PHP Class Auth_Basic, atk4

$auth=$this->add('Auth'); $auth->usePasswordEncryption(); $auth->setModel('User'); $auth->check(); Auth accessible from anywhere through $this->api->auth; Auth has several extensions, enable them like this: $auth->add('auth/Controller_DummyPopup'); // allows you to pick user from list and bypass password $auth->add('auth/Controller_Cookie'); // adds "remember me" checkbox See documentation on "auth" add-on for more information http://agiletoolkit.org/a/auth
Inheritance: extends AbstractController
Afficher le fichier Open project: atk4/atk4

Méthodes publiques

Свойство Type Description
$app App_Frontend
$form Form If you are willing to change the way form looks, create it prior to calling check(). Your form must have compatible field names: "username" and "password".
$hash_algo Encyption algorithm
$hash_options Encryption algorithm options
$info array | boolean This property can be accessed through $this->get() and should not be changed after authentication.
$login_field Login field name in model
$login_layout_class Layout class
$password_field Password field name in model

Protected Properties

Свойство Type Description
$allowed_pages Array of allowed page names
$password_encryption Which encryption to use. Few are built-in

Méthodes publiques

Méthode Description
addEncryptionHook ( Model $model ) Adds a hook to specified model which will encrypt password before save.
addInfo ( string | array $key, mixed $val = null ) Add additional info to be stored in user session.
allow ( string | array $user, string $pass = null ) Configure this Auth controller with a generic Model based on static collection of user/password combinations. Use this method if you only want one or few accounts to access the system.
allowPage ( string | array $page ) Specify page or array of pages which will exclude authentication. Add your registration page here or page containing terms and conditions.
check ( ) : boolean Call this function to perform a check for logged in user. This will also display a login-form and will verify user's credential. If you want to handle log-in form on your own, use auth->isLoggedIn() to check and redirect user to a login page.
createForm ( Page $page ) : Form Creates log-in form.
destroy ( ) Destroy object
encryptPassword ( string $password, string $salt = null ) : string | boolean Manually encrypt password
get ( string $property = null, mixed $default = null ) : mixed Auth memorizes data about a logged-in user in session. You can either use this function to access that data or $auth->model (preferred) $auth->get('username') will always point to the login field value ofthe user regardless of how your field is named.
getAll ( ) : array Return array of all authenticated session info
getAllowedPages ( ) : array Return array of all allowed page names
getURL ( ) : string Return originalally requested URL.
init ( )
isLoggedIn ( ) : boolean This function determines - if user is already logged in or not. It does it by looking at $this->info, which was loaded during init() from session.
isPageAllowed ( string $page ) : boolean Verifies if the specified page is allowed to be accessed without authentication.
loggedIn ( string $user = null, string $pass = null ) This function is always executed after successfull login through a normal means (login form or plugin).
login ( string $user ) Manually Log in as specified users by using login name.
loginBy ( string $field, mixed $value ) Manually Log in with specified condition.
loginByID ( mixed $id ) Manually Log in as specified users. Will not perform password check or redirect.
loginRedirect ( ) Rederect to page user tried to access before authentication was requested.
logout ( ) Manually log out user.
memorizeModel ( ) Store model in session data so that it can be retrieved faster.
memorizeURL ( ) Memorize current URL. Called when the first unsuccessful check is executed.
processLogin ( ) Do not override this function.
setModel ( string | object $model, string $login_field = 'email', string $password_field = 'password' ) : Model Associate model with authentication class. Username / password check will be performed against the model in the following steps: Model will attempt to load record where login_field matches specified. Password is then loaded and verified using configured encryption method.
showLoginForm ( ) : Page Do not override this function.
usePasswordEncryption ( string | callable $method = 'php' ) Specifies how password will be encrypted when stored. It's recommended that you do not specify encryption method, in which case a built-in password_hash() will be used, which is defined by PHP.
verifyCredentials ( string $user, string $password ) : mixed This function verifies credibility of supplied authenication data.

Method Details

addEncryptionHook() public méthode

This method will be applied on $this->model, so you should not call it manually. You can call it on a fresh model, however.
public addEncryptionHook ( Model $model )
$model Model

addInfo() public méthode

Add additional info to be stored in user session.
public addInfo ( string | array $key, mixed $val = null )
$key string | array
$val mixed

allow() public méthode

Configure this Auth controller with a generic Model based on static collection of user/password combinations. Use this method if you only want one or few accounts to access the system.
public allow ( string | array $user, string $pass = null )
$user string | array Either string username or associative array with data
$pass string Password if username is string

allowPage() public méthode

Specify page or array of pages which will exclude authentication. Add your registration page here or page containing terms and conditions.
public allowPage ( string | array $page )
$page string | array

check() public méthode

check() returns true if user have just logged in and will return "null" for requests when user continues to use his session. Use that to perform some calculation on log-in
public check ( ) : boolean
Résultat boolean

createForm() public méthode

Override if you want to use your own form. If you need to change template used by a log-in form, add template/default/page/login.html.
public createForm ( Page $page ) : Form
$page Page
Résultat Form

destroy() public méthode

Destroy object
public destroy ( )

encryptPassword() public méthode

Manually encrypt password
public encryptPassword ( string $password, string $salt = null ) : string | boolean
$password string
$salt string
Résultat string | boolean Returns false on failure, encrypted string otherwise

get() public méthode

Auth memorizes data about a logged-in user in session. You can either use this function to access that data or $auth->model (preferred) $auth->get('username') will always point to the login field value ofthe user regardless of how your field is named.
public get ( string $property = null, mixed $default = null ) : mixed
$property string
$default mixed
Résultat mixed

getAll() public méthode

Return array of all authenticated session info
public getAll ( ) : array
Résultat array

getAllowedPages() public méthode

Return array of all allowed page names
public getAllowedPages ( ) : array
Résultat array

getURL() public méthode

Return originalally requested URL.
public getURL ( ) : string
Résultat string

init() public méthode

public init ( )

isLoggedIn() public méthode

This function determines - if user is already logged in or not. It does it by looking at $this->info, which was loaded during init() from session.
public isLoggedIn ( ) : boolean
Résultat boolean

isPageAllowed() public méthode

Verifies if the specified page is allowed to be accessed without authentication.
public isPageAllowed ( string $page ) : boolean
$page string
Résultat boolean

loggedIn() public méthode

It will create cache model data.
public loggedIn ( string $user = null, string $pass = null )
$user string
$pass string

login() public méthode

Manually Log in as specified users by using login name.
public login ( string $user )
$user string

loginBy() public méthode

Manually Log in with specified condition.
public loginBy ( string $field, mixed $value )
$field string
$value mixed

loginByID() public méthode

Manually Log in as specified users. Will not perform password check or redirect.
public loginByID ( mixed $id )
$id mixed

loginRedirect() public méthode

Rederect to page user tried to access before authentication was requested.
public loginRedirect ( )

logout() public méthode

Manually log out user.
public logout ( )

memorizeModel() public méthode

Store model in session data so that it can be retrieved faster.
public memorizeModel ( )

memorizeURL() public méthode

Memorize current URL. Called when the first unsuccessful check is executed.
public memorizeURL ( )

processLogin() public méthode

Do not override this function.
public processLogin ( )

setModel() public méthode

Associate model with authentication class. Username / password check will be performed against the model in the following steps: Model will attempt to load record where login_field matches specified. Password is then loaded and verified using configured encryption method.
public setModel ( string | object $model, string $login_field = 'email', string $password_field = 'password' ) : Model
$model string | object
$login_field string
$password_field string
Résultat Model

showLoginForm() public méthode

Do not override this function.
public showLoginForm ( ) : Page
Résultat Page

usePasswordEncryption() public méthode

Some other values are "sha256/salt", "md5", "rot13". Note that if your application is already using 'md5' or 'sha1', you can remove the argument entirely and your user passwords will keep working and will automatically be "upgraded" to password_hash when used. If you are having trouble with authentication, use auth->debug()
public usePasswordEncryption ( string | callable $method = 'php' )
$method string | callable

verifyCredentials() public méthode

It will search based on user and verify the password. It's also possible that the function will re-hash user password with updated hash. if default authentication method is used, the function will automatically determine hash used for password generation and will upgrade to a new php5.5-compatible syntax. This function return false OR the id of the record matching user.
public verifyCredentials ( string $user, string $password ) : mixed
$user string
$password string
Résultat mixed

Property Details

$allowed_pages protected_oe property

Array of allowed page names
protected $allowed_pages

$app public_oe property

public App_Frontend $app
Résultat App_Frontend

$form public_oe property

If you are willing to change the way form looks, create it prior to calling check(). Your form must have compatible field names: "username" and "password".
public Form $form
Résultat Form

$hash_algo public_oe property

Encyption algorithm
public $hash_algo

$hash_options public_oe property

Encryption algorithm options
public $hash_options

$info public_oe property

This property can be accessed through $this->get() and should not be changed after authentication.
public array|bool $info
Résultat array | boolean

$login_field public_oe property

Login field name in model
public $login_field

$login_layout_class public_oe property

Layout class
public $login_layout_class

$password_encryption protected_oe property

Which encryption to use. Few are built-in
protected $password_encryption

$password_field public_oe property

Password field name in model
public $password_field