PHP Class Webiny\Component\Security\Authentication\Firewall

The firewall class check if users is authenticated and holds the methods for authentication.
Inheritance: use trait Webiny\Component\Http\HttpTrait, use trait Webiny\Component\StdLib\StdLibTrait, use trait Webiny\Component\StdLib\FactoryLoaderTrait, use trait Webiny\Component\EventManager\EventManagerTrait
Afficher le fichier Open project: Webiny/Framework Class Usage Examples

Méthodes publiques

Méthode Description
__construct ( string $firewallKey, ConfigObject $firewallConfig, array $userProviders, Encoder $encoder ) Constructor.
createPasswordHash ( string $password ) : string Create a hash for the given password.
getAnonymousAccess ( ) : boolean Check if anonymous access is allowed or not.
getConfig ( ) : ConfigObject Get config for current firewall.
getFirewallKey ( ) : string Returns the name of the current firewall. Don't mistake it for realm name.
getRealmName ( ) : string Get realm name.
getToken ( ) : Token Get the current token.
getUser ( ) : boolean | AbstractUser Tries to retrieve the user from current token.
isUserAllowedAccess ( ) : boolean Checks if current user has access to current area based by access rules.
processLogin ( string $authProvider = '' ) : boolean Call this method on your login submit page, it will trigger the authentication provider and validate the provided credentials.
processLogout ( ) This method deletes user auth token and calls the logoutCallback on current login provider.
verifyPasswordHash ( string $password, string $hash ) : boolean Verify if the $password matches the $hash.

Private Methods

Méthode Description
authenticate ( Login $login ) : boolean | AbstractUser Method that validates the submitted credentials with defined firewall user providers.
getAuthProvider ( string $authProvider ) : Webiny\Component\Security\Authentication\Providers\AuthenticationInterface Get the authentication provider.
getAuthProviderConfig ( string $authProvider ) : ConfigObject Returns the config of current auth provider.
getTokenName ( ) : string Returns the token name.
initRoleHierarchy ( ) Initializes role hierarchy.
initToken ( ) Initializes the Token.
setUserRoles ( ) Sets roles for current user.

Method Details

__construct() public méthode

Constructor.
public __construct ( string $firewallKey, ConfigObject $firewallConfig, array $userProviders, Encoder $encoder )
$firewallKey string Name of the current firewall.
$firewallConfig Webiny\Component\Config\ConfigObject Firewall config.
$userProviders array Array of user providers for this firewall.
$encoder Webiny\Component\Security\Encoder\Encoder Instance of encoder for this firewall.

createPasswordHash() public méthode

Create a hash for the given password.
public createPasswordHash ( string $password ) : string
$password string
Résultat string Password hash.

getAnonymousAccess() public méthode

If anonymous access is not defined in the config, by default it will be set to false.
public getAnonymousAccess ( ) : boolean
Résultat boolean Is anonymous access allowed or not.

getConfig() public méthode

Get config for current firewall.
public getConfig ( ) : ConfigObject
Résultat Webiny\Component\Config\ConfigObject

getFirewallKey() public méthode

Returns the name of the current firewall. Don't mistake it for realm name.
public getFirewallKey ( ) : string
Résultat string

getRealmName() public méthode

Get realm name.
public getRealmName ( ) : string
Résultat string Realm name.

getToken() public méthode

Get the current token.
public getToken ( ) : Token
Résultat Webiny\Component\Security\Token\Token

getUser() public méthode

If the token does not exist, AnonymousUser is returned.
public getUser ( ) : boolean | AbstractUser
Résultat boolean | Webiny\Component\Security\User\AbstractUser

isUserAllowedAccess() public méthode

Checks if current user has access to current area based by access rules.
public isUserAllowedAccess ( ) : boolean
Résultat boolean

processLogin() public méthode

Call this method on your login submit page, it will trigger the authentication provider and validate the provided credentials.
public processLogin ( string $authProvider = '' ) : boolean
$authProvider string Name of the auth provider you wish to use to process the login. If you don't set it, the first registered provider will be used.
Résultat boolean True if login is valid, false if login has failed.

processLogout() public méthode

After that, it replaces the current user instance with an instance of AnonymousUser and redirects the request to the logout.target.
public processLogout ( )

verifyPasswordHash() public méthode

Verify if the $password matches the $hash.
public verifyPasswordHash ( string $password, string $hash ) : boolean
$password string
$hash string
Résultat boolean True if $password matches $hash. Otherwise false is returned.