PHP Class Prado\Security\TAuthManager

TAuthManager performs user authentication and authorization for a Prado application. TAuthManager works together with a {@link IUserManager} module that can be specified via the {@link setUserManager UserManager} property. If an authorization fails, TAuthManager will try to redirect the client browser to a login page that is specified via the {@link setLoginPage LoginPage}. To login or logout a user, call {@link login} or {@link logout}, respectively. The {@link setAuthExpire AuthExpire} property can be used to define the time in seconds after which the authentication should expire. {@link setAllowAutoLogin AllowAutoLogin} specifies if the login information should be stored in a cookie to perform automatic login. Enabling this feature will cause that {@link setAuthExpire AuthExpire} has no effect since the user will be logged in again on authentication expiration. To load TAuthManager, configure it in application configuration as follows,
Since: 3.0
Author: Qiang Xue ([email protected])
Inheritance: extends Prado\TModule
Exibir arquivo Open project: pradosoft/prado Class Usage Examples

Public Methods

Method Description
doAuthentication ( $sender, $param ) Performs authentication.
doAuthorization ( $sender, $param ) Performs authorization.
getAllowAutoLogin ( ) : boolean
getAuthExpire ( ) : integer
getLoginPage ( ) : string
getReturnUrl ( ) : string
getReturnUrlVarName ( ) : string
getUserKey ( ) : string
getUserManager ( ) : IUserManager
init ( $config ) Initializes this module.
leave ( $sender, $param ) Performs login redirect if authorization fails.
login ( $username, $password, $expire ) : boolean Logs in a user with username and password.
logout ( ) Logs out a user.
onAuthExpire ( $param ) Performs user logout on authentication expiration.
onAuthenticate ( $param ) Performs the real authentication work.
onAuthorize ( $param ) Performs the real authorization work.
setAllowAutoLogin ( $value )
setAuthExpire ( $value )
setLoginPage ( $pagePath ) Sets the login page that the client browser will be redirected to if login is needed.
setReturnUrl ( $value ) Sets the URL that the browser should be redirected to when login succeeds.
setReturnUrlVarName ( $value )
setUserManager ( $provider )
switchUser ( $username ) : boolean Switches to a new user.
updateSessionUser ( $user ) Updates the user data stored in session.

Protected Methods

Method Description
generateUserKey ( ) : string

Method Details

doAuthentication() public method

This is the event handler attached to application's Authentication event. Do not call this method directly.
public doAuthentication ( $sender, $param )

doAuthorization() public method

This is the event handler attached to application's Authorization event. Do not call this method directly.
public doAuthorization ( $sender, $param )

generateUserKey() protected method

Since: 3.1.1
protected generateUserKey ( ) : string
return string a key used to store user information in session

getAllowAutoLogin() public method

Since: 3.1.1
public getAllowAutoLogin ( ) : boolean
return boolean whether to allow remembering login so that the user logs on automatically next time. Defaults to false.

getAuthExpire() public method

Since: 3.1.3
public getAuthExpire ( ) : integer
return integer authentication expiration time in seconds. Defaults to zero (no expiration).

getLoginPage() public method

public getLoginPage ( ) : string
return string path of login page should login is required

getReturnUrl() public method

public getReturnUrl ( ) : string
return string URL that the browser should be redirected to when login succeeds.

getReturnUrlVarName() public method

public getReturnUrlVarName ( ) : string
return string the name of the session variable storing return URL. It defaults to 'AppID:ReturnUrl'

getUserKey() public method

Since: 3.1.1
public getUserKey ( ) : string
return string a unique variable name for storing user session/cookie data

getUserManager() public method

public getUserManager ( ) : IUserManager
return IUserManager user manager instance

init() public method

This method is required by the IModule interface.
public init ( $config )

leave() public method

This is the event handler attached to application's EndRequest event. Do not call this method directly.
public leave ( $sender, $param )

login() public method

The username and password will be used to validate if login is successful. If yes, a user object will be created for the application.
public login ( $username, $password, $expire ) : boolean
return boolean if login is successful

logout() public method

User session will be destroyed after this method is called.
public logout ( )

onAuthExpire() public method

An 'OnAuthExpire' event will be raised if there is any handler attached to it.
public onAuthExpire ( $param )

onAuthenticate() public method

An OnAuthenticate event will be raised if there is any handler attached to it. If the application already has a non-null user, it will return without further authentication. Otherwise, user information will be restored from session data.
public onAuthenticate ( $param )

onAuthorize() public method

Authorization rules obtained from the application will be used to check if a user is allowed. If authorization fails, the response status code will be set as 401 and the application terminates.
public onAuthorize ( $param )

setAllowAutoLogin() public method

Since: 3.1.1
public setAllowAutoLogin ( $value )

setAuthExpire() public method

Since: 3.1.3
public setAuthExpire ( $value )

setLoginPage() public method

Login page should be specified in the format of page path.
See also: TPageService
public setLoginPage ( $pagePath )

setReturnUrl() public method

Sets the URL that the browser should be redirected to when login succeeds.
public setReturnUrl ( $value )

setReturnUrlVarName() public method

public setReturnUrlVarName ( $value )

setUserManager() public method

public setUserManager ( $provider )

switchUser() public method

This method will logout the current user first and login with a new one (without password.)
public switchUser ( $username ) : boolean
return boolean if the switch is successful

updateSessionUser() public method

Updates the user data stored in session.
public updateSessionUser ( $user )