프로퍼티 | 타입 | 설명 | |
---|---|---|---|
$allowedActions | array | Controller actions for which user validation is not required. | |
$components | array | Other components utilized by AuthComponent | |
$request | Cake\Network\Request | Request object | |
$response | Response object | ||
$session | Instance of the Session object |
프로퍼티 | 타입 | 설명 | |
---|---|---|---|
$_authenticateObjects | Cake\Auth\BaseAuthenticate[] | Objects that will be used for authentication checks. | |
$_authenticationProvider | Cake\Auth\BaseAuthenticate | The instance of the Authenticate provider that was used for successfully logging in the current user after calling login() in the same request | |
$_authorizationProvider | Cake\Auth\BaseAuthorize | The instance of the Authorize provider that was used to grant access to the current user to the URL they are requesting. | |
$_authorizeObjects | Cake\Auth\BaseAuthorize[] | Objects that will be used for authorization checks. | |
$_defaultConfig | array | - authenticate - An array of authentication objects to use for authenticating users. You can configure multiple adapters and they will be checked sequentially when users are identified. $this->Auth->config('authenticate', [ 'Form' => [ 'userModel' => 'Users.Users' ] ]); Using the class name without 'Authenticate' as the key, you can pass in an array of config for each authentication object. Additionally you can define config that should be set to all authentications objects using the 'all' key: $this->Auth->config('authenticate', [ AuthComponent::ALL => [ 'userModel' => 'Users.Users', 'scope' => ['Users.active' => 1] ], 'Form', 'Basic' ]); - authorize - An array of authorization objects to use for authorizing users. You can configure multiple adapters and they will be checked sequentially when authorization checks are done. $this->Auth->config('authorize', [ 'Crud' => [ 'actionPath' => 'controllers/' ] ]); Using the class name without 'Authorize' as the key, you can pass in an array of config for each authorization object. Additionally you can define config that should be set to all authorization objects using the AuthComponent::ALL key: $this->Auth->config('authorize', [ AuthComponent::ALL => [ 'actionPath' => 'controllers/' ], 'Crud', 'CustomAuth' ]); - ~~ajaxLogin~~ - The name of an optional view element to render when an Ajax request is made with an invalid or expired session. **This option is deprecated since 3.3.6.** Your client side code should instead check for 403 status code and show appropriate login form. - flash - Settings to use when Auth needs to do a flash message with FlashComponent::set(). Available keys are: - key - The message domain to use for flashes generated by this component, defaults to 'auth'. - element - Flash element to use, defaults to 'default'. - params - The array of additional params to use, defaults to ['class' => 'error'] - loginAction - A URL (defined as a string or array) to the controller action that handles logins. Defaults to /users/login. - loginRedirect - Normally, if a user is redirected to the loginAction page, the location they were redirected from will be stored in the session so that they can be redirected back after a successful login. If this session value is not set, redirectUrl() method will return the URL specified in loginRedirect. - logoutRedirect - The default action to redirect to after the user is logged out. While AuthComponent does not handle post-logout redirection, a redirect URL will be returned from AuthComponent::logout(). Defaults to loginAction. - authError - Error to display when user attempts to access an object or action to which they do not have access. - unauthorizedRedirect - Controls handling of unauthorized access. - For default value true unauthorized user is redirected to the referrer URL or $loginRedirect or '/'. - If set to a string or array the value is used as a URL to redirect to. - If set to false a ForbiddenException exception is thrown instead of redirecting. - storage - Storage class to use for persisting user record. When using stateless authenticator you should set this to 'Memory'. Defaults to 'Session'. - checkAuthIn - Name of event for which initial auth checks should be done. Defaults to 'Controller.startup'. You can set it to 'Controller.initialize' if you want the check to be done before controller's beforeFilter() is run. | |
$_storage | Cake\Auth\Storage\StorageInterface | Storage object. |
메소드 | 설명 | |
---|---|---|
__get ( string $name ) : mixed | Magic accessor for backward compatibility for property $sessionKey. | |
__set ( string $name, mixed $value ) : void | Magic setter for backward compatibility for property $sessionKey. | |
allow ( string | array | null $actions = null ) : void | Takes a list of actions in the current controller for which authentication is not required, or no parameters to allow all actions. | |
authCheck ( Cake\Event\Event $event ) : |
Main execution method, handles initial authentication check and redirection of invalid users. | |
authenticationProvider ( ) : Cake\Auth\BaseAuthenticate | null | If login was called during this request and the user was successfully authenticated, this function will return the instance of the authentication object that was used for logging the user in. | |
authorizationProvider ( ) : Cake\Auth\BaseAuthorize | null | If there was any authorization processing for the current request, this function will return the instance of the Authorization object that granted access to the user to the current address. | |
constructAuthenticate ( ) : array | null | Loads the configured authentication objects. | |
constructAuthorize ( ) : array | null | Loads the authorization objects configured. | |
deny ( string | array | null $actions = null ) : void | Removes items from the list of allowed/no authentication required actions. | |
flash ( string $message ) : void | Set a flash message. Uses the Flash component with values from flash config. | |
getAuthenticate ( string $alias ) : Cake\Auth\BaseAuthenticate | null | Getter for authenticate objects. Will return a particular authenticate object. | |
getAuthorize ( string $alias ) : Cake\Auth\BaseAuthorize | null | Getter for authorize objects. Will return a particular authorize object. | |
identify ( ) : array | boolean | Use the configured authentication adapters, and attempt to identify the user by credentials contained in $request. | |
implementedEvents ( ) : array | Events supported by this component. | |
initialize ( array $config ) : void | Initialize properties. | |
isAuthorized ( array | ArrayAccess | null $user = null, Cake\Network\Request $request = null ) : boolean | Check if the provided user is authorized for the request. | |
logout ( ) : string | Log a user out. | |
redirectUrl ( string | array | null $url = null ) : string | Get the URL a user should be redirected to upon login. | |
setUser ( array | ArrayAccess $user ) : void | Set provided user info to storage as logged in user. | |
startup ( Cake\Event\Event $event ) : |
Callback for Controller.startup event. | |
storage ( Cake\Auth\Storage\StorageInterface $storage = null ) : Cake\Auth\Storage\StorageInterface | null | Get/set user record storage object. | |
user ( string | null $key = null ) : mixed | null | Get the current user from storage. |
메소드 | 설명 | |
---|---|---|
_getUser ( ) : boolean | Similar to AuthComponent::user() except if user is not found in configured storage, connected authentication objects will have their getUser() methods called. | |
_isAllowed ( |
Checks whether current action is accessible without authentication. | |
_isLoginAction ( |
Normalizes config loginAction and checks if current request URL is same as login action. | |
_setDefaults ( ) : void | Sets defaults for configs. | |
_unauthenticated ( |
Handles unauthenticated access attempt. First the unauthenticated() method of the last authenticator in the chain will be called. The authenticator can handle sending response or redirection as appropriate and return true to indicate no further action is necessary. If authenticator returns null this method redirects user to login action. If it's an AJAX request and config ajaxLogin is specified that element is rendered else a 403 HTTP status code is returned. | |
_unauthorized ( |
Handle unauthorized access attempt |
protected _isAllowed ( |
||
$controller | A reference to the instantiating controller object | |
리턴 | boolean | True if action is accessible without authentication else false |
protected _isLoginAction ( |
||
$controller | A reference to the controller object. | |
리턴 | boolean | True if current action is login action else false. |
protected _unauthenticated ( |
||
$controller | A reference to the controller object. | |
리턴 | Null if current action is login action else response object returned by authenticate object or Controller::redirect(). |
protected _unauthorized ( |
||
$controller | A reference to the controller object | |
리턴 |
public authenticationProvider ( ) : Cake\Auth\BaseAuthenticate | null | ||
리턴 | Cake\Auth\BaseAuthenticate | null |
public authorizationProvider ( ) : Cake\Auth\BaseAuthorize | null | ||
리턴 | Cake\Auth\BaseAuthorize | null |
public constructAuthenticate ( ) : array | null | ||
리턴 | array | null | The loaded authorization objects, or null on empty authenticate value. |
public constructAuthorize ( ) : array | null | ||
리턴 | array | null | The loaded authorization objects, or null when authorize is empty. |
public getAuthenticate ( string $alias ) : Cake\Auth\BaseAuthenticate | null | ||
$alias | string | Alias for the authenticate object |
리턴 | Cake\Auth\BaseAuthenticate | null |
public getAuthorize ( string $alias ) : Cake\Auth\BaseAuthorize | null | ||
$alias | string | Alias for the authorize object |
리턴 | Cake\Auth\BaseAuthorize | null |
public implementedEvents ( ) : array | ||
리턴 | array |
public initialize ( array $config ) : void | ||
$config | array | The config data. |
리턴 | void |
public isAuthorized ( array | ArrayAccess | null $user = null, Cake\Network\Request $request = null ) : boolean | ||
$user | array | ArrayAccess | null | The user to check the authorization of. If empty the user fetched from storage will be used. |
$request | Cake\Network\Request | The request to authenticate for. If empty, the current request will be used. |
리턴 | boolean | True if $user is authorized, otherwise false |
public setUser ( array | ArrayAccess $user ) : void | ||
$user | array | ArrayAccess | User data. |
리턴 | void |
protected BaseAuthenticate[],Cake\Auth $_authenticateObjects | ||
리턴 | Cake\Auth\BaseAuthenticate[] |
protected BaseAuthenticate,Cake\Auth $_authenticationProvider | ||
리턴 | Cake\Auth\BaseAuthenticate |
protected BaseAuthorize,Cake\Auth $_authorizationProvider | ||
리턴 | Cake\Auth\BaseAuthorize |
protected BaseAuthorize[],Cake\Auth $_authorizeObjects | ||
리턴 | Cake\Auth\BaseAuthorize[] |
protected array $_defaultConfig | ||
리턴 | array |
protected StorageInterface,Cake\Auth\Storage $_storage | ||
리턴 | Cake\Auth\Storage\StorageInterface |
public array $allowedActions | ||
리턴 | array |
public Response,Cake\Network $response | ||
리턴 |