• Home
  • RESTfulAPI_TokenAuthenticator

PHP Class RESTfulAPI_TokenAuthenticator

Author: Thierry Francois @colymba [email protected]
Inheritance: implements RESTfulAPI_Authenticator
ファイルを表示 Open project: colymba/silverstripe-restfulapi

Protected Properties

Property Type Description
$tokenConfig array ...

Public Methods

Method Description
__construct ( ) Instanciation + config aquisition
authenticate ( SS_HTTPRequest $request ) : true | RESTfulAPI_Error Checks if a request to the API is authenticated Gets API Token from HTTP Request and return Auth result
getOwner ( SS_HTTPRequest $request ) : null | DataObject Returns the DataObject related to the token that sent the authenticated request
getToken ( integer $id ) : string Return the stored API token for a specific owner
login ( SS_HTTPRequest $request ) : array Login a user into the Framework and generates API token Only works if the token owner is a Member
logout ( SS_HTTPRequest $request ) Logout a user from framework and update token with an expired one if token owner class is a Member
lostPassword ( SS_HTTPRequest $request ) : array Sends password recovery email
resetToken ( integer $id, boolean $expired = false ) Reset an owner's token if $expired is set to true the owner's will have a new invalidated/expired token

Private Methods

Method Description
generateToken ( boolean $expired = false ) : array Generates an encrypted random token and an expiry date
validateAPIToken ( string $token ) : true | RESTfulAPI_Error Validate the API token

Method Details

__construct() public method

Instanciation + config aquisition
public __construct ( )

authenticate() public method

Checks if a request to the API is authenticated Gets API Token from HTTP Request and return Auth result
public authenticate ( SS_HTTPRequest $request ) : true | RESTfulAPI_Error
$request SS_HTTPRequest HTTP API request
return true | RESTfulAPI_Error True if token is valid OR RESTfulAPI_Error with details

getOwner() public method

Returns the DataObject related to the token that sent the authenticated request
public getOwner ( SS_HTTPRequest $request ) : null | DataObject
$request SS_HTTPRequest HTTP API request
return null | DataObject null if failed or the DataObject token owner related to the request

getToken() public method

Return the stored API token for a specific owner
public getToken ( integer $id ) : string
$id integer ID of the token owner
return string API token for the owner

login() public method

Login a user into the Framework and generates API token Only works if the token owner is a Member
public login ( SS_HTTPRequest $request ) : array
$request SS_HTTPRequest HTTP request containing 'email' & 'pwd' vars
return array login result with token

logout() public method

Logout a user from framework and update token with an expired one if token owner class is a Member
public logout ( SS_HTTPRequest $request )
$request SS_HTTPRequest HTTP request containing 'email' var

lostPassword() public method

Sends password recovery email
public lostPassword ( SS_HTTPRequest $request ) : array
$request SS_HTTPRequest HTTP request containing 'email' vars
return array 'email' => false if email fails (Member doesn't exist will not be reported)

resetToken() public method

Reset an owner's token if $expired is set to true the owner's will have a new invalidated/expired token
public resetToken ( integer $id, boolean $expired = false )
$id integer ID of the token owner
$expired boolean if true the token will be invalidated

Property Details

$tokenConfig protected_oe property

...
protected array $tokenConfig
return array