PHP Class Webiny\Component\Security\Authentication\Firewall

The firewall class check if users is authenticated and holds the methods for authentication.
Inheritance: use trait Webiny\Component\Http\HttpTrait, use trait Webiny\Component\StdLib\StdLibTrait, use trait Webiny\Component\StdLib\FactoryLoaderTrait, use trait Webiny\Component\EventManager\EventManagerTrait
Mostrar archivo Open project: Webiny/Framework Class Usage Examples

Public Methods

Method Description
__construct ( string $firewallKey, ConfigObject $firewallConfig, array $userProviders, Encoder $encoder ) Constructor.
createPasswordHash ( string $password ) : string Create a hash for the given password.
getAnonymousAccess ( ) : boolean Check if anonymous access is allowed or not.
getConfig ( ) : ConfigObject Get config for current firewall.
getFirewallKey ( ) : string Returns the name of the current firewall. Don't mistake it for realm name.
getRealmName ( ) : string Get realm name.
getToken ( ) : Token Get the current token.
getUser ( ) : boolean | AbstractUser Tries to retrieve the user from current token.
isUserAllowedAccess ( ) : boolean Checks if current user has access to current area based by access rules.
processLogin ( string $authProvider = '' ) : boolean Call this method on your login submit page, it will trigger the authentication provider and validate the provided credentials.
processLogout ( ) This method deletes user auth token and calls the logoutCallback on current login provider.
verifyPasswordHash ( string $password, string $hash ) : boolean Verify if the $password matches the $hash.

Private Methods

Method Description
authenticate ( Login $login ) : boolean | AbstractUser Method that validates the submitted credentials with defined firewall user providers.
getAuthProvider ( string $authProvider ) : Webiny\Component\Security\Authentication\Providers\AuthenticationInterface Get the authentication provider.
getAuthProviderConfig ( string $authProvider ) : ConfigObject Returns the config of current auth provider.
getTokenName ( ) : string Returns the token name.
initRoleHierarchy ( ) Initializes role hierarchy.
initToken ( ) Initializes the Token.
setUserRoles ( ) Sets roles for current user.

Method Details

__construct() public method

Constructor.
public __construct ( string $firewallKey, ConfigObject $firewallConfig, array $userProviders, Encoder $encoder )
$firewallKey string Name of the current firewall.
$firewallConfig Webiny\Component\Config\ConfigObject Firewall config.
$userProviders array Array of user providers for this firewall.
$encoder Webiny\Component\Security\Encoder\Encoder Instance of encoder for this firewall.

createPasswordHash() public method

Create a hash for the given password.
public createPasswordHash ( string $password ) : string
$password string
return string Password hash.

getAnonymousAccess() public method

If anonymous access is not defined in the config, by default it will be set to false.
public getAnonymousAccess ( ) : boolean
return boolean Is anonymous access allowed or not.

getConfig() public method

Get config for current firewall.
public getConfig ( ) : ConfigObject
return Webiny\Component\Config\ConfigObject

getFirewallKey() public method

Returns the name of the current firewall. Don't mistake it for realm name.
public getFirewallKey ( ) : string
return string

getRealmName() public method

Get realm name.
public getRealmName ( ) : string
return string Realm name.

getToken() public method

Get the current token.
public getToken ( ) : Token
return Webiny\Component\Security\Token\Token

getUser() public method

If the token does not exist, AnonymousUser is returned.
public getUser ( ) : boolean | AbstractUser
return boolean | Webiny\Component\Security\User\AbstractUser

isUserAllowedAccess() public method

Checks if current user has access to current area based by access rules.
public isUserAllowedAccess ( ) : boolean
return boolean

processLogin() public method

Call this method on your login submit page, it will trigger the authentication provider and validate the provided credentials.
public processLogin ( string $authProvider = '' ) : boolean
$authProvider string Name of the auth provider you wish to use to process the login. If you don't set it, the first registered provider will be used.
return boolean True if login is valid, false if login has failed.

processLogout() public method

After that, it replaces the current user instance with an instance of AnonymousUser and redirects the request to the logout.target.
public processLogout ( )

verifyPasswordHash() public method

Verify if the $password matches the $hash.
public verifyPasswordHash ( string $password, string $hash ) : boolean
$password string
$hash string
return boolean True if $password matches $hash. Otherwise false is returned.