ( array $data, array $options = [] ) : array
$data array User data to be written to the session.
$options array Adapter-specific options. Not implemented in the `Form` adapter.
return array Returns the value of `$data`.

Property Details

$_autoConfig protected_oe property

List of configuration properties to automatically assign to the properties of the adapter when the class is constructed.
protected array $_autoConfig
return array

$_fields protected_oe property

This can either be a simple array of field names, or a set of key/value pairs, which map the field names in the request to database field names. For example, if you had a form field name username, which mapped to a database field named username, you could use the following in the 'fields' configuration: embed:lithium\tests\cases\security\auth\adapter\FormTest::testMixedFieldMapping(3-3) This is especially relevant for document databases, where you may want to map a form field to a nested document field: 'fields' => array('username' => 'login.username', 'password'),
protected array $_fields
return array

$_filters protected_oe property

Optionally, you can specify a callback with no key, which will receive (and can modify) the entire credentials array before the query is executed, as in the following example: Auth::config(array( 'members' => array( 'adapter' => 'Form', 'model' => 'Member', 'fields' => array('email', 'password'), 'filters' => array(function($data) { If the user is outside the company, then their account must have the 'private' field set to true in order to log in: if (!preg_match('/@mycompany\.com$/', $data['email'])) { $data['private'] = true; } return $data; }) ) ));
See also: lithium\security\auth\adapter\Form::$_fields
protected array $_filters
return array

$_model protected_oe property

'Users'), or a fully-namespaced class reference (i.e. 'app\models\Users'). When authenticating users, the magic first() method is invoked against the model to return the first record found when combining the conditions in the $_scope property with the authentication data yielded from the Request object in Form::check(). (Note that the model method called is configurable using the $_query property).
See also: lithium\security\auth\adapter\Form::$_query
protected string $_model
return string

$_query protected_oe property

If you require custom model logic in your authentication query, use this setting to specify which model method to call, and this method will receive the authentication query. In return, the Form adapter expects a Record object which implements the data() method. See the constructor for more information on setting this property. Defaults to 'first', which calls, for example, Users::first().
See also: lithium\security\auth\adapter\Form::__construct()
See also: lithium\data\entity\Record::data()
protected string $_query
return string

$_scope protected_oe property

array('active' => true) to disallow authenticating against inactive user accounts.
protected array $_scope
return array

$_validators protected_oe property

An array of callbacks, keyed by form field name, which make an assertion about a piece of submitted form data. Each validator should accept the value of the form field submitted (which will be modified by any applied filters), and return a boolean value indicating the success of the validation. If a validator is specified with no key, it will receive all form data and all database data. See the _validate() method for more information.
See also: lithium\security\auth\adapter\Form::_validate()
protected array $_validators
return array