PHP Class Auth_Basic, atk4

$auth=$this->add('Auth'); $auth->usePasswordEncryption(); $auth->setModel('User'); $auth->check(); Auth accessible from anywhere through $this->api->auth; Auth has several extensions, enable them like this: $auth->add('auth/Controller_DummyPopup'); // allows you to pick user from list and bypass password $auth->add('auth/Controller_Cookie'); // adds "remember me" checkbox See documentation on "auth" add-on for more information http://agiletoolkit.org/a/auth
Inheritance: extends AbstractController
Mostra file Open project: atk4/atk4

Public Properties

Property Type Description
$app App_Frontend
$form Form If you are willing to change the way form looks, create it prior to calling check(). Your form must have compatible field names: "username" and "password".
$hash_algo Encyption algorithm
$hash_options Encryption algorithm options
$info array | boolean This property can be accessed through $this->get() and should not be changed after authentication.
$login_field Login field name in model
$login_layout_class Layout class
$password_field Password field name in model

Protected Properties

Property Type Description
$allowed_pages Array of allowed page names
$password_encryption Which encryption to use. Few are built-in

Public Methods

Method Description
addEncryptionHook ( Model $model ) Adds a hook to specified model which will encrypt password before save.
addInfo ( string | array $key, mixed $val = null ) Add additional info to be stored in user session.
allow ( string | array $user, string $pass = null ) Configure this Auth controller with a generic Model based on static collection of user/password combinations. Use this method if you only want one or few accounts to access the system.
allowPage ( string | array $page ) Specify page or array of pages which will exclude authentication. Add your registration page here or page containing terms and conditions.
check ( ) : boolean Call this function to perform a check for logged in user. This will also display a login-form and will verify user's credential. If you want to handle log-in form on your own, use auth->isLoggedIn() to check and redirect user to a login page.
createForm ( Page $page ) : Form Creates log-in form.
destroy ( ) Destroy object
encryptPassword ( string $password, string $salt = null ) : string | boolean Manually encrypt password
get ( string $property = null, mixed $default = null ) : mixed Auth memorizes data about a logged-in user in session. You can either use this function to access that data or $auth->model (preferred) $auth->get('username') will always point to the login field value ofthe user regardless of how your field is named.
getAll ( ) : array Return array of all authenticated session info
getAllowedPages ( ) : array Return array of all allowed page names
getURL ( ) : string Return originalally requested URL.
init ( )
isLoggedIn ( ) : boolean This function determines - if user is already logged in or not. It does it by looking at $this->info, which was loaded during init() from session.
isPageAllowed ( string $page ) : boolean Verifies if the specified page is allowed to be accessed without authentication.
loggedIn ( string $user = null, string $pass = null ) This function is always executed after successfull login through a normal means (login form or plugin).
login ( string $user ) Manually Log in as specified users by using login name.
loginBy ( string $field, mixed $value ) Manually Log in with specified condition.
loginByID ( mixed $id ) Manually Log in as specified users. Will not perform password check or redirect.
loginRedirect ( ) Rederect to page user tried to access before authentication was requested.
logout ( ) Manually log out user.
memorizeModel ( ) Store model in session data so that it can be retrieved faster.
memorizeURL ( ) Memorize current URL. Called when the first unsuccessful check is executed.
processLogin ( ) Do not override this function.
setModel ( string | object $model, string $login_field = 'email', string $password_field = 'password' ) : Model Associate model with authentication class. Username / password check will be performed against the model in the following steps: Model will attempt to load record where login_field matches specified. Password is then loaded and verified using configured encryption method.
showLoginForm ( ) : Page Do not override this function.
usePasswordEncryption ( string | callable $method = 'php' ) Specifies how password will be encrypted when stored. It's recommended that you do not specify encryption method, in which case a built-in password_hash() will be used, which is defined by PHP.
verifyCredentials ( string $user, string $password ) : mixed This function verifies credibility of supplied authenication data.

Method Details

addEncryptionHook() public method

This method will be applied on $this->model, so you should not call it manually. You can call it on a fresh model, however.
public addEncryptionHook ( Model $model )
$model Model

addInfo() public method

Add additional info to be stored in user session.
public addInfo ( string | array $key, mixed $val = null )
$key string | array
$val mixed

allow() public method

Configure this Auth controller with a generic Model based on static collection of user/password combinations. Use this method if you only want one or few accounts to access the system.
public allow ( string | array $user, string $pass = null )
$user string | array Either string username or associative array with data
$pass string Password if username is string

allowPage() public method

Specify page or array of pages which will exclude authentication. Add your registration page here or page containing terms and conditions.
public allowPage ( string | array $page )
$page string | array

check() public method

check() returns true if user have just logged in and will return "null" for requests when user continues to use his session. Use that to perform some calculation on log-in
public check ( ) : boolean
return boolean

createForm() public method

Override if you want to use your own form. If you need to change template used by a log-in form, add template/default/page/login.html.
public createForm ( Page $page ) : Form
$page Page
return Form

destroy() public method

Destroy object
public destroy ( )

encryptPassword() public method

Manually encrypt password
public encryptPassword ( string $password, string $salt = null ) : string | boolean
$password string
$salt string
return string | boolean Returns false on failure, encrypted string otherwise

get() public method

Auth memorizes data about a logged-in user in session. You can either use this function to access that data or $auth->model (preferred) $auth->get('username') will always point to the login field value ofthe user regardless of how your field is named.
public get ( string $property = null, mixed $default = null ) : mixed
$property string
$default mixed
return mixed

getAll() public method

Return array of all authenticated session info
public getAll ( ) : array
return array

getAllowedPages() public method

Return array of all allowed page names
public getAllowedPages ( ) : array
return array

getURL() public method

Return originalally requested URL.
public getURL ( ) : string
return string

init() public method

public init ( )

isLoggedIn() public method

This function determines - if user is already logged in or not. It does it by looking at $this->info, which was loaded during init() from session.
public isLoggedIn ( ) : boolean
return boolean

isPageAllowed() public method

Verifies if the specified page is allowed to be accessed without authentication.
public isPageAllowed ( string $page ) : boolean
$page string
return boolean

loggedIn() public method

It will create cache model data.
public loggedIn ( string $user = null, string $pass = null )
$user string
$pass string

login() public method

Manually Log in as specified users by using login name.
public login ( string $user )
$user string

loginBy() public method

Manually Log in with specified condition.
public loginBy ( string $field, mixed $value )
$field string
$value mixed

loginByID() public method

Manually Log in as specified users. Will not perform password check or redirect.
public loginByID ( mixed $id )
$id mixed

loginRedirect() public method

Rederect to page user tried to access before authentication was requested.
public loginRedirect ( )

logout() public method

Manually log out user.
public logout ( )

memorizeModel() public method

Store model in session data so that it can be retrieved faster.
public memorizeModel ( )

memorizeURL() public method

Memorize current URL. Called when the first unsuccessful check is executed.
public memorizeURL ( )

processLogin() public method

Do not override this function.
public processLogin ( )

setModel() public method

Associate model with authentication class. Username / password check will be performed against the model in the following steps: Model will attempt to load record where login_field matches specified. Password is then loaded and verified using configured encryption method.
public setModel ( string | object $model, string $login_field = 'email', string $password_field = 'password' ) : Model
$model string | object
$login_field string
$password_field string
return Model

showLoginForm() public method

Do not override this function.
public showLoginForm ( ) : Page
return Page

usePasswordEncryption() public method

Some other values are "sha256/salt", "md5", "rot13". Note that if your application is already using 'md5' or 'sha1', you can remove the argument entirely and your user passwords will keep working and will automatically be "upgraded" to password_hash when used. If you are having trouble with authentication, use auth->debug()
public usePasswordEncryption ( string | callable $method = 'php' )
$method string | callable

verifyCredentials() public method

It will search based on user and verify the password. It's also possible that the function will re-hash user password with updated hash. if default authentication method is used, the function will automatically determine hash used for password generation and will upgrade to a new php5.5-compatible syntax. This function return false OR the id of the record matching user.
public verifyCredentials ( string $user, string $password ) : mixed
$user string
$password string
return mixed

Property Details

$allowed_pages protected_oe property

Array of allowed page names
protected $allowed_pages

$app public_oe property

public App_Frontend $app
return App_Frontend

$form public_oe property

If you are willing to change the way form looks, create it prior to calling check(). Your form must have compatible field names: "username" and "password".
public Form $form
return Form

$hash_algo public_oe property

Encyption algorithm
public $hash_algo

$hash_options public_oe property

Encryption algorithm options
public $hash_options

$info public_oe property

This property can be accessed through $this->get() and should not be changed after authentication.
public array|bool $info
return array | boolean

$login_field public_oe property

Login field name in model
public $login_field

$login_layout_class public_oe property

Layout class
public $login_layout_class

$password_encryption protected_oe property

Which encryption to use. Few are built-in
protected $password_encryption

$password_field public_oe property

Password field name in model
public $password_field