PHP Class Bolt\AccessControl\AccessChecker

Author: Gawain Lynch ([email protected])

Afficher le fichier Open project: bolt/bolt Class Usage Examples

Protected Properties

Свойство	Type	Description
$cookieOptions	array
$dispatcher	Symfony\Component\EventDispatcher\EventDispatcherInterface
$flashLogger	Bolt\Logger\FlashLoggerInterface
$permissions	Bolt\AccessControl\Permissions
$randomGenerator	Bolt\Security\Random\Generator
$requestStack	Symfony\Component\HttpFoundation\RequestStack
$session	Symfony\Component\HttpFoundation\Session\SessionInterface
$systemLogger	Psr\Log\LoggerInterface
$validSession	boolean

Méthodes publiques

Méthode	Description
__construct ( Bolt\Storage\EntityManagerInterface $em, Symfony\Component\HttpFoundation\RequestStack $requestStack, Symfony\Component\HttpFoundation\Session\SessionInterface $session, Symfony\Component\EventDispatcher\EventDispatcherInterface $dispatcher, Bolt\Logger\FlashLoggerInterface $flashLogger, Psr\Log\LoggerInterface $systemLogger, Bolt\AccessControl\Permissions $permissions, Generator $randomGenerator, array $cookieOptions )	Constructor.
getActiveSessions ( ) : array	Lookup active sessions.
isValidSession ( string $authCookie ) : boolean	We will not allow tampering with sessions, so we make sure the current session is still valid for the device on which it was created, and that the username, and IP address, are still the same.
revokeSession ( ) : boolean	Log out the currently logged in user.

Méthodes protégées

Méthode	Description
checkSessionDatabase ( string $authCookie ) : boolean	Check the user authentication cookie against what is stored in the database.
checkSessionKeys ( Token $sessionAuth ) : boolean	Check the session is still valid for the device on which it was created, and. i.e. the username, IP address, and (if configured) the browser agent values are all still the same.
checkSessionStored ( Token $sessionAuth ) : boolean	Check the stored session, if we're past expiry then return false regardless and force a check/update from the database authentication record.
getAuthToken ( string $username, string $salt ) : string \| boolean	Get a MD5 hash key to identify the session with. This is calculated from a name, a salt, and optionally the remote IP address, broswer's agent string and the user's HTTP hostname.
getClientHost ( ) : string	Return the user's host name.
getClientIp ( ) : string	Return the user's IP address.
getClientUserAgent ( ) : string	Return the user's browser User Agent.
getRepositoryAuthtoken ( ) : Bolt\Storage\Repository\AuthtokenRepository
getRepositoryUsers ( ) : UsersRepository

Method Details

__construct() public méthode

Constructor.

public __construct ( Bolt\Storage\EntityManagerInterface $em, Symfony\Component\HttpFoundation\RequestStack $requestStack, Symfony\Component\HttpFoundation\Session\SessionInterface $session, Symfony\Component\EventDispatcher\EventDispatcherInterface $dispatcher, Bolt\Logger\FlashLoggerInterface $flashLogger, Psr\Log\LoggerInterface $systemLogger, Bolt\AccessControl\Permissions $permissions, Generator $randomGenerator, array $cookieOptions )
$em	Bolt\Storage\EntityManagerInterface
$requestStack	Symfony\Component\HttpFoundation\RequestStack
$session	Symfony\Component\HttpFoundation\Session\SessionInterface
$dispatcher	Symfony\Component\EventDispatcher\EventDispatcherInterface
$flashLogger	Bolt\Logger\FlashLoggerInterface
$systemLogger	Psr\Log\LoggerInterface
$permissions	Bolt\AccessControl\Permissions
$randomGenerator	Bolt\Security\Random\Generator
$cookieOptions	array

checkSessionDatabase() protected méthode

Check the user authentication cookie against what is stored in the database.

protected checkSessionDatabase ( string $authCookie ) : boolean
$authCookie	string
Résultat	boolean

checkSessionKeys() protected méthode

Check the session is still valid for the device on which it was created, and. i.e. the username, IP address, and (if configured) the browser agent values are all still the same.

protected checkSessionKeys ( Token $sessionAuth ) : boolean
$sessionAuth	Bolt\AccessControl\Token\Token
Résultat	boolean

checkSessionStored() protected méthode

Check the stored session, if we're past expiry then return false regardless and force a check/update from the database authentication record.

protected checkSessionStored ( Token $sessionAuth ) : boolean
$sessionAuth	Bolt\AccessControl\Token\Token
Résultat	boolean

getActiveSessions() public méthode

Lookup active sessions.

public getActiveSessions ( ) : array
Résultat	array

getAuthToken() protected méthode

Get a MD5 hash key to identify the session with. This is calculated from a name, a salt, and optionally the remote IP address, broswer's agent string and the user's HTTP hostname.

protected getAuthToken ( string $username, string $salt ) : string \| boolean
$username	string
$salt	string
Résultat	string \| boolean

getClientHost() protected méthode

Return the user's host name.

protected getClientHost ( ) : string
Résultat	string

getClientIp() protected méthode

Return the user's IP address.

protected getClientIp ( ) : string
Résultat	string

getClientUserAgent() protected méthode

Return the user's browser User Agent.

protected getClientUserAgent ( ) : string
Résultat	string

getRepositoryAuthtoken() protected méthode

protected getRepositoryAuthtoken ( ) : Bolt\Storage\Repository\AuthtokenRepository
Résultat	Bolt\Storage\Repository\AuthtokenRepository

getRepositoryUsers() protected méthode

protected getRepositoryUsers ( ) : UsersRepository
Résultat	Bolt\Storage\Repository\UsersRepository

isValidSession() public méthode

1. If user has a valid session and it is fresh, check against cookie: - If NOT a match refuse - If a match accept 2. If user has a valid session and it is stale (>10 minutes), check the database records again: - If disabled refuse - If enabled - If NOT a match refuse - If a match accept - Update session data 3. If user has no session check authtoken table entry (closed broswer): - If passed validity date refuse - If within validity date, hash username and IP against salt and compare to database: - If NOT a match refuse - If a match accept

public isValidSession ( string $authCookie ) : boolean
$authCookie	string
Résultat	boolean

revokeSession() public méthode

Log out the currently logged in user.

public revokeSession ( ) : boolean
Résultat	boolean

Property Details

$cookieOptions protected_oe property

protected array $cookieOptions
Résultat	array

$dispatcher protected_oe property

protected EventDispatcherInterface,Symfony\Component\EventDispatcher $dispatcher
Résultat	Symfony\Component\EventDispatcher\EventDispatcherInterface

$flashLogger protected_oe property

protected FlashLoggerInterface,Bolt\Logger $flashLogger
Résultat	Bolt\Logger\FlashLoggerInterface

$permissions protected_oe property

protected Permissions,Bolt\AccessControl $permissions
Résultat	Bolt\AccessControl\Permissions

$randomGenerator protected_oe property

protected Generator,Bolt\Security\Random $randomGenerator
Résultat	Bolt\Security\Random\Generator

$requestStack protected_oe property

protected RequestStack,Symfony\Component\HttpFoundation $requestStack
Résultat	Symfony\Component\HttpFoundation\RequestStack

$session protected_oe property

protected SessionInterface,Symfony\Component\HttpFoundation\Session $session
Résultat	Symfony\Component\HttpFoundation\Session\SessionInterface

$systemLogger protected_oe property

protected LoggerInterface,Psr\Log $systemLogger
Résultat	Psr\Log\LoggerInterface

$validSession protected_oe property

protected bool $validSession
Résultat	boolean